Category: Microsoft
Category Archives: Microsoft
Connection to adversary-in-the-middle (AiTM) phishing site – sropq.com
Hello all,
I have a strange Defender alert.
User is opening SharePoint/OneDrive on a terminal server (RDP connection) with Mozilla Firefox and the event below appears.
Mozilla Firefox is stock and other users do not create this kind of alert.
There is no visible Add-on installed, which could cause this issue.
I cannot find any information about sropq.com
Connection to adversary-in-the-middle (AiTM) phishing site
sropq.com
188.114.96.4
firefox.exe (PID: 31868)
firefox.exe (PID: 7788)
188.114.97.4
Hello all,I have a strange Defender alert. User is opening SharePoint/OneDrive on a terminal server (RDP connection) with Mozilla Firefox and the event below appears.Mozilla Firefox is stock and other users do not create this kind of alert.There is no visible Add-on installed, which could cause this issue. I cannot find any information about sropq.com Connection to adversary-in-the-middle (AiTM) phishing sitesropq.com188.114.96.4firefox.exe (PID: 31868)firefox.exe (PID: 7788)188.114.97.4 Read More
The link does not work
I have received the link for the booking the meeting with me but the link does not work however the sender sent again new link , again does not work
I have received the link for the booking the meeting with me but the link does not work however the sender sent again new link , again does not work Read More
Teams Pro license
I’ve upgraded to pro teams license but even though i go into the admin centre and remove the standard teams license and assign the pro teams license, the Teams Admin Centre still shows standard. I’ve restart the devices too. Is there something else I need to do?
I have only done it a couple of hours ago so does it need more time maybe?
I’ve upgraded to pro teams license but even though i go into the admin centre and remove the standard teams license and assign the pro teams license, the Teams Admin Centre still shows standard. I’ve restart the devices too. Is there something else I need to do?I have only done it a couple of hours ago so does it need more time maybe? Read More
Diference between Screen and writing bar
Can anyone help me with the anomalous behavior of excel?
The typing bar does not indicate the same value as on the screen.
Example:
Can anyone help me with the anomalous behavior of excel?The typing bar does not indicate the same value as on the screen.Example: Read More
Lesson Learned #492: Improving Extended Events in Azure SQL
In the last months, our Product Team has been working to enhance Extended Events for Azure SQL as you could see in their blog: Improving Extended Events in Azure SQL – Microsoft Community Hub. These updates simplify monitoring and troubleshooting Azure SQL databases, offering a more SQL Server-like experience and enabling more granular control over events and sessions.
These improvements include:
Direct Event Data Visualization in SSMS: Users can now view event data directly in SQL Server Management Studio (SSMS) without downloading files, streamlining the monitoring process.
Real-Time Data Viewing: The ability to see event data in real time aids in immediate diagnostics and troubleshooting.
XEvent Profiler and Histogram Targets: The inclusion of XEvent Profiler provides a simplified way to monitor and analyze workloads, while histogram targets offer better insights into event data distributions.
Enhanced Diagnostics and Permissions: Improvements in diagnostics and permissions enable more effective problem resolution and greater control over event sessions.
Enjoy!
Microsoft Tech Community – Latest Blogs –Read More
Observability, security, and AI revolutionize DevSecOps and platform engineering on Microsoft Azure
In this guest blog post, Jay Gurbani, Global Technical Alliance Manager at Dynatrace, discusses how observability goes beyond traditional monitoring, allowing teams to rapidly detect and resolve issues. Dynatrace Service on Microsoft Azure offers a unified solution containing these key ingredients for DevSecOps and platform engineering success.
In the fast-evolving landscape of cloud-native technology and software delivery, DevOps and platform engineering are foundational. Yet, to ensure reliability, security, and efficiency, these practices require additional support. One crucial investment is observability.
Observability goes beyond traditional monitoring, offering a comprehensive view of system performance and behavior. It includes metrics, logs, traces, topology mapping, code-level details, and user experience metrics. This real-time awareness enables teams to rapidly detect and resolve issues, crucial for maintaining the agility and reliability central to DevOps and platform engineering.
Observability also acts as a launchpad for maturing DevOps and platform engineering. shows organizations actively use observability data to drive automation decisions, automate release validation, identify bottlenecks, and automate delivery pipelines.
Observability and DevSecOps: a shift-left approach
Observability empowers teams to embrace a shift-left approach, taking proactive measures early in the software development life cycle (SDLC). This approach, integral to DevSecOps, ensures optimal software functioning and quick issue resolution, fostering a culture of shared responsibility for software and infrastructure integrity.
Without observability, executing a DevSecOps approach becomes increasingly difficult. Lack of insights leads to inefficient management and resolution of vulnerabilities, attacks, and threats. Conversely, with observability providing clear insights, teams can immediately address issues, preserving resources and enabling DevSecOps at scale.
Observability and platform engineering: efficiency unleashed
Platform engineering teams benefit immensely from observability, which goes beyond monitoring infrastructure health to providing insights for capacity management, performance optimization, compliance, and other critical aspects. For example, observability can track and analyze usage data to help engineers understand when and how to scale resources based on system demand, enabling confident execution of high-importance tasks.
The role of AI in DevSecOps
When integrated into DevSecOps, artificial intelligence (AI) transforms data into actionable insights, automating workflows across development, security, and operations. Causal AI, combined with machine learning-based algorithms, analyzes vast datasets in real time, providing precise answers driven by root cause analysis. This capability is monumental, providing in-depth context around system issues and anomalies.
Informed by past performances, predictive AI forecasts future system needs, fostering a proactive approach to system health and maintenance. These capabilities minimize disruptions, cyberattacks, and downtime by identifying potential issues before they escalate.
The role of AI in platform engineering
For platform engineers, AI optimizes resource allocation and scalability, and introduces autonomous operations. AI-driven insights enhance system reliability and overall platform resilience, enabling intelligent resource allocation for optimal scaling without human intervention. Automated rollbacks or rollouts based on observability data enhance system reliability and overall platform resilience.
Observability, cloud, and AI: a powerful combination
Together, observability, security, and AI redefine DevOps and platform engineering, accelerating software delivery and fortifying tech stacks and applications against emerging security challenges. This synergy is essential for organizations navigating modern software development and infrastructure management as we continue to shift to the cloud.
Dynatrace on Microsoft Azure offers a unified solution containing these key ingredients for DevSecOps and platform engineering success. With end-to-end observability powered by hypermodal AI and built-in security analytics and protection, Dynatrace empowers organizations with the capabilities needed to unlock agility, efficiency, and scale in the modern business landscape.
Download the free report: DevOps Automation Pulse: the current state of DevOps Automation
Microsoft Tech Community – Latest Blogs –Read More
Laptop Studio 2 Windows Hello PIN Subsystem Smartcard Error
Authentication via Windows Hello PIN is not working.
The error message says: ‘An error has occurred in the Smartcard subsystem.’ However, I am not using a Smartcard and do not wish to use one. I checked the Device Manager to see if there was a driver for the Smartcard that I could uninstall, but there isn’t one. After looking at the services and stopping the ‘SmartCard’ service, the option for the PIN in User Account Control is no longer displayed.
Can anyone help me with this problem?
Cheers
Ben
Authentication via Windows Hello PIN is not working.The error message says: ‘An error has occurred in the Smartcard subsystem.’ However, I am not using a Smartcard and do not wish to use one. I checked the Device Manager to see if there was a driver for the Smartcard that I could uninstall, but there isn’t one. After looking at the services and stopping the ‘SmartCard’ service, the option for the PIN in User Account Control is no longer displayed. Can anyone help me with this problem? CheersBen Read More
Stop Users Adding Exchange Email Addresses
Hi All,
Is there a way to stop users in Outlook 365 from adding Exchange email addresses that are not their sign in address??
or is there a way to just block the accounts wizard?
I know we can block a range of other email address types, but I don’t want people adding any other mailboxes to their work PC’s.
Hopefully someone has an answer.
Thanks!
Hi All, Is there a way to stop users in Outlook 365 from adding Exchange email addresses that are not their sign in address??or is there a way to just block the accounts wizard? I know we can block a range of other email address types, but I don’t want people adding any other mailboxes to their work PC’s. Hopefully someone has an answer. Thanks! Read More
Generate bacpac file or restore whole database SQL Server version 2003
Hi,
I want to take backup of my databases which are currently in SQL Server Management studio version 2003. And want to copy all those database into SQL Server 2016. How I can do that?
It would be great If you guide step by step.
Hi, I want to take backup of my databases which are currently in SQL Server Management studio version 2003. And want to copy all those database into SQL Server 2016. How I can do that?It would be great If you guide step by step. Read More
Ability to “Save” a channel message post in New Teams
In the Classic Microsoft Teams, you could “save” a message in a channel post for easy follow-up. This is still not available in the New Teams. Is this on the roadmap? If not, please add it asap as many users ask for it.
In the Classic Microsoft Teams, you could “save” a message in a channel post for easy follow-up. This is still not available in the New Teams. Is this on the roadmap? If not, please add it asap as many users ask for it. Read More
Merging Columns in Excel
Hello –
I have a data set of around 19,000 rows of data, including addresses which span across 50 columns.
What I am trying to achieve, is for excel to review each row within the 50 columns specifically and return into a single cell any of the address information found within the 50 columns. I’m aware of the concate method, but was seeing if there was a more simpler way of extracting the data?
I’ve added an example (on a smaller scale) which may be useful to visually see, with a desired outcome in column S.
Thanks for any help!
Hello – I have a data set of around 19,000 rows of data, including addresses which span across 50 columns. What I am trying to achieve, is for excel to review each row within the 50 columns specifically and return into a single cell any of the address information found within the 50 columns. I’m aware of the concate method, but was seeing if there was a more simpler way of extracting the data? I’ve added an example (on a smaller scale) which may be useful to visually see, with a desired outcome in column S. Thanks for any help! Read More
Macro Issue After Mac Excel 16.85 Update
Hello friends,
The macros that used to work in Mac Excel 16.84 no longer function after the 16.85 Excel update on 05/18/2024. When I click the buttons, the Visual Basic editor opens and gives an “invalid procedure call or argument” error. Even when I right-click the button and select “assign macro,” the macro assignment form that opens does not display the macros. The newly created macros do not appear and do not work either.
How can we solve this issue?
Thank you,
Hello friends,The macros that used to work in Mac Excel 16.84 no longer function after the 16.85 Excel update on 05/18/2024. When I click the buttons, the Visual Basic editor opens and gives an “invalid procedure call or argument” error. Even when I right-click the button and select “assign macro,” the macro assignment form that opens does not display the macros. The newly created macros do not appear and do not work either. How can we solve this issue?Thank you, Read More
Karpenter: Run your Workloads upto 80% Off using Spot with AKS
Introduction
At last year’s KubeCon North America, Microsoft announced the adoption of Karpenter in Azure Kubernetes Service (AKS) as an alternative to the Cluster Autoscaler (CA), referred to as Node Autoprovisioning (NAP). While Cluster Autoscaler has been the default node scaler in AKS/Kubernetes, there have been significant challenges that led to the adoption of Karpenter. This post delves into these challenges and explores how Karpenter addresses them.
Challenges with Cluster Autoscaler
Here is Node Autosclaing flow chart for Cluster-Autoscaler
Limited to VMSS Groups: Cluster Autoscaler can only operate with Virtual Machine Scale Sets (VMSS) in AKS. Each VMSS consists of a specific group of VM instances with a specific VM SKU, hardware, and CPU:Memory ratio (e.g., Standard D4sv5 with 4 CPUs and 16 GB RAM).
2. Node Latency: CA triggers the node pool API, which calls the VMSS instance API. This scaling process has latency, taking over a minute for a node to be ready in AKS.
3. Node Pool Constraints: When deploying new pods, if the existing node capacity is exhausted, CA attempts to spin up a new node of the same VMSS SKU type. If that instance is unavailable, pods remain in a pending state.
4. Scalability Limitations: CA can only scale up based on specific node pool SKU VMSS availability. It cannot leverage the capacity of other VM SKUs even if they have available resources.
Introducing Karpenter (Node Autoprovisioning)
Karpenter is an efficient node autoscaler for Kubernetes clusters, designed to optimize performance and cost. It can scale up and down worker nodes faster than Cluster Autoscaler and can launch appropriate individual nodes without creating traditional node groups in AKS.
Key Features of Karpenter:
Efficiency: Faster scaling of Kubernetes nodes.
Flexibility: Launches nodes without needing VMSS.
Cost Optimization: Reduces overall costs and helps with patching of node images and Kubernetes versions.
Nodepool YAML based config which defined what types of nodes it can provision
Handling Disruptions
Disruption Controller responsible for Terminating/Replacing nodes in kubernetes cluster.
its uses one of 3 automated methods to finalise which nodes to handle via Disruption controller
Expiration: Karpenter will mark nodes as expired and disrupt them after they have lived a set number of seconds. this parameters act as TTL for k8s nodes
spec:
disruption:
consolidationPolicy: WhenUnderutilized
expireAfter: 300s
Consolidateafter: it used to configure disrupiton interval,amount of time it should wait before considering disruption cycle again
Consolidation: It operates to actively reduce cluster cost by analyzing nodes
Consolidation policy has two modes
a)When Empty: Karpenter will only disrupt nodes with no workloads pods
b)Whenunderutilized: It will attempt to reduce/replace nodes when underutilised
apiVersion: karpenter.sh/v1beta1
kind: NodePool
metadata:
name: ondemand
spec:
disruption:
consolidationPolicy: WhenEmpty
consolidateAfter: 60s
Enable NAP(Karpenter) on AKS
There are few pre requisites to enable NAP on AKS
Install Az CLI with preview extension of version greater than 0.5.17
Regsiter NAP provides called “NodeAutoProvisioningPreview”
AKS with network configuration as Cilium + Overlay
Enable NAP on existing AKS cluster
Make sure existing AKS cluster has ‘Azure’ network plugin with Cilium as Network Policy. Key thing in this command is feature flag ‘–node-provisioning-mode Auto’, which set NAP as default Node Autoscaler
az aks update –name aksclustername –resource-group rgname –node-provisioning-mode Auto
Deploy NAP with new AKS cluster
az aks create –name aksclustername–resource-group rgname–node-provisioning-mode Auto –network-plugin azure –network-plugin-mode overlay –network-dataplane cilium
Verify Karpenter Enablement:
kubectl api-resources | grep -e aksnodeclasses -e nodeclaims -e nodepools
aksnodeclasses aksnc,aksncs karpenter.azure.com/v1alpha2 false AKSNodeClass
nodeclaims karpenter.sh/v1beta1 false NodeClaim
nodepools karpenter.sh/v1beta1 false NodePool
Disabling Cluster-Autoscaler
To switch from Cluster-Autoscaler to Karpenter, disable Cluster-Autoscaler on your AKS cluster:
az aks update –name aksclustername –resource-group aksrg –disable-cluster-autoscaler
Deploying a Sample Application
To see Node-Autoprovisioning in action, deploy a sample application:
osama [ ~ ]$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
aks-default-h2jxh Ready agent 35m v1.27.9
aks-nodepool1-41633911-vmss000000 Ready agent 3d19h v1.27.9
Scale replicas of Vote Application to trigger scale out events
osama [ ~ ]$ kubectl scale deployment azure-vote-front –replicas=12 -n karpenter-demo-ns
^[[Adeployment.apps/azure-vote-front scaled
osama [ ~ ]$ kubectl scale deployment azure-vote-back –replicas=12 -n karpenter-demo-ns
deployment.apps/azure-vote-back scaled
Verify auto scaling of nodes by reading via karpenter using below kubectl cmd
kubectl get events -A –field-selector source=karpenter –sort-by=’.lastTimestamp’ -n 10
NAMESPACE LAST SEEN TYPE REASON OBJECT MESSAGE
default 50m Normal Unconsolidatable nodeclaim/default-95f54 SpotToSpotConsolidation is disabled, can’t replace a spot node with a spot node
default 50m Normal Unconsolidatable node/aks-default-95f54 SpotToSpotConsolidation is disabled, can’t replace a spot node with a spot node
default 38m Normal DisruptionBlocked nodepool/default No allowed disruptions due to blocking budget
default 5m33s Normal Unconsolidatable nodeclaim/default-h2jxh Can’t remove without creating 2 candidates
default 5m33s Normal Unconsolidatable node/aks-default-h2jxh Can’t remove without creating 2 candidates
default 2m12s Normal DisruptionBlocked nodepool/system-surge No allowed disruptions due to blocking budget
karpenter-demo-ns 63s Normal Nominated pod/azure-vote-front-6855444955-bnq7p Pod should schedule on: nodeclaim/default-mrh7w
karpenter-demo-ns 63s Normal Nominated pod/azure-vote-front-6855444955-gbwk6 Pod should schedule on: nodeclaim/default-mrh7w
karpenter-demo-ns 63s Normal Nominated pod/azure-vote-front-6855444955-l2bgj Pod should schedule on: nodeclaim/default-mrh7w
karpenter-demo-ns 63s Normal Nominated pod/azure-vote-front-6855444955-nvc56 Pod should schedule on: nodeclaim/default-mrh7w
karpenter-demo-ns 63s Normal Nominated pod/azure-vote-front-6855444955-22glj Pod should schedule on: nodeclaim/default-mrh7w
karpenter-demo-ns 63s Normal Nominated pod/azure-vote-front-6855444955-sxdl6 Pod should schedule on: nodeclaim/default-mrh7w
karpenter-demo-ns 63s Normal Nominated pod/azure-vote-front-6855444955-t69w4 Pod should schedule on: nodeclaim/default-mrh7w
Customise Karpenter Config
Karpenter leverage new resource type in kubernetes Kind i.e. Nodepools
Customise Nodepools: Specific specific VM series or VM family or even Specific CPU or Memory ratio.
Select node based on features sets like GPU enable or Network Acceleration
Defined Archiecture of CPU type either ARM or AMD based on capablity of specfic workload
Architect your nodes for resiliency by configure zone topology
Limit numbers of CPU & Memory could be utilised from nodes on nodelevel
Here is default Nodepool Yaml for karpenter(NAP), Which has confiuration on Node SKU types and Capacity, Also limit on nodes CPU:Memory along with Weight incase of Multiple nodepools
apiVersion: karpenter.sh/v1beta1
kind: NodePool
metadata:
name: default
spec:
disruption:
consolidationPolicy: WhenUnderutilized
expireAfter: 10s
template:
spec:
nodeClassRef:
name: default
# Requirements that constrain the parameters of provisioned nodes.
# These requirements are combined with pod.spec.affinity.nodeAffinity rules.
# Operators { In, NotIn, Exists, DoesNotExist, Gt, and Lt } are supported.
# https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#operators
requirements:
– key: kubernetes.io/arch
operator: In
values:
– amd64
– key: kubernetes.io/os
operator: In
values:
– linux
– key: karpenter.sh/capacity-type
operator: In
values:
– ondemand
– key: karpenter.azure.com/sku-family
operator: In
values:
– E
– D
– key: karpenter.azure.com/sku-name
operator: In
values:
– Standard_E2s_v5
– Standard_D4s_v3
limits:
cpu: “1000”
memory: 1000Gi
weight: 100
Using Spot Node with Karpenter
Add toleration in Sample AKS-Vote application i.e. “karpenter.sh/disruption:NoSchedule” which comes as default in spot node when provision with AKS Cluster
Please refer my github repo for Application yaml and sample nodepool config
spec:
nodeSelector:
“kubernetes.io/os”: linux
tolerations:
– key: “kubernetes.azure.com/scalesetpriority”
operator: “Equal”
value: “spot”
effect: “NoSchedule”
containers:
– name: azure-vote-front
image: mcr.microsoft.com/azuredocs/azure-vote-front:v1
Scale down your application replicas to allow Karpenter to evict existing on-demand nodes and replace them with Spot nodes:
osama [ ~/karpenter ]$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
aks-nodepool1-41633911-vmss000000 Ready agent 3d21h v1.27.9
aks-nodepool1-41633911-vmss00000b Ready agent 24m v1.27.9
osama [ ~/karpenter ]$ kubectl get pods -n karpenter-demo-ns -o wide
No resources found in karpenter-demo-ns namespace.
osama [ ~/karpenter ]$ kubectl scale deployment azure-vote-back –replicas=10 -n karpenter-demo-ns
deployment.apps/azure-vote-back scaled
osama [ ~/karpenter ]$ kubectl scale deployment azure-vote-front –replicas=10 -n karpenter-demo-ns
deployment.apps/azure-vote-front scaled
osama [ ~/karpenter ]$
Deploy and scale vote application replicas so that karpenter spins up spot nodes based on nodepool configuration and schedule pods after toleration validation on spot
Karpenter spins up new spot nodes and Nominate that node for sceduling sample vote-app
osama [ ~/karpenter ]$ kubectl get events -A –field-selector source=karpenter –sort-by=’.lastTimestamp’
NAMESPACE LAST SEEN TYPE REASON OBJECT MESSAGE
karpenter-demo-ns 104s Normal Nominated pod/azure-vote-back-687ddb67bd-pz8sp Pod should schedule on: nodeclaim/default-52gbg
karpenter-demo-ns 104s Normal Nominated pod/azure-vote-back-687ddb67bd-ckdcq Pod should schedule on: nodeclaim/default-52gbg
karpenter-demo-ns 104s Normal Nominated pod/azure-vote-back-687ddb67bd-v9nqj Pod should schedule on: nodeclaim/default-52gbg
karpenter-demo-ns 104s Normal Nominated pod/azure-vote-back-687ddb67bd-vswvs Pod should schedule on: nodeclaim/default-52gbg
karpenter-demo-ns 104s Normal Nominated pod/azure-vote-back-687ddb67bd-lnxmp Pod should schedule on: nodeclaim/default-52gbg
karpenter-demo-ns 104s Normal Nominated pod/azure-vote-back-687ddb67bd-jc2jz Pod should schedule on: nodeclaim/default-52gbg
karpenter-demo-ns 104s Normal Nominated pod/azure-vote-back-687ddb67bd-hwnbh Pod should schedule on: nodeclaim/default-52gbg
karpenter-demo-ns 104s Normal Nominated pod/azure-vote-back-687ddb67bd-r7msb Pod should schedule on: nodeclaim/default-52gbg
karpenter-demo-ns 104s Normal Nominated pod/azure-vote-back-687ddb67bd-96lm9 Pod should schedule on: nodeclaim/default-52gbg
karpenter-demo-ns 104s Normal Nominated pod/azure-vote-back-687ddb67bd-5qcvk Pod should schedule on: nodeclaim/default-52gbg
default 1s Normal DisruptionLaunching nodeclaim/default-bkz6c Launching NodeClaim: Expiration/Replace
default 1s Normal DisruptionWaitingReadiness nodeclaim/default-bkz6c Waiting on readiness to continue disruption
default 1s Normal DisruptionBlocked nodepool/system-surge No allowed disruptions due to blocking budget
default 1s Normal DisruptionWaitingReadiness nodeclaim/default-5vp7x Waiting on readiness to continue disruption
default 1s Normal DisruptionLaunching nodeclaim/default-5vp7x Launching NodeClaim: Expiration/Replace
Configuring Multiple NodePools
To configure separate NodePools for Spot and On-Demand capacity:
Spot nodes configure with E series VM “Standard E2s_v5” and OnDemand with D series VM as “Standard_D4s_v5”
In multi-nodepool scenario each nodepool needs to be configured with ‘Weight’ attribute, nodepool with highest weight would be priotized over another, here we have Spot node with weight:100 and ondemand with weight:60
osama [ ~ ]$ kubectl get nodepool default -o yaml
apiVersion: karpenter.sh/v1beta1
kind: NodePool
metadata:
name: default
spec:
disruption:
budgets:
– nodes: 100%
consolidationPolicy: WhenUnderutilized
expireAfter: 720h
template:
spec:
nodeClassRef:
name: default
requirements:
– key: kubernetes.io/arch
operator: In
values:
– amd64
– key: kubernetes.io/os
operator: In
values:
– linux
– key: karpenter.sh/capacity-type
operator: In
values:
– spot
– key: karpenter.azure.com/sku-family
operator: In
values:
– B
– key: karpenter.azure.com/sku-name
operator: In
values:
– Standard_B2s_v2
weight: 100
If we do not specify an explicit SKU name, Karpenter will consider the entire VM series.
To validate that the sample VoteApp is running on Spot nodes, use the following commands:
The output should indicate that the nodes are of capacity type “spot”:
osama [ ~ ]$ kubectl get pods -n karpenter-demo-ns -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
azure-vote-back-687ddb67bd-w7ghm 1/1 Running 0 63m 10.244.3.11 aks-default-5cr5f <none> <none>
azure-vote-front-6855444955-64558 1/1 Running 0 63m 10.244.3.168 aks-default-5cr5f <none> <none>
osama [ ~ ]$ kubectl describe node aks-default-5cr5f | grep karpenter.sh
karpenter.sh/capacity-type=spot
karpenter.sh/initialized=true
karpenter.sh/nodepool=default
karpenter.sh/registered=true
karpenter.sh/nodepool-hash: 12393960163388511505
karpenter.sh/nodepool-hash-version: v2
Simulating Spot Node Eviction
To test the spot eviction scenario, simulate a spot eviction using the Azure CLI:
osama [ ~ ]$ az vm simulate-eviction –resource-group MC_aks-lab_aks-karpenter_eastus –name aks-default-5cr5f
osama [ ~ ]$ date
Tue May 21 06:20:02 PM IST 2024
Monitor the availability of your VoteApp using a simple curl command:
while true; do echo “$(date) $(curl -s -v -o /dev/null -w ‘HTTP %{http_code}n’ http://voteapp.com 2>&1 | grep ‘HTTP’)”; sleep 2; done
After running the spot simulation, the existing node will be marked for termination, and a new Spot node will be created to schedule the VoteApp pods. Within less than a minute, the VoteApp should start responding with HTTP 200 status codes.
root@MININT-8C81HDE:/home/osamaex while true; do echo “$(date) $(curl -s -v -o /dev/null -w ‘HTTP %{http_code}n’ http://voteapp.com 2>&1 | grep ‘HTTP’)”; sleep 2; done
Tue May 21 18:20:04 IST 2024 > GET / HTTP/1.1
< HTTP/1.1 200 OK
HTTP 200
Tue May 21 18:20:07 IST 2024 > GET / HTTP/1.1
< HTTP/1.1 200 OK
HTTP 200
Tue May 21 18:20:09 IST 2024 > GET / HTTP/1.1
< HTTP/1.1 200 OK
HTTP 200
Tue May 21 18:20:12 IST 2024 HTTP 000 $Failure-Alert
Tue May 21 18:21:14 IST 2024 > GET / HTTP/1.1
< HTTP/1.1 200 OK $Successful-Response
HTTP 200
Tue May 21 18:22:58 IST 2024 > GET / HTTP/1.1
< HTTP/1.1 200 OK
HTTP 200
Check the events logged by Karpenter:
kuctl get events -A –field-selector source=karpenter –sort-by=’.lastTimestamp’
Results of events logged by karpenter to replace spot noded with ondemand
osama [ ~ ]$
NAMESPACE LAST SEEN TYPE REASON OBJECT MESSAGE
default 23s Warning FailedDraining node/aks-default-5cr5f Failed to drain node, 10 pods are waiting to be evicted
karpenter-demo-ns 22s Normal Evicted pod/azure-vote-back-687ddb67bd-w7ghm Evicted pod
karpenter-demo-ns 22s Normal Evicted pod/azure-vote-front-6855444955-64558 Evicted pod
karpenter-demo-ns 21s Normal Nominated pod/azure-vote-back-687ddb67bd-tb2pv Pod should schedule on: nodeclaim/default-6zkkl
karpenter-demo-ns 21s Normal Nominated pod/azure-vote-front-6855444955-7wzss Pod should schedule on: nodeclaim/default-6zkkl
Verify that the pods are running on the new Spot node:
kubectl get pods -n karpenter-demo-ns -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
azure-vote-back-687ddb67bd-tb2pv 1/1 Running 0 18m 10.244.2.103 aks-default-6zkkl <none> <none>
azure-vote-front-6855444955-7wzss 1/1 Running 0 18m 10.244.2.47 aks-default-6zkkl <none> <none>
Save Cost by utilizing Reserved Instance VM’s
NodePool configuration allows you to specify different VM series along with multiple VM SKUs. Create a separate NodePool with the highest weight value and specify all Reserved Instance VM SKU families or explicit SKU names using the karpenter.azure.com/sku-name or karpenter.azure.com/sku-familyparameter.
spec:
nodeClassRef:
name: default
requirements:
– key: kubernetes.io/arch
operator: In
values:
– amd64
– key: kubernetes.io/os
operator: In
values:
– linux
– key: karpenter.sh/capacity-type
operator: In
values:
– on-demand
– key: karpenter.azure.com/sku-family
operator: In
values:
– D
– key: karpenter.azure.com/sku-name
operator: In
values:
– [Standard_D2s_v3, Standard_D4s_v3, Standard_D8s_v3, Standard_D16s_v3, Standard_D32s_v3, Standard_D64s_v3, Standard_D96s_v3]
weight: 90
Conclusion
The adoption of Karpenter in AKS signifies a major advancement in node scaling efficiency, flexibility, and cost optimization. By addressing the limitations of the Cluster Autoscaler and introducing dynamic, rapid provisioning of nodes, Karpenter provides a robust solution for managing Kubernetes clusters. Its flexibility in handling different VM types, faster scaling capabilities, and cost optimization make it a valuable addition to Kubernetes cluster management. By leveraging Karpenter, organizations can achieve more responsive and cost-effective Kubernetes deployments.
Microsoft Tech Community – Latest Blogs –Read More
Who uses the Microsoft Purview Governance Portal
Hi there,
I am working with the Microsoft Purview Compliance Portal to protect sensitive data ect.
and lately I’ve been coming across the Microsoft Purview Governance Portal again and again, but I can’t really tell whether it’s relevant for me in terms of information security and data protection or whether it serves a completely different purpose. Does anyone know more than me?
Thank you very much 🙂
Hi there, I am working with the Microsoft Purview Compliance Portal to protect sensitive data ect. and lately I’ve been coming across the Microsoft Purview Governance Portal again and again, but I can’t really tell whether it’s relevant for me in terms of information security and data protection or whether it serves a completely different purpose. Does anyone know more than me?Thank you very much 🙂 Read More
Installing multiple instances of an app from the app store in Microsoft Teams
Our app is a bot that can be installed at our customer site multiple times with different names, icons and description supporting different part of their organisation. We have previously created only custom apps for our customers but there is a few steps involved with that and we are trying to reduce the complexity by using the app store to enable our customers to quickly install the app. We know that it is possible to provide the permissions to enable the admin to make changes to these parameters (changing name, description, icon of the app). However, we do not know if they can also install the app multiple times in their tenant from the Microsoft Teams app store. Anyone with experience on this topic and advise highly appreciated.
Our app is a bot that can be installed at our customer site multiple times with different names, icons and description supporting different part of their organisation. We have previously created only custom apps for our customers but there is a few steps involved with that and we are trying to reduce the complexity by using the app store to enable our customers to quickly install the app. We know that it is possible to provide the permissions to enable the admin to make changes to these parameters (changing name, description, icon of the app). However, we do not know if they can also install the app multiple times in their tenant from the Microsoft Teams app store. Anyone with experience on this topic and advise highly appreciated. Read More
Combining Average and If functions with multiple conditions
As shown in the screen shot attached. I am trying to write a formula that will calculate the average of stops per hour for all rows that contain D01:D05 but only the values from 20/05/2024.
Is this possible ? hoping to automate the calculations as much as possible to save time.
As shown in the screen shot attached. I am trying to write a formula that will calculate the average of stops per hour for all rows that contain D01:D05 but only the values from 20/05/2024. Is this possible ? hoping to automate the calculations as much as possible to save time. Read More
New Software with Heuristic Flag – Less offensive messages desired
Please change the message of Microsoft Defender on new software detections.
Because, the message is offending to unknown but possibly good, to check, and whitelist,
new software, it takes over 3 weeks of support email explaining and sending source code to clear the listing.
Please change the Heuristic Scan flag on New Software to something like:
“This flags on Heuristic Scan. This file is new, and unknown to our libraries. This may or may not harm your computer. This may or may not work as intended. Please proceed with caution.”
instead of the now showing message:
“Trojan: (random names).”
“This program is dangerous and executes commands from an attacker.”
because, this shows on *any* new software that flags for Heuristic Reasons,
that new software is unknown but does not need to be a Trojan or Attacker.
The message is too conclusive and possibly offending.
It takes (over) 3 weeks of stress to clear the offense.
Please change the message of Microsoft Defender on new software detections.Because, the message is offending to unknown but possibly good, to check, and whitelist,new software, it takes over 3 weeks of support email explaining and sending source code to clear the listing. Please change the Heuristic Scan flag on New Software to something like:”This flags on Heuristic Scan. This file is new, and unknown to our libraries. This may or may not harm your computer. This may or may not work as intended. Please proceed with caution.”instead of the now showing message:”Trojan: (random names).””This program is dangerous and executes commands from an attacker.”because, this shows on *any* new software that flags for Heuristic Reasons,that new software is unknown but does not need to be a Trojan or Attacker.The message is too conclusive and possibly offending.It takes (over) 3 weeks of stress to clear the offense. Read More
Simple Document Level AddIn results in COMException (Office 2016 C2R 16.0.17531.20120).
A simple Document Level AddIn results in COMException.
The code below results in COMException with 16.0.17531.20120(2024/4/29) or newer version.
But it works fine with 16.0.17425.20176(2024/4/9) or older version.
When I activate 16.0.17531.20120 with Microsoft 365 account, the code works fine.The COMException seems to depends on Office Activation Methods. Activated using Office2016-product-code results in failure, Activated using Microsoft 365 results in success.
I can’t believe that such a quite simple code could fail !!
However, I tried it on several other PCs and it still failed.
Could anybody help me?
Thanks in advance!!
## Code
private void ThisDocument_Startup(object sender, System.EventArgs e)
{
this.ActionsPane.Clear();
}
## StackTrace
System.Runtime.InteropServices.COMException: ‘Exception from HRESULT :0x800A17D9’
at Microsoft.VisualStudio.Tools.Office.Runtime.Interop.IActionsPaneSite.SetClient(IntPtr control)
at Microsoft.Office.Tools.ActionsPaneInternal.HookupSmartPane()
at Microsoft.Office.Tools.DockableControlCollection.Add(Control value)
at WordDocument1.ThisDocument.ThisDocument_Startup(Object sender, EventArgs e) at D:WordDocument1WordDocument1ThisDocument.cs:line 24
at Microsoft.Office.Tools.Word.DocumentImpl.OnStartup()
at Microsoft.Office.Tools.Word.DocumentImpl.DocumentExtensionImpl.Microsoft.Office.Tools.EntryPoint.OnStartup()
at Microsoft.Office.Tools.Word.DocumentBase.OnStartup()
at WordDocument1.ThisDocument.FinishInitialization() at D:WordDocument1WordDocument1ThisDocument.Designer.cs:line 57
at Microsoft.Office.Tools.Word.DocumentBase.Microsoft.Office.Tools.EntryPoint.FinishInitialization()
at Microsoft.VisualStudio.Tools.Office.Runtime.DomainCreator.ExecuteCustomization.ExecutePhase(ExecutionPhases executionPhases)
at Microsoft.VisualStudio.Tools.Office.Runtime.DomainCreator.ExecuteCustomization.Microsoft.VisualStudio.Tools.Office.Runtime.Interop.IExecuteCustomization2.ExecuteEntryPoints()
A simple Document Level AddIn results in COMException. The code below results in COMException with 16.0.17531.20120(2024/4/29) or newer version.But it works fine with 16.0.17425.20176(2024/4/9) or older version.When I activate 16.0.17531.20120 with Microsoft 365 account, the code works fine.The COMException seems to depends on Office Activation Methods. Activated using Office2016-product-code results in failure, Activated using Microsoft 365 results in success. I can’t believe that such a quite simple code could fail !!However, I tried it on several other PCs and it still failed. Could anybody help me?Thanks in advance!! ## Codeprivate void ThisDocument_Startup(object sender, System.EventArgs e){ this.ActionsPane.Clear();} ## StackTraceSystem.Runtime.InteropServices.COMException: ‘Exception from HRESULT :0x800A17D9’at Microsoft.VisualStudio.Tools.Office.Runtime.Interop.IActionsPaneSite.SetClient(IntPtr control)at Microsoft.Office.Tools.ActionsPaneInternal.HookupSmartPane()at Microsoft.Office.Tools.DockableControlCollection.Add(Control value)at WordDocument1.ThisDocument.ThisDocument_Startup(Object sender, EventArgs e) at D:WordDocument1WordDocument1ThisDocument.cs:line 24at Microsoft.Office.Tools.Word.DocumentImpl.OnStartup()at Microsoft.Office.Tools.Word.DocumentImpl.DocumentExtensionImpl.Microsoft.Office.Tools.EntryPoint.OnStartup()at Microsoft.Office.Tools.Word.DocumentBase.OnStartup()at WordDocument1.ThisDocument.FinishInitialization() at D:WordDocument1WordDocument1ThisDocument.Designer.cs:line 57at Microsoft.Office.Tools.Word.DocumentBase.Microsoft.Office.Tools.EntryPoint.FinishInitialization()at Microsoft.VisualStudio.Tools.Office.Runtime.DomainCreator.ExecuteCustomization.ExecutePhase(ExecutionPhases executionPhases)at Microsoft.VisualStudio.Tools.Office.Runtime.DomainCreator.ExecuteCustomization.Microsoft.VisualStudio.Tools.Office.Runtime.Interop.IExecuteCustomization2.ExecuteEntryPoints() Read More
How do I fix QuickBooks error PS038 when downloading tax table updates
I’m encountering QuickBooks error PS038 when trying to download tax table updates. How can I resolve this issue quickly?
I’m encountering QuickBooks error PS038 when trying to download tax table updates. How can I resolve this issue quickly? Read More
