Friday, July 6, 2018

AWS - Basic EC2 / Snapshot Cleanup

As you migrate from AWS to Azure ;) you may find that you need to clear up resources to save costs.

For example, you may continue to incur costs for snapshots after you de-provision your EC2 instances (virtual machines, for the lamen).

To clear out the snapshots you can use the AWS Powershell commands to clear out any snapshot older then 90 days.

See the example below - by default Get-EC2Snapshot will show all public snapshots, so the -owner self switch is required.
Get-EC2Snapshot -Owner self | ? { $_.StartTime -lt $(get-date).adddays(-90)} | Remove-EC2Snapshot
 This command may show an error indicating that a Snapshot is still in use.
Remove-EC2Snapshot : The snapshot snap-xxxxxx is currently in use by ami-xxxxxxx

This may indicate that the snapshot is still in use by the AMI. AMI stands for Amazon machine images and are required to launch a EC2 instance, or a copy of an existing EC2 instance. Luckily, once we launch the image and have EC2 instances running, we no loner need the source snapshot and AMI instance we created.

From AWS docs:

Next, we can unregister all of the EC2Images (AMIs). To do this we can run the command below:
Get-EC2Image -owner self | Unregister-EC2Image
And finally,
Get-EC2Snapshot -Owner self | ? { $_.StartTime -lt $(get-date).adddays(-90)} | Remove-EC2Snapshot

Sunday, March 4, 2018

Windows Monitoring in 2018 - LogicMonitor

Windows Monitoring in 2018 - BMC TrueSight Pulse

 This is the first part in a series for my evaluation of Windows monitoring tools.

You can review the original blog post here: Windows Monitoring in 2018

Today's featured offering is BMC TrueSight Pulse


"BMC TrueSight Pulse" is described as "Real time monitoring-as-a-service for web applications". The tools appears to be previously owned by a company called Boundary, as some of the documentation is labeled as such. Here's a really badly voiced over video that serves as an overview.

Given my features, here's what stacks up and what's lacking.


  • SaaS agent is lightweight and easy to install on Windows.
  • Integrations are done via plugin, which makes the agent light weight.
  • Cloud monitoring is supported on both AWS and Azure.
    • VM and SQL monitoring only for Azure.
  • Virtually no delays. Alerting can be done in as little as 1 second - data shows in the portal almost instantly and refreshes in real time.
  • The dashboards look beautiful.
  • Data appears to be kept for 4 months, which isn't great, but it's better than some tools.
  • End user experience monitoring, similar to NewRelic browser is included.
  • You can pull in custom performance counters and WMI with the Meter agent.
  • Really good introductory videos on the documentation website.
  • Integrates with Slack, PagerDuty, VictorOps, OpsGenie, etc. 
  • The agents or meters can be configured to send data to BMC's log analytics platform or TrueSight Intelligence.


  • Out of the box functionality is below average, for example, a plugin must be setup and targeted to get simple Disk usage. 
  • Plugins have different dependency requirements on the endpoint, for instance, node.js or python, which are most likely not installed if you're supporting Windows servers.
  • No automatic setup of monitoring with plugins, it appears to be a very manual process.
  • You must individually add devices to filters if they don't have the same naming collection.
  • Multi-tenant is clunky, it appears you must make separate accounts for each customer and jump between them.
  • There is a plugin for doing web tests, however there is no external webtesting option.

Final thoughts

BMC TrueSight Pulse is an exciting platform that I think could be really useful for some people in the digital age. However with there being basic limitations i'm not sure how well the product can scale. For example, creating monitors for specific processes, disk usage, and HTTP checks are a manual process, which isn't very condusive to an agile approach.

Windows Monitoring in 2018

The quest to find the perfect monitoring tool

I have begun a project in order to really work on re-vamping out monitoring. Frankly, I'm pretty tired of using Microsoft OMS and all of the pain that comes with it. Fortunately, there are a ton of tools out there, unfortunately a lot of them don't seem to fit our specific requirements. Enter our wanted features:

 Wanted features:

  • SaaS
    • It's 2018 after all.
    • Multi-tenant
    • I work for a Managed Service provider, and the more traditional tools don't really cover this.
    • We want the flexibility to install a lightweight agent, and get all of the information we need without spinning up a clunky virtual or even physical machine dedicated at each client site.
  • Automation
    • Personally, we're not there yet for Configuration management, so having a tool that can do simple automation would be a killer feature.
  • Inventory
    • It would be nice to get some basic inventory information, IP address, Server OS version, etc.
  • Patch management
    • 2018 - and I'm still doing patch management manually.
  • Web testing (local and remote)
    • Being able to do local webtest and figure out if a specific content delivery server is on the fritz is really helpful in troubleshooting.
    • Boring features such as DNS monitoring and certificate status monitoring.
  • Rich integrations
    • SOLR
    • MongoDB
    • .NET
    • MS SQL Server
    • Custom WMI or scripting monitoring capabilities.
  • Cloud monitoring
    • AWS
    • Azure
    • Also multi-tenant.
  • Key features that we care about
    • Minimum alerting time
    • Data retention
  • Other stuff for bonus points - but may be a long shot in a realistic world.
    • Log Analytic
    • APM
    • .NET, specifically.
    • Synthetics testing
    • Selenium based
Given my realistic and totally not overblown list of wanted features, I began to realize I wasn't going to get everything I wanted in one tool. The other thing I realized was that navigating and evaluating all of these tools by using Google wasn't going to work: I began to compile a spreadsheet of a ton of different tools and began a deep dive of each. I plan to share my findings for each tool in the coming weeks and outline where I think they win and lose.

ASP.NET Core - Notes on "MVC Basics" from the Little ASP.NET Core Book

Understanding ASP.NET core is one of my personal goals for this year. Coming from a background of Systems Administration, I've not had a lot of background in MVC programming. In finding a free resource, I quickly fell in love with the free book - The Little ASP.NET Core Book.

I thought that the introduction was great, and I wanted to create some notes around the core concepts introduced in the first major chapter, MVC Basics. There was a lot of information and I wanted to break everything down for my own personal knowledge and reference.

Key Concepts

MVC is a coding pattern heavily in use today which segments the code making it decoupled and less complex.
MVC stands for:
  • Model - Models hold data that is added to views (These are called view models) or data that is entered by the user.
  • View  - Views are HTML Templates + a Templating language such as Razor (In a word Razor is Csharp + HTML)
  • Controller - Controllers handle requests and make decision about which code to run.
The chapter focuses heavily on creating the basics for the AspNetCoreTodo project, and below I have included a summary on how each piece interacts with each other.
The following files are created or edited


  • ToDoController
    • Located under Controllers/TodoController.cs
    • This file creates a route to /Todo under the website. The /Index action is not listed in the URL as is the default behavior of ASP.NET core.
    • This file is the main controller file. As outlined by the comments this controller does the following:
      • //get todo items from database.
        • This ties everything in by using the Interface named ITodoItemService which uses the FakeTodoItemService service to pull in the hardcoded example tasks. These tasks are modeled by the TodoItem model.
      • //put items into a model
        • Create a new view model named TodoViewModel with the todoItems pulled from the ITodoItemService interface.
      • //Render view using the model
        • using the return statement it renders the view using the TodoViewModel.


  • TodoItem
    • Located under Models/TodoItem.cs
    • This is the "entity" or model representing the items stored in the database.
    • four properties of the class are defined each with getter / setter methods.
      • Id (Guid)
      • IsDone (bool)
      • Title (String)
      • DueAt (nullable datetimeoffset)
  • TodoViewModel
    • Located under Models/TodoViewModel.cs 
    • This is the view model. 
    • As the TodoItem only represents a single item, the TodoViewModel represents an array of the TodoItem entities.


  •  Index.cshtml
    • Located under Views/Todo/Index.cshtml
    • The view first uses the @model to bind the view model of the TodoViewModel
    • There is a for each statement that displays the Title and Due in a new row for each item in the array.


  • site.css
    • Located under wwwroot/css/site.css
    • The Site.CSS is edited to add some styling to the CSS elements used in the view.
  • ITodoItemService.cs
    • Located under Services/ITodoItemService.cs
    • This interface defines a definition or method signature for getting incomplete items, the GetIncompleteItemsAsync method.
  • FakeTodoItemService.cs
    • Located under Services/FakeTodoItemService.cs
      • This service is a fake service which always returns the same two items.
      • This service implements the ITodoItemService.
  • Startup.cs
    • Located under the root of the project.
    • You must specify that the FakeTodoItemService is used for the ITodoItemService interface.
    • This is done with dependency Injection.

Tuesday, January 2, 2018

Configuration Management with Salt Stack on Windows - Part 3 - Basic Configuration Management of Windows with Salt

In part 3 we're going to just scratch the surface of remote execution in Salt. We're going to accept the keys for the master server and  run basic tasks using the built in modules.

The minion automatically tries to contact the Master server. The master server must approve the minions "keys" before it can be managed.

On the master server you can view the keys by using the command
sudo salt-key -L

As you can see we need to accept the "keys"

You can accept the key by using the command
sudo salt-key -a WIN-R7RQM4ENMHS

If you use the parameter -A instead you can accept all keys.

To test that the minion is checking in you can use the following commands.
sudo salt '*' 

All modules can be found in the documentation:

Looking back at the tasks we want to accomplish, we can now accomplish these tasks with salt commands.
  • IIS configuration
  • Registry / File & User management
  • Patch status evaluation and configuration
To list all IIS sites, we can use the below command:
salt '*' iis.list_sites
There are a wealth of other tasks accomplish with the win_iis module:

To create an example user, we can use the below command:
sudo salt '*' user.add Testuser Password123!
sudo salt '*' user.addgroup Testuser 'Administrators' 
To download Windows updates, we can use the below command:
sudo salt '*' win_wua.list categories=['Security Updates'] severities=['Critical'] download=True
To install Windows updates, we can use the below command:
sudo salt '*' win_wua.list categories=['Security Updates'] severities=['Critical'] install=True
In part four - we're going to dive deeper into Salt fundamentals such as configuration management, grains, and pillars.

Friday, December 29, 2017

Configuration Management with Salt Stack on Windows - Part 2 - Configuring Salt Minion with Vagrant

This is part two of a series of basic configuration management for Saltstack for use in an Windows environment. In this guide we'll be covering the basics of setting up Salt Stack Windows minion on a test machine on Vagrant. Part 3 we will be diving into the meat and pushing some buttons automatically with the Salt Master.

In order to create a test minion, we'll be using a Windows Server 2012 R2 vagrant image.

vagrant init mwrock/Windows2012R2
vagrant up
 Once the machine is online you can login with vagrant / vagrant.

The download for the salt minion can be found on

Or the direct link:

The Windows installer is straightforward - just enter the Master IP or Hostname for the Salt server. We're not going over the internet, so I entered the Private IP. If you use the default "hostname" option, it will use the windows Hostname as the minion name.

The preferred method of installation would be to use the silent install parameters, which are listed below.
Salt-Minion-2017.7.2-Py2-AMD64-Setup.exe /S /master=yoursaltmaster /minion-name=hostname
Once the minion is installed, you can see the salt-minion displayed in services:

The Salt installation is default under C:\

The configuration under C:\salt\conf you can edit the minion_id file if you'd like to change the name.

In the next post, "Part 3 - Configuration Management of Windows with Vagrant." we'll be diving into Salt basics and example configuration management tasks.