Scott Hanselman

Introducing Azure Resource Explorer for the Azure Resource Management APIs

April 9, '15 Comments [10] Posted in Azure | Web Services
Sponsored By

When managing Azure resources (Virtual Machines, Web Apps, etc) I like to do most of my work in Azure from the command line using the "Azure xplat cli" - the Azure Cross Platform Command Line Interface. It's an Open Source node.js app that you can get with "npm install -g azure-cli" and it calls the backend REST services that all of Azure uses to manage itself. In fact, when you are using the Azure Portal it's calling the same backend.

It's mostly an "Azure Noun Verb" structure, as you can see in the figure below. You can Azure Site Create or Azure VM Restart, etc.

Azure Command Line Syntax

You can ALSO add --json to the xplat cli to see a JSON representation of the result of your call. So Azure Site List --json gives you a lot more information than without the json switch.

There's a PowerShell interface to Azure, this xplat nodejs one I'm using, as well as other libraries like the Azure Management Libraries for .NET again, all calling the backend REST API.

However, that REST API is huge and confusing. Enter David Ebbo, a Principal Development Lead on the Azure App Platform. He's made the Azure Resource Explorer at https://resources.azure.com as a great way to explore the Azure Resource Management APIs visually and interactively!

And, wait for it, Azure Resource Explorer is, of course, Open Source and hosted here at GitHub https://github.com/projectkudu/ARMExplorer. It's a preview/beta and not done, but we're all interested in what YOU think! Does it do what you'd expect? Feel free to add issues and get involved in the repository.

Go hit http://resources.azure.com/ and login with your Azure Credentials. It's an Object Explorer if you've ever used Visual Studio to move around a large object model, except this is a resource try of all the hypermedia nodes within your view of Azure.

Azure Resource Explorer

Here I am moving around my Web Applications that I host in the West US Region of Azure. I can see the deployment slots for staging and production, the source control system and web hooks that deploy my site and lots more. Notice that I can click Actions as well, and (when I turn Read-Only off) perform POST and DELETE calls that will affect my Azure resources.

If you're familiar with Postman, the REST API development tool, this is kind of like Postman for Azure. Here's a 5 min YouTube video by David Ebbo walking you through the Azure Resource Explorer.

To be clear, this is NOT a new Portal, and it IS very low level. This is a tool for folks who want to know what's really going on when an Azure API is called. Perhaps you're creating your own explorer or your own API client in another language. This tool can give you documentation and live examples on how to call those APIs correctly.

Again, it's Open Source and hosted here at GitHub. They would be thrilled to hear your thoughts. Is this useful? In what direction would you like it to go?

By the way, if you'd like to try Azure for an hour for free without signing up for any trials or anything, go check out http://try.azurewebsites.net and play! Also, check out Azure Friday at http://friday.azure.com and subscribe on iTunes.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by ORCS Web

On the importance of OpenSearch

April 3, '15 Comments [27] Posted in Open Source
Sponsored By

I'm a big fan of Open Search, the idea, the format, and the user experience it can enable. You start typing a domain you've hit before that you want to search within. When it starts autocompleting, you hit tab, and then type your search.

So, "stacko - TAB - json - ENTER" has me searching StackOverflow for json results. I don't have to google/bing and then add "site:stackoverflow.com" to my query. I don't have to hit the home page then look around for a search box. The site just includes a meta tag and an opensearch.xml file and poof, the site has taught my browser how to search. Once you've tried this, you'll find it hard to browse/search without. You'll prefer sites that include it and be frustrated with sites that don't. (More on that later.)

IMPORTANT UPDATE/NOTE: A buddy of mine points this out, and he's right. That said, I want to say that I like BOTH of them, and I'm very much enamored with the Tab Search feature.

"Just to be clear, these things are not the same thing.

  • OpenSearch is a format for specifying how to search a site. 
  • Tab Search is a particular UX for allowing you to do a search on a non-default search provider. It happens to use OpenSearch to learn how to search different search providers."
  • I setup OpenSearch at Hanselman.com back in 2009!

    Chrome has a great implementation of Open Search.

    Type, Tab, Type, Enter

    I just added a one line META tag and a static XML file. Boom.

    Your static XML file describes what the resulting URL should look like. Here's a small example.


    Hanselman Search
    Search Scott Hanselman's Blog

    http://www.hanselman.com/blog/favicon.ico
    UTF-8
    http://www.hanselman.com/

    This is such a clean and obvious user story. It makes your web browsing experience better.

    User wants to easily search within a site they visit often. Every browser and OS should support OpenSearch.

    Amazon used to support it but in the last year or so removed it in a homepage redesign. It's more than a little ironic that it was a9.com and Amazon.com that came up with OpenSearch and actually host the http://opensearch.org websites, but now the Amazon.com home page doesn't support it.

    If you work for Amazon and are reading this blog post, consider this your calling out. Please put OpenSearch back on Amazon.com.

    Dear Reader, take a minute and see if your favorite browser supports OpenSearch. If it does, try it out. If not, ask them for it. Same for your favorite sites. If you run a site, you can easily add OpenSearch in a few minutes.

    About Scott

    Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

    facebook twitter subscribe
    About   Newsletter
    Sponsored By
    Hosting By
    Dedicated Windows Server Hosting by ORCS Web

    Setting up a VPN and Remote Desktop back into your home with a Synology (from an iPhone)

    April 2, '15 Comments [27] Posted in Hardware | Open Source | Win8
    Sponsored By

    It's amazing that I can basically be my own IT Department. The kinds of things we can do in our homes as individuals with off-the-shelf hardware would have needed an IT Dept of a dozen just 10 years ago, ya know? Amazing.

    I wanted to be able to VPN into my home and remotely access my machines and files. I do very much realize there are a lot of different options to do this, and have been for years. From GoToMyPc to Hamachi, again, there's dozens of ways. I wanted a VPN solution I could use on my iPhone/iPad and Surface. I wanted it to be standards-based and not require any additional software installations.

    I have a a Synology 1511+ NAS appliance and I love it. It's not just a file server, it's an everything server, in my house. I use it for Plex, it hosts my files and photos, it manages my surveillance cameras and acts as a camera DVR, it runs a Minecraft Server, it's a Git server, it even runs Docker.

    The Synology will act as my VPN server as well.

    Here's how I set up four things. The Synology, my Router, my iOS device, and my Windows PC/Surface.

    The result is I can now remote into my home and manage things from any device I own.

    Setting up a Synology for L2TP VPN

    First, in the Synology Package Manager, ensure that you've got the Synology VPN Server package installed and running.

    Adding VPN Server on Synology

    You should give some though as to which VPN technique you want to use. I decided on L2TP, although there is some concern the NSA has weakened it. Benefits are that it's on all major platform, it's generally considered secure, and it's easy to setup.

    Select L2TP (or whatever you want), and Enable it. Notice also that I selected my INTERNAL DNS server. I found this worked best for me when trying to access internal resources. You can also setup a hosts file if you want to just hit a few things inside your house.

    L2TP in Synology

    Now click on Privilege. Just give the minimum privileges to the user that needs them. NO need to give VPN access to users who won't use it.

    VPN Server in Synology

    Setup your Router for VPN (L2TP)

    My router is a Linksys WRT1900ac that I like very much. It supports port forwarding, and the Synology can often talk directly to a router and request open ports. However, there's something to be said for handling things yourself. It lets you know exactly what's going on, and it can be less of a "black box."

    Login to your router and in this case of L2TP, forward UDP ports 1701, 500, and 4500. On my Linksys, it's under Security, Apps and Gaming.

    The Device IP is the internal IP address of your Synology. It's best to have your Synology use a Static IP address, or at least have a DHCP reservation so this IP doesn't change and things stop lining up.

    Port Forwarding in a Router

    Also, ensure that your Router is passing L2TP traffic as well. I changed this under Security.

    L2TP Passthrough

    At this point, you should be able to at least try to connect to your house via VPN. I did this as a quick test by taking my iPhone off the wireless networking (thereby being on the open internet) and VPN'ing back in.

    If you succeed, you should be able to see yourself in the VPN Server | Connection List area on our Synology.

    VPN Server

    Here's what I did on my iDevice to setup VPN.

    Setting up iOS/iPhone/IPad for VPN

    From the iOS Settings app, go General | VPN. Touch Add VPN Configuration. I selected L2TP and put in my Server name or IP and named the account "home."

    NOTE: If you don't want to use your IP address, you can use the Synology.me dynamic DNS feature built into your Synology, or any one of many dynamic DNS systems that will give you a nice domain like "myhanselmanhouse.foofoo.com" or whatever. You can also, if you like, setup a CNAME with your own domain and point it to that dynamic domain. So vpn.hanselman.com could be your server, if you wanted.

    With L2TP you'll need your username and password, as well as a Shared Secret. That's like another password. Specifically the Secret text box in iOS is the "pre-shared key" from your Synology L2TP VPN setup.

    Add VPN in iOS

    At this point you'll get a nice VPN option on your Settings app under Personal Hotspot that wasn't there before. You can turn it on and off now, easily.

    VPN Connecting in Settings

    Once I'm VPN'ed in I can see a [VPN] indicator in the top status bar. I've installed the FREE Microsoft Remote Desktop Client for iOS.

    RD Client on an iPhone - Remote Desktop

    And here's me VPN'ed into my home PC from my iPhone. This of course, can be done on Android and Windows Phone as well.

    Remoted into my desktop at home with RDP

    It looks small, but in reality it's very usable, especially from an iPad with a Bluetooth Keyboard.

    Setting up L2TP VPN on Windows 8.1

    Now I'll setup VPN back to home on my Windows 8.1 machine. For some reason this was super easy in Windows 7, but in Windows 8.1 there isn't a clear way to just add a L2TP VPN. You can add other simpler (or Vendor) VPNs in a straightforward manner, but not L2TP.

    Just hit the Windows key (or Start Menu) and type "Add VPN." When you get to the VPN management screen, you'll see this and can fill it out.

    Adding VPN

    But L2TP VPN setup with a pre-shared key requires some more work. If you know of a simpler way, let me know. I can see about three different ways to get to the same result.

    Go ahead and create a new VPN connection with the menu above. Select Microsoft as the VPN type and put in your server address and optionally name and password. This will create the VPN connection.

    Pay attention now. Go back to the Start Menu and type "Network Connection." You want the first item called "View Network Connection" (a classic control panel, not a fullscreen 'metro' one).

    Opening Network Connections

    From there, you'll open a classic control panel and see your VPN connection. Right click and click Properties.

    Network Connections with VPN

    Click Security, make sure L2TP is set, then click Advanced Settings.

    L2TP VPN in Windows 8'

    Put your pre-shared key there.

    Setting a preshared key

    Connect to your home VPN and have fun

    Of course, please do remember to use strong passwords, strong pre-shared keys, and change them. Don't be lazy.

    At this point you can connect to your home/office and work to your heart's content.

    VPN Connection in Windows 8

    For some of you this is "duh" or old hat, but for me it was something I just never got around to doing. Mostly laziness prevented. But just last week I had to drive 30 miles back to my house from a dinner in order to move a file from my Desktop into Dropbox. I'm pretty sure I'm not the only reasonably smart techie with a story like that. This VPN setup would have meant I could do that from my phone and it would have saved me a big hassle and over an hour of my time.

    RELATED LINKS

    About Scott

    Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

    facebook twitter subscribe
    About   Newsletter
    Sponsored By
    Hosting By
    Dedicated Windows Server Hosting by ORCS Web

    March was for Makers - Fantastic Hardware Tutorials, Videos, Podcasts and more!

    April 1, '15 Comments [2] Posted in Hardware
    Sponsored By
    Hanselman's Desk of Hardware

    I'd like to take a moment and be proud of myself and my friend Saron. This last month, March of 2015, we teamed up at decided to come up with a scheme to get folks excited about Making. By making, I mean creating physical things with hardware like Arduino, Raspberry Pi, soldering things, and generally using electricity and software to do awesome stuff.

    A lot of us are software engineers, but we don't realize how powerful we can feel when we do things with the software and hardware.

    Getting that LED to flash is just the beginning. When you can affect your physical world, the sense of empowerment is intoxicating. This is fantastic not only for old-timers like myself, but also young people and kids who may be looking into engineering as a career.

    All month long we did podcasts, blog posts, Twitter chats, and live Google hangouts, all with the goal to get you, dear reader, excited about hardware. I'm REALLY proud of what we accomplished. Note that we both do this on the side as volunteers while holding down regular jobs.

    Please Subscribe Now

    I don't think I ask you for much, but I will ask you right now to take a moment and subscribe to our two podcasts using your favorite podcast application:

    • CodeNewbie is the most supportive community of programmers and people learning to code. Tune in every week for stories about people on their coding journey.
    • Hanselminutes: Fresh Air for Developers is a weekly talk show that brings interesting people together to talk about the web, culture, education, technology and more.

    March Is For Makers

    Our little mini event was a great success, as far as we're concerned. We were not measuring things like page views, but rather excited people. Here's a few choice tweets.

    The http://www.marchisformakers.com site will continue to live on year-round with occasional updates, and we are planning next years event to be even bigger and more exciting. Until then, all of our content lives on.

    Here's some of the highlights of this fantastic month. You can get ALL the content on our site.

    And there's SO MUCH MORE.

    Again, please subscribe, and SHARE our adventure with your family, friends, teachers, students, kids, and others who you think would be great makers! #MarchIsForMakers.

    Related Links

    About Scott

    Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

    facebook twitter subscribe
    About   Newsletter
    Sponsored By
    Hosting By
    Dedicated Windows Server Hosting by ORCS Web

    Getting admin by adding a new user to sudoers when you're locked out of an Azure Linux VM

    March 17, '15 Comments [11] Posted in Azure | Open Source
    Sponsored By

    So I got locked out of an Ubuntu VM that's running in Azure  Long story, but an employee left and somehow the "admin" user I had access to no longer had "sudo" powers anymore. I needed to run apt-get update && apt-get upgrade but literally had no user available with admin on the box.

    If the machine was local, I could perhaps boot into recovery mode but this is a VM in the cloud.

    I do however, have access to the Azure portal because I do own the VM. While the operating system  doesn't think I'm powerful inside, I am powerful outside. ;)

    Corey Sanders, the head of the IAAS team was kind enough to remind me of the CustomScriptForLinux "VM Extension." VM Extensions can inject/install software like Chef and Puppet into VMs. I talked to Kundana Palagiri about this on Azure Friday (http://friday.azure.com)

    He pointed me to his "AddUser.sh" script on GitHub. It's pretty straightforward, but how do I run it?

    #!/bin/bash
    # Script to add a user to Linux system
    if [ $(id -u) -eq 0 ]; then
            username="$1"
            password="$2"
            echo "Creating $username"
            egrep "^$username" /etc/passwd >/dev/null
            if [ $? -eq 0 ]; then
                    echo "$username exists!"
                    exit 1
            else
                    pass=$(perl -e 'print crypt($ARGV[0], "password")' $password)
                    useradd -G adm,dialout,cdrom,floppy,sudo,audio,dip,video,plugdev,netdev -m -p $pass $username
                    [ $? -eq 0 ] && echo "User $username has been added to system!" || echo "Failed to add a $username!"
            fi
    else
            echo "Only root may add a user to the system"
            exit 2
    fi

    I don't have root, but Azure has root. Azure has all the power, in fact. I need to run this script with parameters (my new username and password) then SSH in and put things right. I can return my original user to sudoers:

    sudo adduser <username> sudo

    And there's other administration I may want to do, including deleting this user I just added. Doing this dance is how I'm going to regain access to my VM, though.

    NOTE: There are other ways to regain access to a Linux VM if you've lost a SSH Key or forgotten your password, like the VMAccess Extension in PowerShell. However, not everyone has a Windows machine, and I wanted in fast without any local setup. I'm going to use the Custom Script extension.

    First, I'll log into the Azure Portal at http://portal.azure.com and select the VM, then under All Settings, select Extensions. Click ADD and pick Custom Script for Linux.

    Adding Custom Script for Linux

    Note that my bash script has two parameters, so I'll put my preferred USERNAME and PASSWORD in the Arguments box there and hit done.

    Successfully added a VM Extension

    After it's done, I click look at the detailed results. Do note that the Azure Portal is called into the backend REST services that manage all of Azure so you can certainly script all of this if you need to.

    Script Success

    Now I can SSH into the machine (I use bitvise) and then add my original user back into sudoers.

    Adding user to group sudo

    At this point I can generally tidy up this machine and put it as it was. I've regained control of a Linux VM that I no long had root on.

    Please check out http://friday.azure.com, subscribe on iTunes, and tweet and tell your friends! There are over 150 episodes of Azure Friday, each just around 15 min long!


    Sponsor: Big thanks to Aspose for sponsoring the blog feed this week! Are you working with Files?Aspose.Total for .NET has all the APIs you need to create, manipulate and convert Microsoft Office documents and many other formats in your applications. Start a free trial today.

    About Scott

    Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

    facebook twitter subscribe
    About   Newsletter
    Sponsored By
    Hosting By
    Dedicated Windows Server Hosting by ORCS Web

    Disclaimer: The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.