How to block updates in Windows 10

Microsoft Windows 10 introduces seamless update installation – but what should you do if it’s installing an update or driver that keeps breaking your PC?

On the sly, Microsoft have announced a troubleshooter to block updates that might be giving you problems – yes, you heard me, a troubleshooter.

The article in question is titled: How to temporarily prevent a Windows or driver update from reinstalling in Windows 10 and is KB3073930.

Once there, scroll past the initial few paragraphs and click:

How to block updates in Windows 10

Download the linked file, run it, select Hide Updates then select the update that keeps breaking your machine to hide it until the next driver update that supersedes that is deployed. I personally was battling with an Atheros driver issue that has caused Blue Screen Of Death (BSOD) at every update/release on my trusty old Toshiba R850-169.

-Lewis

Handling website maintenance in IIS

I’m the proud owner of a few websites, all of which run from an IIS 8.5 server. I also help friends and family run a few sites from the same server and some are business sites that, ideally, shouldn’t be  offline for long periods of time. From time-to-time, that server needs a reboot for updates or some other type of maintenance. My friends and family are very understanding that, for the low-low price of free* they occasionally suffer downtime while I patch the server and give it a bounce so they suffer a little website maintenance message.

With some of the websites I help host being business sites, there’s half a chance that a search engine is crawling the site when I’m merrily going about my patching. Having a site become completely unresponsive, or worse, sending a 404 isn’t good for search rankings so it makes sense to use the best solution for dealing with search engines while still being informative for users as well.

While a site is temporarily unavailable, it is best to send an HTTP 503 Service Unavailable status code. Continue reading Handling website maintenance in IIS

Automating upload to Azure Blob Storage

This is my latest effort in an attempt to offer myself slightly more robust backups of my personal website. I’m using PowerShell and Azure PowerShell to automate the process of zipping up a folder (actually my website’s application folder) and its associated MySQL database in to a zip file and finally, as well as storing the zip locally on-disk (yes, I know!…. wait for it!) uploading the file to Azure Blob Storage. Using some new functionality in .NET Framework 4.5 (zip files, yay) and Azure PowerShell to get the job done.

Here’s a quick snippet from the script:

I also ensure I’m optimising my use of Azure Storage by only retaining the latest 4 files in the target container and deleting anything older than 30 days on  the local machine. Run once per week, this will give you one month’s worth of backups and help you sleep a little easier.

Even without the MySQL dump integration, this is a handy script for backing up a folder and all of its child contents then uploading it for safe keeping to Azure Storage…. Continue reading Automating upload to Azure Blob Storage

Configuring Azure Site-to-Site connectivity using VyOS Behind a NAT – Part 4

In the previous posts in this series we went through the process of creating a cross-premises Site-to-Site VPN with Azure by gathering some information about our local network, configuring the Azure Virtual Network and gateway and finally configuring VyOS so that the tunnel connected.

Now that the cross-premises tunnel is connected, in this post we’ll run through the process of creating a Virtual Machine in Azure which will reside in the Virtual Network we created in part 2. Before we start, our current network looks as follows (no VM in Azure).

Continue reading Configuring Azure Site-to-Site connectivity using VyOS Behind a NAT – Part 4

Configuring Azure Site-to-Site connectivity using VyOS Behind a NAT – Part 3

In this, part 3 of the series, we’ll implement the configuration required for VyOS to enable it to become a VPN endpoint with which we can connect to our Azure Virtual Network Gateway to form our Site-to-Site VPN.

If you still haven’t, consider reading part 1 and part 2 of this series to provide the background of our modest network and how we configure Azure to create its side of the VPN cross-premises connection. As a reminder, our network configuration looks as follows (no tunnel and no Azure VM yet).

Continue reading Configuring Azure Site-to-Site connectivity using VyOS Behind a NAT – Part 3

Configuring Azure Site-to-Site connectivity using VyOS Behind a NAT – Part 2

If you haven’t read part 1 of this series, please review that before proceeding here. In part 1, I describe the network that we are starting with (mine) and how it is configured to enable routing across a virtual software router called VyOS between a home lab (a Windows domain called transishun.local) hosted in VMware ESXi 5.5 and my main “everyone’s phones are on it” network – I’ll call this the DMZ from here on. I also mention that my primary “edge” router is an off-the-shelf type on which I have installed DD-WRT which adds capabilities that permits it to perform source NAT for more than just the primary network, thereby avoiding double-NAT (bleugh!). If that’s something you’re interested in doing for yourself, it’s educational and I’m always here to answer questions should you feel the need.

As a reminder, here’s the current network before we do anything in Azure.

Continue reading Configuring Azure Site-to-Site connectivity using VyOS Behind a NAT – Part 2

Configuring Azure Site-to-Site Connectivity using VyOS behind a NAT – Part 1

Introduction

This series of posts will cover the process of creating a Site-to-Site VPN from your on-premises network infrastructure in to Azure IaaS services using VyOS, hosted in a virtual machine. Typically, this results in the “hybrid” model that Microsoft are keen for you to take advantage of when you’re investing in your infrastructure. If you’re asking yourself “Why would I do this?” The answer is: to permit your business to take advantage of the benefits offered by cloud IaaS services such as giving you the ability to spin up virtual machines (VMs) quickly and easily, without the normal associated costs (in terms of both financial and time) typically involved in procuring the hardware, configuring, installing, licencing and finally, commissioning it. In short, if you want to add infrastructure to your existing network and you need it quickly, the cloud is the way to go. Think of the benefits of deploying development environments which can be spun down at the end of the day – no more power, cooling etc. to pay for and better still, you haven’t forked out for new (or had to recycle old) kit.

Yes, yes, but why are you doing this?

As a Microsoft professional, it’s in my best interests to get up to speed on Azure quickly since that is where most Microsoft platforms will likely be deployed in the years ahead. The only way to generally do that is through Technet articles and doing it myself, however, having a home centric internet connection, I’m saddled with a single IP address and limited resources. Throwing money away on blocks of IP addresses, VPN devices etc. to get experience of hybrid cloud models in Azure isn’t something I’m keen on. I needed a way to learn about hybrid cloud from my own lab, so I set about finding out if it was possible and wanted to share my conclusions with you here…long story short, I got it working.

Microsoft have their own documentation on how to set this up but it’s a little vague when it comes to setting up the on-premises side of things and they clearly state that the VPN device cannot be behind a NAT. Well, they’re wrong, it can – it just depends how the network is configured. For this series of posts, the intention here is to create an end-to-end solution using VyOS, an open source router OS that runs very happily on vSphere (and probably Hyper-V) which will host the IPSec site-to-site VPN (it will connect to Azure). I’ve been using VyOS to route between my home lab (hosted on VMware ESXi 5.5) and my main (“everyone’s phones are on it” network) for nearly a year now and it has served this very basic purpose beautifully. I discovered that Vyatta Community Edition was to be discontinued when Vyatta was acquired by Broadcom but thankfully for all of us, someone had the foresight to fork Vyatta and create VyOS.

Continue reading Configuring Azure Site-to-Site Connectivity using VyOS behind a NAT – Part 1

Raspberry Pi MJPEG at ~30fps

I’ve been tackling the Pi Camera recently and looking for the best trade off of performance, quality, bandwidth, simplicity and fields of view.

During my travels I experimented with a large number of command line options, raspivid, raspistill and VLC. I was looking for the simplest way to get to what I wanted and finally settled on the following.

First, I quickly abandoned using raspistill and raspivid – frames per second weren’t up to it at anything like a resolution I was happy with.

The idea was to use the camera for two things. First, streaming video at 1080p, second, taking screenshots each minute. To achieve that I settled on the Video For Linux 2 module that I edited in to my boot sequence by adding the following to the /etc/modules file. This loads the module so I don’t have to do a modprobe.

Then you’ll want VLC which is readily available in a repo so just:

Once they’re installed, the following command line will give you 1080p MJPEG encoded video at ~30fps. The result of this is that the stream comes down at about 50Mbps so WiFi isn’t going to cut it.

Continue reading Raspberry Pi MJPEG at ~30fps

me, on scripting, trance and other subjects i enjoy