An additional feature in Microsoft Azure gives administrators a more traditional approach to manage their VMs, even in the cloud.
The Serial Console for Virtual Machines lets IT shops debug and troubleshoot machines on Microsoft’s public cloud via the Azure portal. There are many tools that configure, manage and automate VMs in Azure and the other major public clouds, but the console looks and feels similar to customers’ familiar on-premises architecture.
The console addresses one of the biggest feature requests from users since the launch of Azure in 2008, Microsoft said. In particular, it enables cloud troubleshooting with deeper insight to fix machines with boot issues, which can be complicated to resolve. IT admins can use it to tackle a variety of issues, such as broken fstab files, incorrect firewall rules, filesystem corruption and SSH/RDP misconfigurations.
The feature is available for Linux and Windows machines for users with “VM contributor” privileges or higher, and Microsoft recommends the use of role-based access control to limit access to this capability. Serial Console for Virtual Machines is available in preview across all Azure regions. Users don’t need to change anything with their Linux machines to use this tool, but existing Windows VMs will require some minor changes.
Through this feature, admins could give employees access to machines through Active Directory rather than traditional SSH access, said Moody Saada, site reliability engineer at Agolo, a New York-based provider of AI-based information summarizations for companies. He’d like more information about the distinction between the console and the command-line interface, but he still thinks it could translate to a more secure way to delete machines.
Make smart container hosting decisions for enterprise IT
“We still have users that have left the company that still have access to certain machines because it’s so difficult to manage all the access keys on Azure,” Saada said. “This is definitely a step forward to better security and better visibility into who has access to what.”
Moody Saadasite reliability engineer, Agolo
However, others see this tool as a step backward. The serial console may demo well, but it’s really a regression to traditional scale-up approaches as opposed to the scale-out model typically associated with cloud computing, said Erik Onnen, CTO of Cloudability, a cloud management company in Portland. For example, if an /etc/fstab file breaks, a user must fix the operational tools and establish an audit trail rather than just use an SSH through a web browser to fix that specific machine.
“As a former operator, I don’t want my teams using this regularly, nor at scale,” he said.
Still, a two-way interactive console access can help customers that are still adapting to cloud services, said Douglas Toombs, a Gartner analyst. They won’t need it all the time, but it could make cloud troubleshooting easier for companies that don’t want to refactor their applications for the public cloud.
“Mainstream enterprises have grown accustomed to being able to interact with the boot-time environment for VMs in their on-premises environment, and most simply assume that the public cloud providers must offer the same capabilities,” he said.
Microsoft isn’t the first major public cloud vendor to provide this type of cloud troubleshooting feature. Google Cloud Platform users can interact with the serial console. Amazon Web Services doesn’t provide users with physical monitoring of the kernel, but it does offer console outputs to help debug machines.