Friday, 8 December 2017

Moving TFS 2015 databases to a new server

We have an on-premise Team Foundation Server (2015) which we use for our source control.  Everything is installed on the one vm; TFS and SQL Server (also SQL Reporting Services and Analysis Services but we don't actually use them).
Our plan was to move the database to a new server, including the TFS Configuration database.  This was so that we could uninstall SQL Server.

The steps taken:
  • As it was a virtual machine we were able to create a snapshot of it before we moved anything, always good just in case a rollback is required.
  • Login to the vm as an account with full TFS permissions
  • Open the administration console window and select Team Project Collections, then Detach the collection.
  • Close the administration console when completed.
  • Perform a SQL backup of the TFS_ databases.
  • Restore the SQL backups to the new SQL Server
  • Grant the TFS Service account DBO access to the databases and add any logins.
  • Stop IIS, open a command prompt:
    •  IISReset /Stop
  • Stop the TFS Services:
    • Team Foundation Ssh Service
    • Visual Studio Team Foundation Background Job Agent
    • Visual Studio Test Controller
  • Open a (elevated) command prompt
    • CD C:\Program Files\Microsoft Team Foundation Server 14.0\Tools
    • TfsConfig registerDb /sqlInstance:<NewSQLServer> /databaseName:Tfs_Configuration
    • Note: If the command prompt hangs, give the TFS Admin account higher SQL permissions. 
  • Open the administration console window and select Application Tier, then Reapply account.

  • Disable the SQL Server services (to be sure that it is not being used).
    • SQL Server
    • SQL Server Agent
    • SQL Server Analysis Services
    • SQL Service Integration Services
    • SQL Server Reporting Services
  • In the TFS Administration Console select Team Project Collections and Attach the collection:

Wednesday, 12 April 2017

Stop remembering passwords!

I have heard a number of times recently of people unwittingly giving away their passwords or reusing passwords on different websites.  With the number of websites being hacked increasing if one site that you have created an account with uses poor security then your email address and password will be known, hackers will then try other websites with that username and password.  If you reuse the password they will have access.
I recently heard that someone had their Facebook account compromised (as they reused the password) and they tried to get money from their Facebook friends.

So don't reuse passwords!  I mean it!

Ok, but this means
"I will need a different password for each website that I use, that's ridiculous, I can't remember them all!"
This is where Password Managers come in.

So what is a Password Manager?
A password manager is an application that remembers all of the passwords for you.  Most of them will automatically register when you have logged in or changed a password to a website and it will pop up and ask if you want to save or update it.  This works really well when you are using a PC but not so well (in my opinion) when on a mobile device.
All of the passwords that are stored in the password manager need to be secured by, yes you've guessed it - a password!
However, I dislike the phrasing here, they should be protected by a passphrase rather than a single word.  The longer a password the more secure it is, using numbers and special characters does help but it is the length that makes it harder to crack.

So when creating a passphrase it should be something that you'll remember and fairly secure and contain letter, numbers and digits.
This video (from Google) gives an idea of how to create secure passwords:

There are a number of different password managers around but I'll limit this to just three (as I don't have enough time to review them all).

KeePass (free)
KeePass works really well if you log in from one device all the time and you want full control over where your passwords are stored, personally I think it also works best on a PC rather than a mobile device.

It works by creating your own vault which is where you store the passwords and you have to maintain them.  It requires you to remember to add the passwords it the vault and update them if the password has changed.
You can create folders and store the entries where you like.

The downside to KeePass is when you want to use it with multiple devices such as mobile phones.  As the vault is stored in a file for it to be on a mobile device this needs to be available using Dropbox or a similar tool.  When I did this I had problems with the database being overwritten as it wasn't in sync and I lost entries.  This led me to look for another tool.

LastPass (free and paid for mobile use)
I was introduced to LastPass by a friend and I've been quite happy with it.
When I first installed the extension into Chrome it took me through a process and took all of the passwords from Chrome and had an import mechanism to extract any passwords from Chrome and importing from KeePass was fairly straight forward (from what I can remember now).
When used on a PC LastPass will automatically populate the username and password if it knows the password, so normally I just need to hit login and the job is done.
Also when I need to create an account it abstracts away the password process and automatically stores the new entry if you choose to.
If you want to use LastPass on a mobile device you need to upgrade to the premium version, the cost for this is $12 for a year.
The mobile version uses an App (free to download) that has a browser in built that has the functionality to populate usernames and passwords when you browse to website in the same way it does when you use a PC.
If you are using a separate mobile app you need to copy and paste the password which involves flicking between the apps which is a bit of a pain but I believe this is a common problem between all password managers (maybe less so if the app uses google or facebook logins).
With LastPass it is possible to arrange how the sites are stored and to create a shared area, allowing a single username and password to be used by two or more people.

I feel obligated to say LastPass has recently come under some criticism as some faults have been found in the way they store passwords:  ttps://
Personally I think any review of security is a good thing and LastPass have been very quick to respond and resolve the issues raised.

1Password (free and paid for)
I haven't actually used 1Password but my understanding is that they are very similar to LastPass.
The premium version is $2.99 per month (billed annually) so it is fair bit more expensive than LastPass but it is recommended by a number of people including Troy Hunt who is a industry recognised security researcher.

I urge everyone to use a password manager and not to re-use passwords.
With so many websites being hacked if you reuse a password it won't be long before someone else knows your password.

Have I been Pwned?

If you suspect or are paranoid Troy Hunt has a website where you can enter your email address and it will inform you if it has been exposed by a breach (a website that has been hacked).

As a final word, don't trust anything!  If an email or webpage looks to good to be true, it probably is!
If someone on facebook suddenly asks you to take payment for something on ebay and send them the money, think twice and speak to the person.

Tuesday, 11 October 2016

Docker on Windows - Don't use TP5

I'm new to the world of Docker and being from a Windows background I've not really had the opportunity to have a look, that is until Windows Server 2016 which has native support for Docker.  Wahoo!

As Windows Server 2016 is now RTM I thought I'd go and have a play on Azure.

Unfortunately this is where I found that Azure doesn't (yet) have a RTM version of Server 2016:

As a result I decided to go for the Technical Preview 5 image and enable Docker myself.

Adding the Windows Feature was straight forward:

Then obviously as it is Windows it required a reboot.

I then ran:

I also added C:\ProgramFiles\Docker to my Path variable.

I then registered the service:

The started the service:

At this point I got an error:
Start-Service : Failed to start service 'Docker Engine (docker)'.At line:1 char:1+ Start-Service docker+ ~~~~~~~~~~~~~~~~~~~~

After Googling I found that you can't use Windows Server 2016 TP 5, you need to use the fully fledged version of Windows Server 2016 (which isn't available in Azure).
This is stated on this page (under Pre-Reqs):

For fun I thought I would try and upgrade the Azure vm I was running but this didn't seem to work, leaving me with a dead vm.

Hopefully a RTM version of Windows Server 2016 will be on Azure soon.

Thursday, 25 August 2016

Upgrading Octopus Deploy from v2.6 - Give it some memory!

I've been tasked with upgrading Octopus Deploy to the latest version, this is for many reasons but mainly to look at the replacement to snapshotting, channels.

To test the upgrade before it is applied to live I have been using a test environment which has the same instance of Octopus that we have in live, 2.6.

The first thing to say about Octopus 3.x is that it no longer uses a NoSql database (RavenDB), it now uses SQL Server.  This has widely been blogged about but from what I've seen the SQL data structure that it uses is still similar to a NoSQL database with a NVarChar(Max) column filled with JSON.

The installation of Octopus 3.3.24 is straightforward and no really note worthy, the wizard run after installation will create the database and provide an empty installation of Octopus Deploy.
After this has been installed the next step is to migrate your existing database using a backup (with the master key).

Clicking on the "Import Data" brings up a wizard which allows you to select the Octopus backup file and enter the Master key.

The preview option will simulate the process but unfortunately the "Task logs" option does not work with the preview mode.

Our production backup file is 750MB and we use Octopus for all our deployments in our CD pipeline so we have a fair amount of deployment data.

The process to import the task logs takes a long time, I got the memory increased on our test server to 16GB and run the process and it had not completed after 17 hours.  It had consumed all of the memory but not particularly the processor.  It is the step of upgrading the documents that appears to be taking the time.

Upon Googling I found that there is a parameter than can be used to execute the upgrade process so that it limits the history that is brought over; -maxage=

This made the command line:
"C:\Program Files\Octopus Deploy\Octopus\Octopus.Migrator.exe" migrate --instance "OctopusServer" --file "C:\Octopus\20160729-140413.octobak" --master-key "abcdefghijklmnopqrstuvwxyz" --include-tasklogs -maxage=60

After checking the Migration log file I found the last entry was:
2016-08-13 20:57:07.7216      1  INFO  Step took 00:00:00s2016-08-13 20:57:07.7216      1  INFO  2016-08-13 20:57:07.7216      1  INFO  Convert documents
This didn't get updated and all of the memory on the machine (16GB) was pretty quickly consumed.
As this was running on a VM I left the machine running for a few days and the log file didn't get updated.

After raising a call with Octopus Support we found that the process requires quite a lot of memory.
Giving my VM 32GB RAM seemed to allow the migration to complete (in 20 minutes) although it was still very close to maxing out the memory.

In short, if you have a large Octopus Raven database (ours was approximately 3GB - when Windows counted the size of the Raven database) you'll need a lot of memory to upgrade, maybe more than 32GB!

Thanks to Vanessa Love (@fly401) for all the help!

Tuesday, 28 June 2016

Why is git capitalising my branches?

I'm quite new to git and I'mstill getting to grips with git and I've been a little confused that when I create a branch git seems to add uppercase letters, even though I specifically created it in lowercase.

For example:

This responds with:
Switched to a new branch 'grahamr/test'

But when I check the branches it has a different casing:

This caused me some problems when I was trying to push the branch as it that is case sensitive.

Upon doing some digging this is due to the first branch that I created I created began with 'GrahamR'.  The way git creates branches and how they are stored.  Git stores the branch in a single file which contains the hash to the commit object that the branch points to.
In the example above creating a branch 'grahamr/test' will create a folder called 'grahamr' and store the branch in a file called test.
As I originally created a branch that began 'GrahamR' the folder was created and even though the branch was deleted the folder remains.

So to resolve this issue browse to the '.git/refs/heads' folder and then delete the folder (ensure that you have deleted the branches first and the folder is empty):
So now create a new branch:

Then when I check the branch status I see this:

For more info look here:

Thursday, 21 April 2016

Extracting perfmon stats using PowerShell

I recently got asked to extract certain performance metrics from multiple servers (at the same time) and put them in an Excel graph.  As I didn't have any software to do this I decided to extract the results from PerfMon using Powershell and collate them into a CSV.

The fist step was creating the PowerShell command.  As we wanted to change the servers easily as well as the counters being used we created a generic one line command:

In the Counters.Txt contained:
\Processor Information(_Total)\% Processor Time
\Memory\% Committed Bytes In Use
 \network interface(*)\bytes total/sec
 \logicaldisk(_total)\current disk queue length

The Servers.txt file contained a list of all the servers that needed to be monitored:
Running the PowerShell produced a CSV file but when loaded into Excel the results in the file clearly needed some amending before we could create the graphs we needed:

The values for each server were stored in a single cell for each timestamp (as shown above).

So staying in Excel I created one of the most horrible Excel queries I've ever written it does the job but like all Excel queries it is not pretty!

This can be broken down to make it a bit more readable:
The first part:

This reformats the string by removing the carriage returns, slashes and replacing them with commas if necessary.
The final part of the formula inserts carriage returns for each server, so the final part replaces the server names we are extracting from and ensures that there is a return code first then it inserts the time (from the B1 cell in this case):
Placing the formula for into the D1 cell and copying it down to every cell creates a spreadsheet like this:

Copy the contents of column D into a new sheet and Paste it into column A (Paste using values) and then save that worksheet as a CSV file.
Accept the messages stating that formatting won't be saved and that only the selected workbook will be saved.
Also save the entire workbook as an Excel file, just in case.

I found that the file seems to have quotes in each cell making Excel look like the file is empty when it loads the file so I opened the file in Notepad++ and did a search and replace simply replacing the " with nothing:

This provides a file that can be loaded into Excel:
I then sorted the data by Column B (ServerName) and then by Column C (Setting) and finally by Column A (Time).  I also changed the formatting of Column A to a Time.
It now looks like this:
Lastly I then highlighted the Time (Column A) and the Value (Column E) for a given metric (in the example below Memory) and then clicked Insert and Scatter graph (I picked the one with straight lines) and you've got a graph!
You can cut and paste it onto a different worksheet if required.
Not the most straight forward process but could be useful?

Tuesday, 8 March 2016

SQL 2016 - Performance of Temporal Tables

One of the new features in SQL 2016 is Temporal Tables, whilst confusing Google when you search on it (Google seems to want to point you to Temporal Tables occasionally) they are very useful.

Suppose you had a table (called Person):
Temporal Tables will create another table that stores all of the changes over time and uses slowly changing dimensions so you can track back what it was at a certain point in time.
Slowly changing dimensions are date/time fields that allow you to see when that information was used, normally a From and To date is used.
Considering the table above, the dates would be need to be appended so they would appear in the history table.
1TestPerson2016-02-29 15:26:212016-02-29 17:19:11
2TestPerson2016-02-29 15:26:212016-02-29 17:19:11
3TestPerson2016-02-29 15:26:212016-02-29 17:19:11

The history table is maintained automatically, you update the main table and the history table is dealt with via SQL, nice huh?

So how do I create this?

When creating your original table there are a couple of new additions:

For the ValidFrom and ValidTo columns I've used DATETIME2 it is the bit after it that is interesting:
GENERATED ALWAYS AS ROW START (and ROW END) allow SQL to keep a track of the time the row was first used and when it was changed.  The StartTime is the time of the transaction itself, so if a query was to update every row in the table it would all have the same time.
HIDDEN - this allows the fields to be added to the main table but they are not returned in a SELECT * query, although adding the columns to the SELECT clause will  return them:

So what is the performance like?

 I wasn't sure either so I thought I'd find out.  Firstly I created a new Azure VM (Standard D2 0 2 cores and 7GB and SSD) with the SQL image CTP3.3 applied.
Firstly I created a new database and then inserted some data into it (1 million rows).  Then I created a loop and did 1 million updates to random rows in the table.
I did the same thing to a non temporal table and compared the results:
Temporal Query:

Non-Temporal Query:

 The results!

Non Temporal Table
Temporal Table
Insert Data01:43:5401:39:46
Update data01:46:3901:52:50

This surprised me greatly as I expected the Temporal table updates to be significantly slower (as there was twice the work required), however the results seem to imply that they are almost identical, impressive huh!.