This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.
Azure
Compute
Maintenance control for platform updates
The maintenance control feature for Azure Virtual Machines platform updates is now generally available for Azure Dedicated Hosts and isolated virtual machines (VMs). This feature gives you more control over platform maintenance when dealing with highly sensitive workloads. Use this feature to control all host updates, including rebootless updates, within a 35-day window. The ability to control the maintenance window is particularly useful when you deploy workloads that are extremely sensitive to interruptions running on an Azure Dedicated Host or an isolated VM where the underlying physical server runs a single customer’s workload. This feature is not supported for VMs deployed in hosts shared with other customers.
New DCsv2-series virtual machines are available
You can develop confidential applications that protect data while it’s being processed in the CPU with new DCsv2-series virtual machines (VMs), powered by Intel SGX. Traditionally, applications are protected while at rest and in transit. Now, you can deliver applications that protect data while in use. This enables a new set of scenarios like multiparty sharing, where it’s possible to combine data from multiple companies to run machine learning models without the companies getting access to each other’s data.
Windows Server containers in AKS now generally available
Windows Server containers in Azure Kubernetes Service (AKS) are now generally available. You can take advantage of this new feature to run Linux and Windows workloads side-by-side in a single cluster using the same tools. Create/upgrade/scale Windows node pools in AKS through the standard tools (portal/CLI) and Azure will help manage the health of the cluster.
Azure Migrate now available in Azure Government
Microsoft’s service for datacenter migration, Azure Migrate, is now available in Azure Government, unlocking the whole range of functionality for government customers. Azure Migrate V2 for Azure Government includes a one-stop shop for discovery, assessment, and migration of largescale datacenters.
Storage
Enhanced features in Azure Archive Storage
Three new feature enhancements for Azure Block Blob storage and Azure Archive storage are now generally available, making the service faster, simpler, and more capable.
- Priority retrieval from Azure Archive. High rehydrate-priority fulfills the need for emergency data rehydrate from archive, with retrievals for blobs of a few GB typically taking less than one hour.
- Upload blob direct to access tier of your choice. The PutBlob or PutBlockList API allows you to upload your blob data directly to any access tier (hot, cool, or archive). This enables customers to write cold data directly to Azure Archive, realizing their cost savings immediately.
- CopyBlob enhanced capabilities. The CopyBlob API supports the archive access tier, allowing you to copy data into and out of the archive access tier within the same storage account. It also includes support for the other two new features—priority retrieval and direct to access tier of your choice.
Networking
Azure Firewall: support for Windows Virtual Desktop
You can use Azure Firewall to protect Window Virtual Desktop deployments. In addition there are FQDN tags for Windows Virtual Desktop (WVD).
Azure Private Link for AKS is generally available
Azure Kubernetes Service (AKS) Private Link is generally available. You can use it to isolate your Kubernetes API server within your Azure virtual network, enabling fully private communication with the managed Kubernetes control plane hosted by AKS.