This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.
Azure
Compute
Azure Hybrid Benefit for Linux
Azure Hybrid Benefit functionality is available for Linux customers, allowing you to bring both your on-premises Windows Server and SQL Server licenses, as well as Red Hat Enterprise Linux (RHEL) or SUSE Linux Enterprise Server (SLES) subscriptions to Azure.
Microsoft to establish its first datacenter region in Sweden
Microsoft’s newest datacenter region will be among the most sustainable to date, as Microsoft will be partnering with Vattenfall around their 24/7 matching solution, which will track renewable energy consumption in the upcoming Swedish datacenters. The Microsoft Cloud delivered from datacenters in Sweden will enable Swedish businesses to empower employees, engage customers, transform products, and optimize operations, all through connected experiences and supported by advanced data privacy and security. Upcoming plans also include a skilling initiative for up to 150,000 Swedes. Microsoft’s community investments in Sweden total more than $1.25 million (U.S.) in partnership with 13 organizations to advance STEM programs focused on youth, skilling and culture. The new region will also deliver Availability Zones.
Storage
SMB Multichannel available on Azure Files premium tier (preview)
SMB Multichannel enables an SMB 3.x client to establish multiple network connections to a premium file share, and hence, increasing client’s performance up to 3x in terms of IOPS and throughput. Workloads running on the premium file shares can now achieve the required scale from a single virtual machine (VM) or a smaller set of VMs, thereby reducing the total cost of ownership.
Performance tiers for Premium SSDs
To sustain high performance demands for a specific duration, such as running a training environment during daytime, performance testing, or an event like Black Friday, you can now set the performance tier of your Premium SSDs without increasing the capacity of the disk. This provides the flexibility to achieve higher performance while also controlling costs. To start with, a baseline performance tier is set based on the provisioned disk size. However, when your application has higher performance demands, you can choose a higher performance tier. Once the period of high demand is complete, your provisioned disk can return to the initial baseline performance tier. For example, if you initially provision a P10 disk (128GB), your baseline performance tier is set as P10 (500 IOPS and 100MB/s). Later, you can update the tier to match the performance of P50 (7500 IOPS and 250MBs) and return to P10 when higher performance is no longer needed.
More IOPS at no additional cost for Azure Files premium tier
Effective immediately, all premium shares get an input/output per second (IOPS) uplift for free. All shares get an additional 400 baseline IOPS, and even the smallest share of 100 GiB can now burst up to 4,000 IOPS. This change is particularly beneficial for workloads that do not have a high capacity requirement but need extra performance to accommodate spikes in traffic or sudden unpredictable loads, such as web applications, backup and restore operations, and batch jobs.
Earlier:
- Baseline IOPS = 1 * provisioned GiB. (Up to a max of 100,000 IOPS).
- Burst Limit = 3 * Baseline IOPS. (Up to a max of 100,000 IOPS).
With this change:
- Baseline IOPS = 400 + 1 * provisioned GiB. (Up to a max of 100,000 IOPS).
- Burst Limit = MAX (4,000, 3 * Baseline IOPS). (Up to a max of 100,000 IOPS).
The new IOPS limits are available in all Azure Files premium tier regions. This additional free IOPS offer coupled with our recent price reduction of 33% on Azure Files premium tier will significantly reduce the total cost of deployment.
Networking
VPN over ExpressRoute private peering
For customers such as those in financial and health industries, double encryption over both their private WANs and Azure WAN is a key compliance requirement. VPN over ExpressRoute private peering allows customers to use IPsec tunnels over their ExpressRoute private peering to satisfy this need. You can configure a Site-to-Site VPN to a virtual network gateway over an ExpressRoute private peering using an RFC 1918 IP address. This configuration provides the following benefits:
-
Traffic over private peering is encrypted.
-
Point-to-site users connecting to a virtual network gateway can use ExpressRoute (via the Site-to-Site tunnel) to access on-premises resources.
New features for Azure VPN Gateway
The following new features for Azure VPN Gateway as generally available:
- High availability for RADIUS servers in point-to-site VPN – This feature enables highly available configuration for customers using RADIUS/AD authentication for their point-to-site VPN.
- Custom IPsec/IKE policy with DPD timeout – Setting IKE DPD (Dead Peer Detection) timeout allows customers to adjust the IKE session timeout value based on their connection latency and traffic conditions to minimize unnecessary tunnel disconnect, improving both reliability and experience. This feature brings the entire custom IPsec/IKE policy configuration experience to Azure Portal.
- APIPA support for BGP speaker – This feature supports customers with legacy VPN routers and Amazon Web Service (AWS) VGW, Google Cloud Platform (GCP) VPN which use Automatic Private IP Addressing (APIPA) addresses as their Border Gateway Protocol (BGP) speaker IP addresses. Now they can establish BGP sessions with Azure VPN gateways using APIPA (169.254.x.x) addresses.
- FQDN support for site-to-site VPN – This feature supports customer branches or locations without static public IP addresses to connect to Azure VPN gateways. Customers can now leverage dynamic DNS services and use their Fully Qualified Domain Name (FQDN) instead of IP addresses. Azure VPN gateways will automatically resolve and update the VPN target to establish IPsec/IKE connections.
- Session management and revocation for point-to-site VPN users – Enterprise administrators can now list and revoke individual user connections to their VPN gateways from Azure Portal in real time, addressing a key management asks.
