This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.
Azure
Compute
Brazil South Availability Zones
Availability Zones give users additional options for high availability for their most demanding applications and services as well as confidence and protection from potential hardware and software failures by providing three or more unique physical locations within an Azure region. Availability Zones in Brazil South are made up of three unique physically separated locations or “zones” within a single region to bring higher availability and asynchronous replication across Azure regions for disaster recovery protection.
Azure expands PCI DSS certification
PCI DSS is a global information security standard designed to secure payments and reduce credit card fraud. Microsoft Azure has increased the scope of its Payment Card Industry Data Security Standard (PCI DSS) certification, providing coverage across all live Azure regions.
Make workloads on AMD-backed virtual machines confidential without recompiling code (limited preview)
Microsoft is further broadening the confidential computing options available to Azure customers through the technology partnership with AMD, specifically by being the first major cloud provider to offer confidential virtual machines on the new AMD EPYC™ 7003 series processors. This new approach complements existing Azure confidential computing solutions such as confidential containers for Azure Kubernetes Service and opens the possibility to create new confidential applications without requiring code modifications which in turn substantially simplifies the process of creating confidential applications.
HBv3-Series VMs: now generally available in some regions
Azure HBv3-series virtual machines (VMs) for high-performance computing (HPC)
are generally available in the East US, South Central US, and West Europe Azure regions. HBv3 Virtual Machines feature AMD EPYC™ 7003-series (Milan) CPU cores, 448 GB of RAM, 480 MB of L3 cache, and no simultaneous multithreading (SMT). HBv2 Virtual Machines provide up to 340 GB/sec of memory bandwidth. HBv3 VMs can be deployed with a range of CPU core counts to support a diverse set of HPC workload needs.
Publishing VM Images from Shared Image Gallery to Azure Marketplace
You can now publish a VM Image in Shared Image Gallery (SIG) to Azure Marketplace. This capability simplifies your image preparation, testing, and submission process as you no longer have to extract vhds, upload them, and generate SAS URIs. With this capability, you can now manage the full image lifecycle within Azure. You can simply create your image from the VM or a vhd into Shared Image Gallery, then select the SIG Image to publish it in Partner Center.
New VM series supported by Azure Batch
The selection of VMs that can be used by Azure Batch has been expanded, allowing newer Azure VM series to be used. The following additional VM series can now be specified when Batch pools are created:
- DCsv2
- HBv3
- NCasT4_v3
Storage
Azure Storage Explorer v1.18.0
Azure Storage Explorer helps you upload, download, and manage the data you store in Azure Storage. The released version v1.18.0 includes the following new capabilities:
- Decrease startup and load time of Storage Explorer.
- New connection flow to make it easier to specify the type of resource.
- For faster data transfer, Storage Explorer now uses AzCopy v10.8.0.
- Log files now have more descriptive names and, easier way to clean up old logs.
- Authorizing via shared access signatures (SAS) is now enabled for ADLS Gen2 accounts. You can now attach to an ADLS Gen2 Storage account, container, or folder via SAS using Storage Explorer.
Networking
IPv6 Support for ExpressRoute Private Peering (preview)
IPv6 support for ExpressRoute Private Peering is now available for public preview with ExpressRoute circuits globally and Azure environments in regions with Availability zones. IPv6 support will unlock hybrid connectivity for you as you look to expand into mobile and IoT markets with Azure, or to address IPv4 exhaustion in your on-premise networks.
Here are the new capabilities available with this support:
- Establish BGP sessions between the customer and Microsoft edge over ExpressRoute using IPv4 subnets, IPv6 subnets, or both
- Connect to dual-stack deployments in Azure using a new or existing ExpressRoute gateway
- Use FastPath with an ExpressRoute connection to route IPv6 traffic
Service Tags for User Defined Routing (preview)
You can now specify a Service Tag for the address prefix parameter in a user defined route for your route table. You can choose from tags representing over 60 Microsoft and Azure services to simplify route creation and maintenance.
-
You no longer need to manually update routes when services change or add to their list of endpoints. Routes with Service Tags will update automatically to include new changes.
-
This also eliminates the need for regularly updating routes based on the IP data in the weekly JSON file downloads we provide.
-
-
This also helps reduce the likelihood of running into the routes per route table limit (400) which is common when configuring routing for multiple Microsoft and Azure services. By using Service Tags, you can avoid this, since the tag condenses all ranges for that service into one group.
-
For example, we list more than 4,500 prefixes which collectively represent the Azure address space. You can now use one route with the AzureCloud Service Tag which will include all of these.
-
The feature is available through REST, PowerShell, CLI, and can also be used in ARM templates. This feature is not currently available through the Azure Portal.
Azure Stack
Stream Analytics runs on Azure Stack Hub
Azure Stream Analytics now is supported on Azure Stack Hub as an IoT Edge module. It allows customer to leverage Azure Stack features, to interact with SQL, Event Hubs, and IoT Hubs running in an Azure Stack Hub subscription. Customers can build truly hybrid architectures for stream processing in your own private, autonomous cloud, which can be connected or disconnected with cloud-native apps using consistent Azure services on-premises.
