This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.
On-demand capacity reservations
On-demand capacity reservations let you reserve compute capacity for one or more VM size(s) in an Azure region or availability zone for any length of time.
Azure Batch supports Spot Virtual Machines
Azure Batch offers Spot Virtual Machines in user-subscription Batch accounts. The Spot Virtual Machines are available as single-instance virtual machines (VMs) or Virtual Machine Scale Sets. In addition, you get unique Azure pricing and benefits when running Windows Server workloads on Spot Virtual Machine’s.
Azure Virtual Machines increase storage throughput by up to 300%
The new memory optimized Ebs v5 and Ebds v5 Azure Virtual Machines, now generally available, feature the latest 3rd Gen Intel Xeon Platinum 8370C (Ice Lake) processor in a hyper-threaded configuration. These VMs deliver up to 300% increase in VM-to-Disk Storage throughput and IOPS compared to the previous generation D/Ev4 VM series. The new VM series feature sizes from 2 to 64 vCPUs with and without local temporary storage best match your workload requirements. These new VMs offer up to 120,000 IOPS and 4,000 MB/s of remote disk storage throughput. The increased storage throughput is ideal for the most demanding data-intensive workloads, including large relational databases such as SQL Server, high-performance OLTP scenarios, and high-end data analytics applications.
New planned datacenter region in India (India South Central)
Microsoft has announced plans to bring a new datacenter region to India, including availability zones.
Azure Virtual Machines DCsv3 available in Switzerland and West US (preview)
DCsv3-series virtual machines (VMs) are available (in preview) in Switzerland North and West US. The DCsv3 and DCdsv3-series virtual machines help protect the confidentiality and integrity of your code and data while it processes in the public cloud. By leveraging Intel® Software Guard Extensions and Intel® Total Memory Encryption – Multi Key, you can ensure your data is always encrypted and protected in use.
Cross-region snapshot copy for Azure Disk Storage
Cross-region snapshot copy allows you to copy disk snapshots to any region for disaster recovery.
Incremental snapshots are cost-effective point-in-time backups of Azure Disk Storage. They are billed for the changes to disks since the last snapshot and are always stored on the most cost-effective storage, Standard HDD storage, irrespective of the storage type of the parent disk. Now, you can copy incremental snapshots to any region of your choice for disaster recovery using cross-region snapshot copy. Azure manages the copy process and ensures that only changes since the last snapshot in the target region are copied, reducing the data footprint and recovery point objective (RPO).
Copy data directly to Archive Storage with Data Box
You can now use Data Box to copy data directly to Archive tier by indicating this when ordering and then copying to the corresponding share on the Data Box.
Azure Ultra Disk Storage in Sweden Central
Azure Ultra Disk Storage provides high-performance along with sub-millisecond latency for your most-demanding workloads.
Azure storage table access using Azure Active Directory
Azure Active Directory (Azure AD) support to authorize requests for Azure Table Storage is now generally available. With Azure AD, you can use Azure role-based access control (Azure RBAC) to grant permissions to any security principal, which can include a user, group, application service principal, or managed identity. The security principal is authenticated by Azure AD to return an OAuth 2.0 token. The token can then be used to authorize a request against the Table service. Authorizing requests against Azure Storage Tables with Azure AD provides superior security and ease of use over shared key authorization. Microsoft recommends using Azure AD authorization with your table applications when possible to assure access with minimum required privileges.
Azure File Sync agent v15
Improvements and issues that are fixed:
- Reduced transactions when cloud change enumeration job runs
- View Cloud Tiering status for a server endpoint or volume
- New diagnostic and troubleshooting tool
- Immediately run server change enumeration to detect files changes that were missed by USN journal
- Miscellaneous improvements
To obtain and install this update, configure your Azure File Sync agent to automatically update when a new version becomes available or manually download the update from the Microsoft Update Catalog.
More information about this release:
- This release is available for Windows Server 2012 R2, Windows Server 2016, Windows Server 2019 and Windows Server 2022 installations.
- A restart is required for servers that have an existing Azure File Sync agent installation if the agent version is less than version 12.0.
- The agent version for this release is 188.8.131.52.
- Installation instructions are documented in KB5003882.
Bring your own public IP ranges to Azure
When planning a potential migration of on-premises infrastructure to Azure, you may want to retain your existing public IP addresses due to your customers’ dependencies (for example, firewalls or other IP hardcoding) or to preserve an established IP reputation. Now you can bring your own IP addresses (BYOIP) to Azure in all public regions. Using the Custom IP Prefix resource, you can now bring your own public IPv4 ranges to Azure and use them like any other Azure-owned public IP ranges. Once onboarded, these IPs can be associated with Azure resources, interact with private IPs and VNETs within Azure’s network, and reach external destinations by egressing from Microsoft’s Wide Area Network.
The new Azure Front Door: a modern cloud CDN service
The new Azure Front Door is a Microsoft native, unified, and modern cloud content delivery network (CDN) catering to dynamic and static content acceleration. This service includes built in turnkey security and a simple pricing model built on Microsoft’s massive scale private global network. There are two Azure Front Door tiers: standard and premium. They combine the capabilities of Azure Front Door (classic) and Azure CDN from Microsoft (classic) and attach with Azure Web Application Firewall (WAF). This provides a unified and secure solution for delivering your applications, APIs, and content on Azure or anywhere at scale.
Several key capabilities have been released:
- Improved automation and simplified provisioning with DNS TXT based domain validation
- Auto generated endpoint host name to prevent subdomain takeover
- Expanded Private Link support in all Azure regions with availability zones to secure backends
- Web Application Firewall enhancements with DRS 2.0 RuleSet and Bot manager
- Expanded rules engine with regular expressions and server variables
- Enhanced analytics and logging capabilities
- Integration with Azure DNS, Azure Key Vault, Azure Policy and Azure Advisor
- A simplified and predictable cost model
Azure Bastion native client support
With the new Azure Bastion native client support, available with Standard SKU, you can now:
- Connect to your target Azure virtual machine via Azure Bastion using Azure CLI and a native client on your local machine
- Log into Azure Active Directory-joined virtual machines using your Azure Active Directory credentials
- Access the features available with your chosen native client (ex: file transfer)
Azure Bastion support for Kerberos authentication (preview)
Azure Bastion support for Kerberos authentication, available with both basic and standard SKUs, is now in public preview.