This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.
Azure Boost (preview)
Azure Boost is one of Microsoft Azure’s latest infrastructure innovations. Azure Boost is a new system that offloads virtualization processes traditionally performed by the hypervisor and host OS onto purpose-built hardware and software, such as networking, storage, and host management. By separating hypervisor and host OS functions from the host infrastructure, Azure Boost enables greater network and storage performance at scale, improves security by adding another layer of logical isolation, and reduces the maintenance impact for future Azure software and hardware upgrades.
This innovation enables Azure customers participating in the preview to achieve a 200 Gbps networking throughput and a leading remote storage throughput up to 10 GBps and 400K IOPS, enabling the fastest storage workloads available today.
Azure Boost allows preview users to achieve this performance through access to experimental SKUs. This preview will be important for many customers and partners to integrate critical components of Azure Boost into their current VM solutions, ensuring smooth operation on this new system in the future.
Azure Boost has been providing benefits to millions of existing Azure VMs in production today, such as enabling the exceptional remote storage performance of the Ebsv5 VM series and networking throughput and latency improvements for the entire Ev5 and Dv5 VM series. Azure Boost will continue to innovate and provide benefits for Azure infrastructure users going forward.
The Classic VMs retirement deadline is now September 6, 2023
The deadline to migrate your Iaas VMs from Azure Service Manager to Azure Resource Manager is now September 6, 2023. To avoid service disruption, we recommend that you complete your migration as soon as possible. Microsoft will not provides any additional extenstions after September 6, 2023.
Updated default TLS policy for Azure Application Gateway
Microsoft has updated the default TLS configuration for new deployments of the Application Gateway to Predefined AppGwSslPolicy20220101 policy to improve the default security. This recently introduced, generally available, predefined policy ensures better security with minimum TLS version 1.2 (up to TLS v1.3) and stronger cipher suites.
Always Serve for Azure Traffic Manager
Always Serve for Azure Traffic Manager (ATM) is now generally available. You can disable endpoint health checks from an ATM profile and always serve traffic to that given endpoint. You can also now choose to use 3rd party health check tools to determine endpoint health, and ATM native health checks can be disabled, allowing flexible health check setups.
Azure Application Gateway for Containers (preview)
Azure Application Gateway for Containers is a new SKU to the Application Gateway family. Application Gateway for Containers is the next evolution of Application Gateway + Application Gateway Ingress Controller (AGIC), providing application (layer 7) load balancing and dynamic traffic management capabilities for workloads running in a Kubernetes cluster.
Application Gateway for Containers introduces the following improvements over AGIC:
- Performance: Achieve near-to-real-time convergence times to reflect add/remove of pods, routes, probes, and other load balancing configuration within Kubernetes yaml configuration.
- Scale: push boundaries past current AGIC limits, exceeding 1400 backend pods and 100 listeners with Application Gateway for Containers.
- Deployment: enable a familiar deployment of ARM resources via ARM, PowerShell, CLI, Bicep, and Terraform or define all configuration within Kubernetes and have Application Gateway for Containers manage the rest in Azure.
- Gateway API support: the next evolution in defining Kubernetes service networking through expressive, extensible, and role-oriented interfaces.
- Weighted / Split traffic distribution: enable blue-green deployment strategies and active / active or active / passive routing.
Network observability add-on for AKS (preview)
The new network observability add-on for AKS, now in public preview, provides complete observability into the network health and connectivity of your AKS cluster.
- Get access to cluster level network metrics like packet drops, connections stats and more.
- (GA) Access to pod-level metrics and network debuggability features.
- Support for all Azure CNIs – AzureCNI and AzureCNI (Powered by Cilium).
- Support for all AKS node types – Linux and Windows.
- Easy deployment using native Azure tools – AKS CLI, ARM templates, PowerShell, etc.
- Seamless integration with the Azure managed Prometheus and Azure-managed Grafana offerings.
General Availability of Remote Support for Azure Stack systems
Support requests for Azure Stack systems have always been managed through the Azure Portal and covered under your Azure support plan. The next big step is the remote support for all Azure Stack systems.
With remote support, you can temporarily grant Microsoft Support engineers constrained access to your on-premises edge devices to gather logs and fix issues. By default, remote support is off. It’s easy to turn on and off, when needed. After creating an Azure support request, it’s recommended to grant remote support access to enable Microsoft Support to resolve the issue as soon as possible. This takes just a few minutes in only a few steps. Once the support request is closed, you can just as easily turn off remote support access
Remote support for Azure Stack systems provides benefits to both customers and Microsoft Support:
- Improved time to resolution: eliminate the back-and-forth hassle of scheduling a call and gathering logs yourself.
- Safe and secure: you can grant just-in-time (JIT) authenticated access and define the access level and duration for each incident. You can revoke access anytime.
- Audited troubleshooting: Microsoft Support can only run Just Enough Administration (JEA) approved commands and everything they do is recorded for you to audit.
- Free: Remote support is included in your Azure subscription at no additional cost. You can get remote support for both unregistered and registered Azure Stack HCI systems.
- For Azure Stack Hub, remote support is available for version 2108 and later.
- For Azure Stack Edge, remote support is available for version 2110 and later.
- For Azure Stack HCI, remote support is available for version 22H2 and later.