This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.
Azure
General
Free Data Transfer Out to Internet for Azure Departures
In a bold move to support customer freedom, Azure has introduced free egress for data transfers out of Azure infrastructure to other cloud providers or on-premises data centers. This policy, which aligns with the European Data Act, applies globally across all Azure regions, further facilitating customer transitions and migrations with financial and operational ease. Azure already offers the first 100GB/month of egressed data for free to all customers in all Azure regions around the world. If you need to egress more than 100GB/month, follow these steps to claim your credit.
Azure Classic Administrator Roles Retiring
On 31 August 2024, Azure will retire its classic administrator roles. Organizations using Co-Administrator or Service Admin roles are advised to transition to Azure Role-Based Access Control (RBAC) roles before this date. The retirement also applies to all Azure classic resources and the Azure Service Manager. From 3 April 2024, adding new Co-Administrator roles through the Azure portal will not be possible. Transitioning to Azure RBAC roles is necessary to avoid service disruptions
Modernized Azure Resource Manager Throttling (preview)
Azure Resource Manager’s throttling mechanism is set for a major overhaul in 2024, implementing a token bucket algorithm to manage API requests more efficiently. This update will significantly increase throttling limits and offer a smoother, more scalable experience for managing Azure resources, benefiting developers and administrators alike.
Networking
IPv6 Support for Azure Application Gateway (v2)
IPv6 support for Azure Application Gateway (v2) is now generally available, addressing the growing need for larger address spaces and improved routing efficiency. This update facilitates the support for IPv6 clients and helps customers dealing with IPv4 address scarcity, reinforcing Azure’s commitment to advanced networking solutions.
App Service Backup and Restore over Azure Virtual Network
Azure now enables customers to conduct custom backups for web apps directly to a firewall-protected storage account, provided the app is either integrated with a virtual network or resides in a v3 App Service environment, and the storage account permits access from the connected virtual network. This feature enhances the security and flexibility of web app data management within Azure’s ecosystem.
Retirement of Application Gateway WAF v2 Configuration
The retirement date for Application Gateway WAF v2 Configuration is set for March 15, 2027. Customers are encouraged to migrate to the Application Gateway WAF v2 Policy for enhanced security features and performance without downtime. This transition underscores Azure’s ongoing efforts to streamline and improve security offerings.
Listener TLS Certificates Management in Azure Portal
Azure Application Gateway now supports TLS certificate management directly within the Azure portal, simplifying the management of .PFX certificates for HTTPS or TLS listeners. This enhancement makes it easier for administrators to handle certificate details, such as expiry and issuer name, improving operational efficiency in secure application delivery.
Microsoft Open Sources Retina: Container Networking Observability
Microsoft has open-sourced Retina, a cloud-native container networking observability platform designed by the Azure Container Networking team. Retina provides comprehensive network insights for cloud-native applications, facilitating non-intrusive troubleshooting and supporting diverse environments. This initiative reflects Azure’s commitment to community-driven innovation and enhanced cloud application management.
Host Network Security Group (NSG) Control in AKS
Azure Kubernetes Service (AKS) now offers enhanced security through Host Network Security Group (NSG) control, allowing for precise traffic management on AKS nodes with public IPs. By specifying allowed host ports in node pool settings, administrators can automatically generate allow rules in the cluster’s NSG, bolstering security for public-facing services.
Public IP Domain Name Label Scope (preview)
Azure introduces a public preview of a new capability for Public IP addresses to prevent DNS subdomain takeover while allowing DNS name re-use. The Domain Name Label Scope parameter ensures that a public IP address retains a consistent, hashed string within a specified scope, enhancing security against malicious attempts to hijack DNS subdomains.
Storage
Azure Blob Storage Cold Tier Expansion
Azure Blob Storage Cold Tier, a cost-efficient solution for storing infrequently accessed data, has expanded its availability to Poland Central, Qatar Central, and all regions in Azure China since its general availability on August 10th, 2023. This expansion provides more geographical options for users seeking long-term data retention with instant access, highlighting Azure’s dedication to global accessibility and data storage optimization.
Azure NetApp Files Support for 1 TiB Capacity Pools
Azure NetApp Files now supports creating capacity pools with a minimum size of 1TiB, offering more flexibility and cost savings for customers with smaller data storage needs. This update allows for incremental pool size adjustments, catering to diverse customer requirements and optimizing storage resource allocation.
Force Detach Zone Redundant Disks During Zone Outage (Private Preview)
Azure introduces a private preview feature allowing the force detachment of zone redundant disks during zone outages. This capability ensures business continuity by enabling disks to be detached from VMs in the impacted zone and reattached to VMs in active zones, leveraging Azure’s robust disaster recovery solutions.
Azure Stack
Azure Stack HCI
Introducing Azure Virtual Desktop workload in Azure Stack HCI Sizer
Earlier in February 2024, Microsoft announced the general availability of Azure Virtual Desktop for Azure Stack HCI, a significant enhancement that extends the capabilities of the Microsoft Cloud to datacenters and edge locations. Following this advancement, Microsoft has now integrated ‘Azure Virtual Desktop’ as a new workload category within the Azure Stack HCI sizer. This integration facilitates organizations in efficiently planning and sizing their Azure Virtual Desktop deployments on Azure Stack HCI. By calculating the number of VMs required, suggesting per VM configuration, and advising on hardware procurement, the Azure Stack HCI Sizer, a comprehensive web-based tool, supports organizations in accurately estimating hardware needs for their deployments. The synergy of Azure Virtual Desktop and Azure Stack HCI empowers organizations to securely operate virtualized desktops and applications on-premises, whether at the edge or in their datacenter. This is especially beneficial for organizations with strict data residency requirements, latency-sensitive workloads, or those needing proximity to their data.
Conclusion
Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.
