This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.
Azure
General
Enable Multifactor Authentication by 15 October 2024
Starting on 15 October 2024, Azure will require all users to utilize multifactor authentication (MFA) when signing into the Azure portal, Microsoft Entra admin center, and Intune admin center. To ensure continued access for users, it is crucial to enable MFA by the specified date. For those unable to implement MFA by 15 October 2024, there is an option to apply for a postponement of the enforcement date. Failure to enable MFA or apply for a postponement will result in users being required to set up MFA when accessing these services. Azure provides documentation to assist in identifying which users are signing in with or without MFA.
Azure Chaos Studio Supports New Network Isolation Fault for Virtual Machines
Azure Chaos Studio has introduced a new agent-based fault action for both Windows and Linux virtual machines (VMs) and virtual machine scale sets (VMSS). The Network Isolation fault allows customers to isolate an Azure VM from network connections by dropping all packets for a specified duration, subject to certain environment limitations. This feature is designed to help test the resilience of applications running inside VMs against network traffic loss. Users can implement this fault in Chaos Experiments through templates, the REST API, or directly in the Azure portal.
Compute
Attach and Detach of VMs on Virtual Machine Scale Sets for a Single Fault Domain (preview)
In a new public preview, Azure now offers support for attaching and detaching Virtual Machines (VMs) to and from Virtual Machine Scale Sets (VMSS) configured with Flexible Orchestration Mode and a fault domain count of 1. Once a VM is attached to the VMSS, it becomes part of the scale set, gaining access to features such as autoscale, Instance Repair, and Automatic OS Upgrades, all without requiring downtime. Conversely, if troubleshooting outside of the scale set is needed, the VM can be easily detached for further investigation. This functionality is designed to streamline the management of VMs within and across scale sets.
Instance Mix on Virtual Machine Scale Sets (preview)
Azure has introduced the public preview of Instance Mix, a feature designed to enhance the flexibility and cost efficiency of Virtual Machine Scale Set (VMSS) deployments. Instance Mix allows users to specify a variety of VM sizes within a single VMSS, enabling better alignment with workload requirements. The feature also includes an allocation strategy that optimizes either price or capacity. Key benefits include the ability to mix different VM sizes to meet diverse task demands, achieve cost savings by utilizing appropriately sized VMs, and simplify management by overseeing a heterogeneous VM set under one scale set. This new capability helps to maximize performance by ensuring the right resources are allocated to each task.
Networking
Dedicated Log Analytics Tables in Application Gateway
Azure Application Gateway has introduced general availability for storing logs in dedicated log analytics tables. This new feature allows customers to opt for resource-specific tables instead of using the existing Azure Diagnostic table. In resource-specific mode, separate tables are created for each selected category in the diagnostic settings within the chosen workspace. This enhancement offers better log querying capabilities, along with reduced ingestion latencies and faster query times, making it easier to analyze and manage logs efficiently.
Storage
Double Encryption at-Rest for Azure NetApp Files
Azure NetApp Files has introduced a double encryption at-rest feature, adding multiple independent encryption layers to protect data from threats that could compromise a single encryption layer. This feature mitigates risks such as the compromise of a single encryption key, errors in encryption algorithm implementations, and misconfigurations in data encryption. Users can opt for double encryption when creating capacity pools, ensuring that all volumes within these pools are automatically protected without additional steps. Customers requiring their own encryption key management can configure customer-managed keys for this purpose. Importantly, this enhanced security does not significantly impact performance, allowing existing applications to benefit from FIPS-140 certified double encryption without sacrificing efficiency.
Azure NetApp Files Now Supports 50 GiB Minimum Volume Sizes
Azure NetApp Files has introduced support for 50 GiB minimum volume sizes, a significant enhancement from the previous 100 GiB minimum. This new capability allows customers to create storage volumes as small as 50 GiB, optimizing costs for workloads that require less storage. By enabling customers to right-size their volumes, this update offers more efficient storage management and cost savings, particularly for those with smaller-scale storage needs.
Azure NetApp Files Storage with Cool Access for All Service Levels
Azure NetApp Files has reached general availability with its cool access feature, offering a cost-effective storage solution across all service levels, including standard, premium, and ultra. The cool access feature allows data that is infrequently accessed to be transparently moved to Azure storage accounts, optimizing storage costs. This feature includes configurable options for the “coolness period”, determining the duration after which cold data is tiered to a cool storage tier, based on your workload’s access patterns. While this may introduce some latency due to data being tiered, it significantly reduces overall storage expenses. Additionally, in scenarios involving cross-region or cross-zone replication, cool access can be configured for destination volumes, ensuring data protection while optimizing costs.
Customer Managed Planned Failover for Azure Storage (preview)
Azure Storage has introduced a public preview of the planned failover feature, empowering users with enhanced disaster recovery capabilities. Planned failover allows for the seamless failover of a storage account while maintaining geo-redundancy, with no data loss and without the need to reconfigure geo-redundant storage (GRS) after the operation. This feature facilitates the swapping of primary and secondary endpoints, ensuring continuous availability of storage service endpoints. Once the failover is completed, all new data writes are directed to the region that was previously the secondary, now designated as the new primary region. This feature is ideal for scenarios like planned disaster recovery testing, proactive disaster preparedness, or recovery from non-storage related outages.
Azure Stack
Azure Stack HCI
Upgrade and Update from Azure Stack HCI Version 22H2 to 23H2 Now Available
Azure has announced the gradual availability of upgrade and update from Azure Stack HCI version 22H2 to 23H2, the latest iteration of its hyper-converged infrastructure solution. This new version integrates seamlessly with Azure Arc infrastructure, enabling streamlined provisioning and management of workloads such as Arc-enabled virtual machines, Azure Kubernetes Services, and Azure Virtual Desktop. With the 23H2 release, Azure Stack HCI transitions from being solely a cloud-connected operating system to becoming a fully Arc-enabled solution. This evolution layers Azure Arc and the Orchestrator (also known as the Lifecycle Manager) atop the base operating system, packaged together following an Infrastructure as Code (IaC) model for improved deployment and management efficiency.
Upgrading from version 22H2 to 23H2 introduces a host of new capabilities and represents a significant advancement in functionality. The upgrade process involves several key steps: first, updating the existing operating system to the new version using preferred methods such as PowerShell (recommended), Windows Admin Center, or other manual approaches; followed by performing necessary post-upgrade tasks, validating the solution’s readiness, and finally applying the complete solution upgrade.
It’s important to distinguish this upgrade from regular updates, which are periodic changes applied to enhance performance, security, or stability within the same version. Organizations are encouraged to perform this upgrade to leverage the enhanced features and integrations offered by Azure Stack HCI, version 23H2.
Conclusion
Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.