Azure Management services: what's new in August 2020

Microsoft constantly releases news about Azure management services. Our community publishes this monthly summary to provide an overview of the top news released in the last month. This allows you to stay up-to-date on these topics and have the necessary references to conduct further investigations.

The following diagram shows the different areas related to management, which are covered in this series of articles, in order to stay up to date on these topics and to better deploy and maintain applications and resources.

Figure 1 – Management services in Azure overview

Monitor

Azure Monitor

New version of the agent for Linux systems

A new version of the Log Analytics agent has been released this month for Linux systems. In addition to solving several issues, some new features are introduced, among the main ones we find:

  • Support for Red Hat Enterprise Linux 8
  • Support for Azure Arc for servers
  • FIPS compliance
  • Limiting ingestion to prevent service degradation in the event of extremely high data volume

Azure Monitor for containers: support for viewing Kubernetes environment resources (preview)

With the Kubernetes resource monitor from the Azure portal, you can now use the kubernetes “point and click” to get real-time details of workloads hosted in the AKS environment. The public preview of this feature includes support for different resources (deployments, pods, and replica sets) and supports the following features:

  • Viewing Workloads Running on the Cluster, including the ability to filter resources by namespaces
  • Find the node on which an application is running and its IP address of the pod
  • View pods in set replica, the status of each pod and the images associated with each pod
  • Drill down for individual deployments to view their real-time status and details
  • Perform on-the-fly changes on YAML to validate devtest scenarios

Audit Logs for Azure Monitor queries (preview)

The Azure Monitor team has announced in public preview one of the most requested features: the ability to check Azure Monitor query logs. When enabled, through the Azure diagnostic mechanism, you can collect telemetry data about who ran a query, when it was performed, which tool was used to run it, text and performance statistics related to the performance of the same. This telemetry, like any other Azure Diagnostic-based telemetry, can be sent to an Azure storage blob, Event Hub or Azure Monitor.

New dedicated blade for System Center

System Center now has its own dedicated blade in Log Analytics. To display the new System Center panel, you need to access the Log Analytics workspace and select “System Center” from the left navigation bar, in the group “Workspace Data Sources”. The new System Center blade lets you view and manage SCOM instances connected to your Log Analytics workspace.

New limits for data ingestion in Log Analytics

Azure Monitor is a large-scale service designed to serve thousands of customers who send high volumes of data every month at an increasing rate. As with any multi-tenancy platform, Microsoft has realized that limits must be placed to protect customers from sudden spikes in ingestion that can affect customers who share the environment and resources. Until now, there was only one import volume speed limit for Azure resource data from Diagnostic Settings. Now you've added the limit to other Log Analytics data sources, including: Diagnostic Settings, agents and data collection APIs. The limit is applied to compressed data approximated 6 GB / Min, where this limit may vary depending on the types of data and its compression ratio. This limit for import volume speed in Log Analytics can be increased by opening a support request.

Log Analytics REST APIs: released a new version

The new version (2020-08-01) of the Log Analytics REST API for the resource provider OperationalInsights was released. This version supports new features such as customer-managed keys(CMK), Bring Your Own Storage (BYOS) and consolidates the functionality of all previous versions.

Govern

Azure Policy

Azure Policy Compliance Scan Action for Workflows GitHub (preview)

In preview, the following were released Azure Policy Compliance Scan Action for Workflows GitHub. The new GitHub actions will make it easier to activate compliance analysis than the subscription-based Azure Policy, resource groups or other resources and will automate the next steps in the GitHub workflow based on resource compliance status.

Protect

Azure Backup

Selective disk backup for virtual machines in Azure (preview)

Azure Backup introduced the ability to selectively back up virtual machine disks. This feature primarily introduces the following benefits:

  • Cost Optimization
  • Faster backup and restore operations

Configuring Azure file shares

Azure Backup has simplified the backup configuration experience for Azure file shares, providing the ability to enable backup directly from the file share management panel.

Configuring Azure file shares backup now consists of only the following two steps:

  • Creating or choosing the recovery services vault
  • Create or choose the backup policy

Improvements in virtual machine protection

Azure Backup introduces the following improvements in the protection of VMs:

  • Introduces the ability to restore unmanaged disks of a VM by turning them into managed disks during the restore phase.
  • Supports the backup and restore of Virtual Machine Scale Sets in the orchestration mode described in this document.
  • Allows disk replacement as an option for VMs that have assigned Managed Service Identities (MSI).

Encryption of backups using customer managed keys (preview)

Azure Backup introduces the possibility, when you back up Azure Virtual Machines, to encrypt data using proprietary and managed keys. Azure Backup allows you to use RSA keys stored in Azure Key Vaults to encrypt backups. The data will then be protected using a data encryption key (DEK) AES-based 256, which in turn is protected using keys stored in Key Vaults. This gives you full control over the data protection and keys that are used for encryption.

SAP HANA backup for Red Hat Enterprise Linux VM

Azure Backup has released the ability to protect SAP HANA databases on Red Hat Enterprise Linux virtual machines (RHEL). This feature allows to have in an integrated way and without having to provide a specific backup infrastructure, the protection of SAP HANA databases on RHEL, one of the most commonly used operating systems in these scenarios.

Azure Site Recovery

New Update Rollup

For Azure Site Recovery was released theUpdate Rollup 49 that solves several issues and introduces some improvements. The details and the procedure to follow for the installation can be found in the specific KB.

Migrate

Azure Migrate

Assessment of physical servers and servers in AWS and GCP

Azure Migrate introduces support for assessment of physical servers and systems residing in Amazon Web Services (AWS), Google Cloud Platform (GCP) or at any cloud. Thanks to this evolution in the solution it is possible to evaluate any machine in the cloud or on-premises even when you can not access the hypervisor. The assessment is able to provide the following information:

  • Analyze suitability in Azure environment
  • Planning for migration costs
  • Performance-based scaling
  • Support for application dependency analysis (agent-based)

Evaluation of Azure

To test for free and evaluate the services provided by Azure you can access this page.

Please follow and like us: