Azure IaaS and Azure Stack: announcements and updates (October 2024 – Weeks: 39 and 40)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

General

Microsoft Invests €4.3B to Boost AI Infrastructure and Cloud Capacity in Italy

Microsoft has announced its largest investment in Italy to date, committing €4.3 billion over the next two years to expand its AI and cloud infrastructure in the country. This initiative will significantly boost the capacity of its hyperscale datacenter region in Northern Italy and provide AI and cloud-based digital skills training to over 1 million Italians by 2025. The expansion aims to support Italy’s growing demand for AI-driven solutions, enabling advancements across industries such as manufacturing, healthcare, finance, and public administration. By embracing AI, Italy can address demographic challenges and foster innovation, particularly among small and medium-sized enterprises. The investment will also fortify Italy’s cybersecurity posture and ensure compliance with European data boundary requirements. As part of its AI Access Principles, Microsoft is committed to fostering innovation and competition while ensuring AI technology is accessible for the public good. This infrastructure will serve as a key data hub for the Mediterranean and North Africa, supporting broader international collaboration efforts.

Compute

Azure confidential VMs with NVIDIA Tensor Core GPUs

Azure announces the general availability of Azure confidential VMs featuring NVIDIA H100 Tensor Core GPUs, now ready for production deployment. These VMs, under the NCC H100 v5 SKU, are powered by AMD 4th Gen EPYC™ processors with SEV-SNP technology combined with NVIDIA H100 Tensor Core GPUs. This configuration enables customers to securely migrate GPU-intensive workloads to Azure while maintaining optimal performance and requiring no code modifications. The NCC H100 v5 VMs provide a hardware-based Trusted Execution Environment (TEE), which enhances guest protection by securing VM memory and state from potential hypervisor or host management code access. With this capability, Azure customers can issue attestation requests to ensure that VMs are running on a properly configured TEE before deploying sensitive applications or releasing encryption keys, safeguarding against unauthorized operator access. This release enables organizations to run their most confidential GPU workloads with heightened security on Azure.

Save up to 56% on the Latest Linux VMs in Most Azure Regions for a Limited Time

Microsoft has introduced a promotional offer allowing customers to save up to 56% on the latest Linux virtual machines (VMs) in Azure. This limited-time promotion, valid from October 1, 2024, to March 31, 2025, offers an additional 15% discount on top of the existing one-year Azure Reserved Virtual Machine Instances discount. The offer applies to qualified VM SKUs and regions, making it an excellent opportunity for businesses to reduce costs on Linux-based VMs. By purchasing a one-year Azure Reserved Virtual Machine Instance, organizations can significantly cut down their cloud infrastructure expenses compared to the standard pay-as-you-go model.

New FX series VMs – FXmsv2 and FXmdsv2 (preview)

Azure has introduced the latest members of the FX virtual machine subfamily: the FXmsv2 and FXmdsv2 series. These VMs are powered by the 5th Generation Intel® Xeon® Platinum 8473C (Emerald Rapids) processor, operating in a hyper-threaded configuration that is optimized for both memory and compute-intensive workloads. This processor delivers an all-core turbo clock speed of 3.0 GHz, supported by Intel® Turbo Boost Technology, Intel® Advanced-Vector Extensions 512 (Intel® AVX-512), and Intel® Deep Learning Boost, making it a suitable choice for high-performance computing. The FXmsv2 and FXmdsv2 series are designed for workloads requiring high CPU clock speeds and a significant memory-to-CPU ratio, such as electronic design automation (EDA) workloads. These virtual machines offer up to 96 vCPUs and 1832 GiB of RAM, providing substantial power and flexibility. Additionally, customers have the option to choose between VM configurations with or without local disks, allowing for tailored optimization according to the specific needs of each workload.

Azure NMads MA35D-Series Virtual Machines (preview)

Microsoft has introduced the public preview of the Azure NMads MA35D-Series virtual machines (VM) in the East US region, marking Azure’s first VM SKU equipped with specialized hardware designed for video transcoding workloads. Powered by Xilinx MA35D “Supernova” ASIC video processing units (VPUs), this VM is optimized for both batch and real-time video transcoding tasks. With a combination of 16 vCPUs, 32GB of RAM, and 76GB of temporary storage, it also features advanced codecs such as AV1 for improved video processing efficiency. Compared to general-purpose CPU or GPU solutions, the NMads MA35D-Series offers superior throughput and lower latency, reducing the total cost of ownership (TCO) for customers. This new SKU presents a powerful, cost-effective option for video transcoding workloads, enhancing performance and efficiency for cloud-based video processing.

Azure NVads V710 v5-Series Virtual Machines (preview)

Microsoft has announced the public preview of the Azure NVads V710 v5-series virtual machines (VMs), which are powered by AMD Radeon™ Pro V710 GPUs and AMD EPYC 9V64 (Genoa) CPUs. With base frequencies of 3.95 GHz and maximum frequencies of 4.3 GHz, these VMs leverage AMD Simultaneous Multithreading technology to assign dedicated vCPU threads to each VM. The series offers five configuration options, ranging from 1/6 of a GPU with a 4-GiB frame buffer to a full V710 GPU with a 28GB GDDR6 PCIe card. These VMs do not require additional GPU licensing and support NVMe for ephemeral local storage. This series is optimized for GPU-accelerated graphics applications and cloud-based virtual desktops, providing cost-effective, high-performance options for graphics-enabled workloads. It is also well-suited for interactive cloud-based gaming and small to medium AI/ML inference workloads such as semantic indexing and recommendation systems.

Networking

Azure Virtual Network Monitoring IP Address Management (preview)

The new public preview of Azure Virtual Network Monitoring IP address management enhances Azure’s network management suite by simplifying IP address planning and allocation. This feature offers centralized control over IP addresses, helping organizations manage complex network environments more efficiently. It provides capabilities to automatically assign non-overlapping addresses, reserve IP addresses for specific use cases, and prevent Azure address space from overlapping with on-premises or multi-cloud environments. Users can now monitor IP usage and allocation in real time, ensuring seamless and well-organized network operations. This new feature is critical for maintaining a clear overview of network resources and preventing IP conflicts across different environments.

Azure Retirement in Networking Services

Azure continues to evolve its networking services to align with security standards and enhance overall performance. As part of this ongoing transformation, several key networking features and services are being retired or updated. Customers are encouraged to stay informed of these changes to ensure a smooth transition and avoid service disruptions. Below is a summary of the upcoming retirements and their timelines, along with recommended migration paths and improvements:

  • Starting from January 1, 2025, the creation of new gateways on VpnGw1-5 (Non-AZ SKUs) will no longer be possible. To ensure a smooth transition, Microsoft will be seamlessly migrating all existing gateways on VpnGw1-5 (Non-AZ SKUs) to VpnGw1-5 (AZ SKUs) between April 2025 and October 2026. As part of this process, prices on the AZ SKUs will be reduced to facilitate the migration for customers.
  • Additionally, starting June 30, 2025, new NSG flow logs will no longer be supported. Microsoft recommends migrating to virtual network flow logs in Network Watcher, which provide enhanced capabilities and overcome the limitations of NSG flow logs.
  • As part of Azure’s ongoing security enhancements, from August 31, 2025, all connections to Azure Application Gateway must use Transport Layer Security (TLS) 1.2 or later. TLS 1.0 and 1.1 will no longer be supported, and TLS 1.2 and above offer improved security features, such as perfect forward secrecy and stronger cipher suites.
  • Similarly, connections to Azure Front Door must also adhere to TLS 1.2 or later, with support for TLS 1.0 and 1.1 being discontinued from December 1, 2024. The later versions of TLS improve security with enhanced encryption features.
  • In addition, Azure CDN Standard from Microsoft (classic) will be retired on September 30, 2027. Customers using this service must migrate to Azure Front Door Standard or Premium before this date to avoid service disruptions.
  • Finally, on September 30, 2027, Inbound NAT rule V1 for Azure Virtual Machines and Azure Virtual Machine Scale Sets in Azure Load Balancer will be retired. Users are advised to migrate to Inbound NAT rule V2 by this date to prevent any interruptions to their services.

gRPC and Frontend mTLS Now Available for Application Gateway for Containers

Azure has introduced two important updates for Application Gateway for Containers, enhancing security and communication capabilities. Frontend mutual authentication (mTLS) is now supported, ensuring that only specific clients are authenticated before their requests are forwarded to the backend service. This update brings feature parity for customers using the Application Gateway Ingress Controller and adds an additional layer of security, complementing the already available backend mutual authentication.

Moreover, gRPC support is now available for Application Gateway for Containers. With gRPC, customers can benefit from four advanced communication methods between the client and the Application Gateway: unary, client streaming, server streaming, and bidirectional streaming. These capabilities offer flexible and efficient communication options for modern application architectures.

Storage

Azure File Sync Agent v19 Release Now Available

The Azure File Sync agent v19 is now generally available for download via Microsoft Update and Microsoft Download Center, bringing key improvements and new features. With this release, server provisioning times for Azure File Sync server endpoints have been drastically reduced, providing faster setup for new servers. Additionally, managed identity support (preview) has been introduced, allowing Azure File Sync to authenticate using system-assigned identities from Microsoft Entra ID, eliminating the need for shared keys. The update also delivers significant sync performance improvements, particularly for file share migrations and metadata changes, and introduces support for Windows Server 2025. This release includes other reliability and telemetry enhancements for cloud tiering and sync operations. The agent version for this release is 19.1.0.0, and a restart is required for servers running earlier versions. Full installation instructions can be found in KB5040924.

Azure Stack

Azure Stack HCI

Announcing the Public Preview of Azure Migrate for VMware to HCI migrations (preview)

Microsoft has introduced the public preview of Azure Migrate’s new feature that facilitates the migration of virtual machines (VMs) from VMware environments to Azure Stack HCI. This enhancement extends Azure’s migration capabilities to the edge, aligning with Microsoft’s adaptive cloud strategy. Key advantages include agent-less replication, which allows VM migration without the need to install agents, reducing potential disruptions. The platform also enables workload configuration during migration, allowing users to adjust properties such as CPU and RAM. Additionally, Azure Migrate ensures no workload impact during replication by utilizing technologies like LEDBAT++ and vCenter API interaction, providing a seamless, disruption-free migration experience. Importantly, data remains on-premises throughout the process, ensuring compliance and control. With minimal cutover time, this solution is designed to maintain business continuity while transitioning to Azure Stack HCI.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Please follow and like us: