Category Archives: Announcements and updates

Azure IaaS and Azure Stack: announcements and updates (November 2024 – Weeks: 45 and 46)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

Networking

Azure Cross-Subscription Load Balancer

Microsoft is pleased to announce the general availability of the Azure cross-subscription Load Balancer. This feature allows components of a load balancer, such as the frontend IP address or backend instances, to be located in different subscriptions. Cross-subscription load balancing offers flexibility in architecture design and is now available in all Azure public regions, as well as in China cloud and Government cloud regions.

Azure Load Balancer Admin State and Health Status

Azure Load Balancer now supports the Administrative State (Admin State) feature, simplifying the management of backend pool instances. Admin State allows users to override health probe behavior for individual instances without changing network security rules or port configurations. This facilitates maintenance by enabling users to mark instances as up or down and control connection behavior without additional complexity.

Additionally, the Health Status feature is now generally available, offering detailed insights into the health of backend instances in Azure Load Balancer pools. This feature provides:

  • User-triggered issue notifications

  • Platform-triggered reason codes

These capabilities enhance monitoring and troubleshooting, ensuring efficient management and improved visibility into backend instance health.

Single Prefix Enhancement to Seamless Gateway Migration

The Gateway migration experience has been enhanced to enable customers to use the Azure Portal or PowerShell scripts to deploy a second Virtual Network Gateway within the same GatewaySubnet. During the migration phase, initiated by the customer, Azure will transfer both the control plane and data path configurations from the existing gateway to the new one. This results in two operational gateways coexisting within the same subnet. After a successful migration, customers can remove the original gateway, leaving the new one in place for continued connectivity. This feature is designed to support seamless migrations with minimal downtime.

Azure Virtual Network Manager User-Defined Route (UDR) Management

Azure Virtual Network Manager now offers the general availability of User-Defined Route (UDR) Management. This feature simplifies the process of managing complex routing behaviors by automating UDR orchestration. Users can establish routing configurations that automatically deploy across virtual networks, eliminating the need for manual UDR creation or custom scripts, thus reducing errors and simplifying large-scale routing. UDR Management enables users to organize routing rules into collections tied to specific network groups, ensuring consistency and reusability across subnets or virtual networks. Custom routing behaviors, such as directing traffic in a hub-and-spoke topology or routing traffic through Azure Firewall, can now be implemented with ease. This automation ensures flexible and seamless routing that adjusts to network changes without manual intervention.

Retirement: Azure CDN Standard/Premium from Edgio (formerly Verizon)

Azure CDN Standard/Premium from Edgio (formerly Verizon) is set to be retired on November 4, 2025. To avoid service interruptions, customers currently utilizing this service need to migrate their workloads to a comparable solution before this date. Additionally, as of January 15, 2025, the creation of new Azure CDN profiles from Edgio will no longer be permitted.

This retirement follows Edgio’s Chapter 11 bankruptcy filing on September 9, 2024, which casts uncertainty over their ability to maintain service continuity until the retirement date. Microsoft continues to monitor the situation closely and will provide updates if any changes affect the retirement timeline.

As a recommended alternative, Microsoft suggests transitioning to Azure Front Door Standard or Premium, which is the flagship CDN product, to ensure a seamless migration and maintain high service reliability.

Static Egress Gateway for Azure Kubernetes Service (AKS)

The Static Egress Gateway for Azure Kubernetes Service (AKS) is now available in public preview. This feature empowers AKS users to configure a fixed source IP for out-of-cluster communications without the overhead of deploying a dedicated node pool with a NAT gateway. By leveraging this capability, organizations can achieve precise control over egress traffic, streamline integration with external systems, and bolster network security without incurring significant additional costs.

Network Isolated Clusters in AKS (preview)

Azure Kubernetes Service (AKS) introduces Network Isolated Clusters, now in public preview. This feature simplifies the process of restricting network access for AKS clusters by enabling built-in isolation without relying solely on Azure Firewall. By reducing the complexity and costs associated with managing firewall configurations, Network Isolated Clusters help organizations safeguard sensitive data and prevent unintentional exposure of public endpoints, thereby minimizing the risk of security breaches.

Storage

Convert to Azure Premium SSD v2 Disks

Microsoft is excited to announce the General Availability of the feature for converting to Premium SSD v2 disks (Pv2). This capability enables users to confidently migrate their workloads to Pv2 disks. The conversion process allows for a seamless transition from existing Standard SSD, Standard HDD, or Premium SSD v1 disks to Pv2 with minimal downtime. Notably, this process avoids disk destruction, eliminates the need for snapshots as a staging resource, and bypasses background data copying, making migrations simpler and more efficient.

Enhancements on Elastic SAN: Resiliency, Security, Scalability, and AVS Integration

Azure Elastic SAN, Microsoft’s latest block storage innovation, has been enhanced with new features that improve resiliency, security, scalability, and integration with Azure VMware Solution (AVS).

Key highlights include:

  • Service Level Agreement (SLA): The availability SLA is now published, providing assurance for mission-critical workloads running on Elastic SAN.

  • CRC Protection: Customers can now enable CRC32C checksum verification to maintain data integrity. If enabled on the client side, connections without CRC32C set for both header and data digests will be rejected, ensuring data protection.

  • Public Preview of Autoscale for Capacity: Elastic SAN now supports autoscaling, a first in cloud block storage solutions. This feature simplifies management by allowing users to set a policy for automatic scaling of storage capacity, saving time and controlling TCO by enabling growth on demand with user-defined increments.

  • Integration with Azure VMware Solution (GA): Azure Elastic SAN is now fully integrated with AVS, offering a managed, VMware-certified SAN that is scalable, easy to manage, and cost-efficient. This provides AVS customers with flexible storage options suitable for a range of workloads, including backup and disaster recovery.

Azure File Sync Support for Managed Identities (preview)

Azure File Sync support for managed identities is now available in public preview. This update allows users to leverage system-assigned managed identities provided by Microsoft Entra ID, thereby eliminating the need for shared keys as an authentication method for Azure file shares. By configuring managed identities, Azure File Sync deployments benefit from enhanced security through streamlined authentication processes in three key scenarios:

  • Authentication of the Storage Sync Service to Azure file shares

  • Authentication of registered servers to Azure file shares

  • Authentication of registered servers to the Storage Sync Service

The public preview is accessible in all Azure Public and Gov regions where Azure File Sync is supported, and there is no additional cost for utilizing managed identities in these configurations.

Azure Stack

Azure Stack HCI

Upgrade Your Azure Stack HCI 22H2 Clusters to 23H2

Azure Stack HCI version 22H2 will reach retirement in May 2025. After this date, clusters operating on this version will no longer receive monthly security and quality updates. To maintain compliance and continue receiving updates, it is essential to upgrade the operating system to version 23H2.

The recommended action for customers is to promptly initiate the upgrade process by following these steps:

  1. Upgrade the operating system of your Azure Stack HCI cluster to version 23H2 to ensure continued receipt of monthly security and quality updates.

  2. Apply the solution upgrade to receive ongoing feature updates.

Taking these steps promptly will help ensure cluster stability and continued support.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Azure IaaS and Azure Stack: announcements and updates (November 2024 – Weeks: 43 and 44)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

General

Microsoft Named a Leader in 2024 Gartner® Magic Quadrant™ for Strategic Cloud Platform Services

Microsoft has once again been recognized by Gartner® as a Leader in the 2024 Gartner® Magic Quadrant™ for Strategic Cloud Platform Services (SCPS), noted for its excellence in Completeness of Vision. Microsoft’s Azure platform stands out for its robust suite of AI and cloud services, supporting organizations in fostering innovation across diverse IT scenarios. Offering both IaaS and PaaS solutions, Azure empowers businesses to seamlessly unify their on-premises, multicloud, and edge environments within the cloud. As AI accelerates transformative capabilities across industries, Azure’s adaptive platform equips businesses with the strategic infrastructure and tools they need to operate efficiently across hybrid, multicloud, and edge environments, and to develop intelligent applications that harness extensive data processing and computing capabilities.

Update on Retirement of TLS 1.0 and TLS 1.1 Versions for Azure Services

In alignment with Microsoft’s November 10, 2023 announcement, Azure continues its phased transition to TLS 1.2 or later, set to complete by August 31, 2025. This move aims to enhance security across all connections to Azure services, although some services will maintain temporary support for TLS 1.0 and TLS 1.1 to minimize disruption for customers. Azure’s TLS 1.0 and TLS 1.1 implementations are not known to be vulnerable; however, the adoption of TLS 1.2 or later introduces stronger security measures, including perfect forward secrecy and more robust cipher suites. Customers who currently rely on TLS 1.0 or 1.1 should prepare to update their workloads to TLS 1.2 or later to ensure seamless service continuity on Azure.

FinOps Toolkit 0.6

The latest release of the FinOps toolkit, version 0.6, was made available, bringing multiple enhancements for optimized financial operations on Azure. Key updates include a new FinOps best practices library and Power BI reports designed to enhance governance and workload optimization. Users can now leverage customizable promoted tags within Power BI, alongside improved ingestion capabilities for prices, reservation details, recommendations, and transactions within FinOps hubs. Performance and scalability of Power BI reports have also been optimized. Additionally, the toolkit introduces a consolidated FinOps workbooks template, updates to the Azure Optimization Engine for security and troubleshooting, and FOCUS 1.1 ServiceSubcategory mapping in the Services open data file. Minor improvements and bug fixes are also included across the toolkit, further refining the user experience.

Storage

Edit Network Features for Azure NetApp Files with No Downtime (Public Preview)

The latest public preview introduces the ability to edit network features for Azure NetApp Files volumes without downtime, providing greater flexibility and enhanced networking for users. With Standard Network Features now available in select regions (Australia East, Central India, North Central US, and Switzerland North), users can seamlessly upgrade from Basic to Standard network features, maintaining service continuity. Standard Network Features introduce several improvements, including increased IP limits in VNets with Azure NetApp Files, meeting enterprise security needs with Network Security Groups (NSGs) on delegated subnets, and improved network control through User-defined routes. The feature also supports enhanced connectivity via Active/Active VPN gateway setups and enables high-performance ExpressRoute FastPath connectivity, ensuring low latency and high-bandwidth connectivity between on-premises networks and Azure.

Live Resize for Azure Premium SSD v2 and Ultra Disks

Azure has announced the General Availability of Live Resize for Premium SSD v2 and Ultra Disks, a capability that enables users to dynamically increase storage capacity without application disruption. This feature allows organizations to start with smaller disks and expand their storage as needed, supporting cost management while providing flexibility. With this new feature, Azure customers can adjust resources efficiently without experiencing any downtime.

Expansion of Azure Premium SSD v2 Disk Storage to New Regions

Azure Premium SSD v2 Disk Storage is now accessible in additional regions, including Germany West Central, Israel Central, Italy North, Spain Central, and Mexico Central. This advanced storage solution offers a blend of price performance and ultra-low disk latency, ideal for I/O-intensive workloads like SQL Server, Oracle, SAP, and other enterprise applications. Azure Premium SSD v2’s expansion provides more organizations across the globe with access to reliable, high-performance storage for critical workloads, meeting the needs of industries ranging from big data analytics to gaming and containerized applications.

Azure Stack

Azure Stack HCI

Microsoft Recognized as a Leader in 2024 Gartner® Magic Quadrant™ for Distributed Hybrid Infrastructure

Microsoft has once again been named a Leader in the 2024 Gartner® Magic Quadrant™ for Distributed Hybrid Infrastructure (DHI), marking its second consecutive year in this position. Microsoft earned top placement for both Completeness of Vision and Ability to Execute. Azure’s adaptive cloud approach and comprehensive infrastructure, spanning cloud and edge, address a wide array of customer requirements that drive digital transformation across industries. Examples such as Coles and Emirates Global Aluminum (EGA) underscore the impact of Azure in various sectors. Coles leverages GPU-enabled Azure Stack HCI and Azure Kubernetes Service (AKS) through Azure Arc for AI-driven video inferencing in-store, enhancing customer experience. EGA’s smart crane operations rely on low-latency, local AI models, optimized for real-time adjustments essential to aluminum casting. These examples highlight Azure’s versatile infrastructure, meeting the performance needs of both retail and manufacturing through advanced AI and machine learning capabilities.

Figure 1 – Magic Quadrant for Distributed Hybrid Infrastructure

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Azure IaaS and Azure Stack: announcements and updates (October 2024 – Weeks: 41 and 42)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

General

ItalyNorth – New Services Available

Microsoft has expanded the portfolio of services in the Italy North Azure Region, making it an even more robust destination for organizations seeking to leverage cloud technology for migration, modernization, and real-time analytics. Below are the key new services now available in the Italy North Azure Region.

  • Azure VMware Solution (AV64) – The Azure VMware Solution (AV64) is now available in Italy North, allowing businesses to seamlessly migrate their existing VMware-based workloads to Azure. It provides a fully managed VMware environment in the cloud, designed to deliver scalability, security, and operational consistency without requiring businesses to rearchitect their applications. This solution empowers organizations to modernize their infrastructure while preserving the familiar VMware ecosystem.

  • Oracle Database@Azure – Oracle Database@Azure is now available in the ItalyNorth Azure Region. This service operates on Oracle Cloud Infrastructure (OCI) within Microsoft’s data centers, offering high-performance connectivity between Oracle Database and Azure resources. By colocating the services, customers benefit from reduced latency and faster access to their Azure applications. This collaboration enables organizations to take advantage of both Oracle’s and Microsoft’s leading cloud services, ensuring a seamless and efficient cloud experience.

  • Apache Kafka® and Apache Flink® on Confluent Cloud™ – Azure Native ISV Services now includes Apache Kafka® and Apache Flink® on Confluent Cloud™ in Italy North. These services provide powerful, scalable solutions for real-time event streaming and data processing pipelines. The native integration with Azure simplifies the architecture, enabling businesses to build real-time analytics solutions that are secure, scalable, and operationally efficient. This strengthens Italy North’s capabilities in supporting data-driven decisions and analytics.

  • Azure Data Box – Azure Data Box is now available in the ItalyNorth Azure Region, offering businesses a secure and efficient solution to transfer large volumes of data to Azure. Ideal for companies facing bandwidth limitations or performing one-time large-scale data migrations, Azure Data Box simplifies the data transfer process while minimizing downtime. With its availability in ItalyNorth, businesses now have more options for managing their data migration efforts securely and effectively.

These additions mark a significant enhancement to the Italy North Azure Region, empowering organizations to innovate, migrate, and scale their cloud operations with greater efficiency.

Compute

Azure Cobalt 100 Arm-based Virtual Machines

Microsoft has announced the general availability of the new Cobalt 100 Arm-based virtual machines (VMs). These VMs include the general-purpose Dpsv6-series and Dplsv6-series, as well as the memory-optimized Epsv6-series. The Cobalt 100 VMs deliver up to 50% better price-performance compared to the previous generation of Arm-based VMs, making them ideal for scale-out and cloud-native Linux-based workloads. These workloads include data analytics, web and application servers, open-source databases, and in-memory caches. Additionally, these VMs provide significant performance improvements: up to 1.4x better CPU performance, 1.5x improved performance on Java-based workloads, and up to 2x higher performance for web servers, .NET applications, and cache applications. They also feature 4x the local storage IOPS with NVMe and up to 1.5x better network bandwidth compared to earlier models.

ED25519 SSH Key Support for Linux VMs

Azure now supports ED25519 SSH keys for Linux VMs, offering a more secure and compact alternative to the traditional RSA keys. Previously, only RSA keys were available for secure SSH connections to Linux VMs on Azure. With this update, customers can now choose between RSA and ED25519 keys, allowing for more flexible and secure authentication options. The Azure Portal simplifies key management by enabling the creation of ED25519 keys directly. Additionally, Azure CLI and PowerShell support this key type, giving customers more ways to integrate ED25519 keys into their workflows. While RSA remains the default, the introduction of ED25519 enhances security and deployment efficiency for Linux VMs on Azure.

Networking

ExpressRoute Metro

ExpressRoute Metro is now generally available, offering a new private connectivity architecture designed to enhance network resiliency for Azure customers. ExpressRoute Metro provides dual-homed connections to two separate edge sites within the same city, ensuring improved redundancy and reliability. This feature is particularly valuable for maintaining uninterrupted service in the event of site-wide disruptions, ensuring business continuity for critical operations. Currently available in Amsterdam, Singapore, and Zurich, with upcoming launches in cities such as Atlanta, Milan, and Madrid, ExpressRoute Metro simplifies the setup process through a guided Azure portal, making configuration straightforward and user-friendly.

Custom IPv4 Prefixes (BYOIP) Can Be Used in Global/Regional Configuration

Microsoft has announced the availability of custom IPv4 prefixes using the bring-your-own-IP (BYOIP) feature in both global and regional configurations. This capability, now available in all public and US government regions, allows customers to bring public IPv4 ranges as small as /24 for global use across Azure. These ranges can be divided into regional subnets as small as /26, enabling users to associate smaller portions of the range with specific regions for redundancy and load balancing. This feature provides flexibility in IP address management, allowing for more efficient use of resources across multiple Azure regions while maintaining global availability.

Private Endpoint Support Without NVA Source Network Address Translation

Azure now offers private endpoint support without requiring source network address translation (SNAT) for traffic passing through a network virtual appliance (NVA). By configuring a specific tag on the NVA virtual machines, users can opt into this feature, which eliminates the need for SNAT for traffic destined for private endpoints. This enhancement simplifies the configuration process and ensures symmetric routing without affecting nonprivate endpoint traffic. Additionally, this feature supports internal compliance standards by maintaining traffic source information in logs. It is recommended to enable this feature during a maintenance window, as it may cause a one-time reset of long-running private endpoint connections traversing the NVA.

ExpressRoute Guided Configuration Experience

Microsoft has announced the general availability of the ExpressRoute guided configuration experience, designed to simplify the process of setting up multi-site resiliency circuits and connections. The guided experience focuses on making resiliency a key aspect of configuring ExpressRoute circuits and virtual network gateway connections. Customers can choose from three resiliency options: maximum, high, and standard. Maximum resiliency offers redundancy across and within peering locations, high resiliency provides redundancy across peering locations but not within, and standard resiliency focuses on redundancy within a single peering location. The experience also provides insights, such as the distance between peering locations and traffic engineering recommendations, to assist in informed decision-making. This guided configuration is available via the Azure portal, PowerShell scripts, and ARM templates, enhancing flexibility and ease of use for users when configuring ExpressRoute circuits.

Storage

Storage Account Default Egress Limit Increase to 200 Gbps

Microsoft has increased the default maximum egress limit for general-purpose v2 and Blob storage accounts from 120 Gbps to 200 Gbps across various regions. This increase applies to both new and existing storage accounts, allowing for greater data transfer capacity, especially for high-volume workloads. The enhanced limit ensures improved performance and scalability for customers relying on Azure storage services for data-intensive operations.

Azure Elastic SAN for Azure VMware Solution

Azure Elastic SAN for Azure VMware Solution (AVS) is now generally available. Azure Elastic SAN provides a fully managed, VMware Certified storage area network (SAN) for AVS customers, offering massive scalability, simplified management, and built-in redundancy at a low total cost of ownership (TCO). With Azure Elastic SAN, customers can scale their storage independently of performance requirements, enabling cost-effective expansion for use cases like backups and disaster recovery. Priced at $0.06-0.08 per GiB per month, this storage solution offers an economical yet robust option for AVS environments while delivering sufficient performance for a wide range of workloads.

Azure Stack

Azure Stack HCI

New Features for Azure Virtual Desktop on Azure Stack HCI

Azure Virtual Desktop on Azure Stack HCI has introduced a series of powerful features aimed at improving scalability, cost management, flexibility, and monitoring for IT administrators. These new capabilities are now generally available and offer a seamless experience through the Azure Virtual Desktop management interface. Below is an overview of the key updates and their benefits.

  • Autoscale for Host Pools – The new Autoscale feature allows organizations to automatically scale session hosts up or down based on a predefined schedule, optimizing deployment costs. This feature, which was previously available for Azure Virtual Machines, can now be applied to Azure Stack HCI, enabling better resource management and cost savings.

  • Start VM on Connect – This feature reduces operational costs by powering on session host VMs only when they are needed for active user connections and shutting them down when not in use. It allows organizations to maintain high efficiency by running virtual desktops only when required, thereby minimizing resource consumption.

  • Windows 11 and Windows 10 Enterprise Single-Session Images from Azure Marketplace – IT administrators now have the ability to download and deploy Windows 11 and Windows 10 Enterprise single-session images from Azure Marketplace directly to their Azure Stack HCI clusters. This flexibility enables better customization of the virtual desktop environment to fit specific user requirements and workloads.

  • Azure Virtual Desktop Insights Support – Azure Virtual Desktop Insights provides a centralized monitoring solution that allows IT admins to detect, diagnose, and resolve issues within their Azure Virtual Desktop environments. Now available for Azure Stack HCI, this tool enhances operational oversight by offering detailed performance metrics and troubleshooting capabilities.

  • Per-User Access Pricing for Azure Virtual Desktop on Azure Stack HCI – Azure Virtual Desktop now supports a per-user access pricing model for Azure Stack HCI, enabling organizations and independent software vendors (ISVs) to provide external users with access to their virtual desktop solutions. This pricing flexibility allows businesses to offer cost-effective virtual desktop services tailored to their users’ needs.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Azure IaaS and Azure Stack: announcements and updates (October 2024 – Weeks: 39 and 40)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

General

Microsoft Invests €4.3B to Boost AI Infrastructure and Cloud Capacity in Italy

Microsoft has announced its largest investment in Italy to date, committing €4.3 billion over the next two years to expand its AI and cloud infrastructure in the country. This initiative will significantly boost the capacity of its hyperscale datacenter region in Northern Italy and provide AI and cloud-based digital skills training to over 1 million Italians by 2025. The expansion aims to support Italy’s growing demand for AI-driven solutions, enabling advancements across industries such as manufacturing, healthcare, finance, and public administration. By embracing AI, Italy can address demographic challenges and foster innovation, particularly among small and medium-sized enterprises. The investment will also fortify Italy’s cybersecurity posture and ensure compliance with European data boundary requirements. As part of its AI Access Principles, Microsoft is committed to fostering innovation and competition while ensuring AI technology is accessible for the public good. This infrastructure will serve as a key data hub for the Mediterranean and North Africa, supporting broader international collaboration efforts.

Compute

Azure confidential VMs with NVIDIA Tensor Core GPUs

Azure announces the general availability of Azure confidential VMs featuring NVIDIA H100 Tensor Core GPUs, now ready for production deployment. These VMs, under the NCC H100 v5 SKU, are powered by AMD 4th Gen EPYC™ processors with SEV-SNP technology combined with NVIDIA H100 Tensor Core GPUs. This configuration enables customers to securely migrate GPU-intensive workloads to Azure while maintaining optimal performance and requiring no code modifications. The NCC H100 v5 VMs provide a hardware-based Trusted Execution Environment (TEE), which enhances guest protection by securing VM memory and state from potential hypervisor or host management code access. With this capability, Azure customers can issue attestation requests to ensure that VMs are running on a properly configured TEE before deploying sensitive applications or releasing encryption keys, safeguarding against unauthorized operator access. This release enables organizations to run their most confidential GPU workloads with heightened security on Azure.

Save up to 56% on the Latest Linux VMs in Most Azure Regions for a Limited Time

Microsoft has introduced a promotional offer allowing customers to save up to 56% on the latest Linux virtual machines (VMs) in Azure. This limited-time promotion, valid from October 1, 2024, to March 31, 2025, offers an additional 15% discount on top of the existing one-year Azure Reserved Virtual Machine Instances discount. The offer applies to qualified VM SKUs and regions, making it an excellent opportunity for businesses to reduce costs on Linux-based VMs. By purchasing a one-year Azure Reserved Virtual Machine Instance, organizations can significantly cut down their cloud infrastructure expenses compared to the standard pay-as-you-go model.

New FX series VMs – FXmsv2 and FXmdsv2 (preview)

Azure has introduced the latest members of the FX virtual machine subfamily: the FXmsv2 and FXmdsv2 series. These VMs are powered by the 5th Generation Intel® Xeon® Platinum 8473C (Emerald Rapids) processor, operating in a hyper-threaded configuration that is optimized for both memory and compute-intensive workloads. This processor delivers an all-core turbo clock speed of 3.0 GHz, supported by Intel® Turbo Boost Technology, Intel® Advanced-Vector Extensions 512 (Intel® AVX-512), and Intel® Deep Learning Boost, making it a suitable choice for high-performance computing. The FXmsv2 and FXmdsv2 series are designed for workloads requiring high CPU clock speeds and a significant memory-to-CPU ratio, such as electronic design automation (EDA) workloads. These virtual machines offer up to 96 vCPUs and 1832 GiB of RAM, providing substantial power and flexibility. Additionally, customers have the option to choose between VM configurations with or without local disks, allowing for tailored optimization according to the specific needs of each workload.

Azure NMads MA35D-Series Virtual Machines (preview)

Microsoft has introduced the public preview of the Azure NMads MA35D-Series virtual machines (VM) in the East US region, marking Azure’s first VM SKU equipped with specialized hardware designed for video transcoding workloads. Powered by Xilinx MA35D “Supernova” ASIC video processing units (VPUs), this VM is optimized for both batch and real-time video transcoding tasks. With a combination of 16 vCPUs, 32GB of RAM, and 76GB of temporary storage, it also features advanced codecs such as AV1 for improved video processing efficiency. Compared to general-purpose CPU or GPU solutions, the NMads MA35D-Series offers superior throughput and lower latency, reducing the total cost of ownership (TCO) for customers. This new SKU presents a powerful, cost-effective option for video transcoding workloads, enhancing performance and efficiency for cloud-based video processing.

Azure NVads V710 v5-Series Virtual Machines (preview)

Microsoft has announced the public preview of the Azure NVads V710 v5-series virtual machines (VMs), which are powered by AMD Radeon™ Pro V710 GPUs and AMD EPYC 9V64 (Genoa) CPUs. With base frequencies of 3.95 GHz and maximum frequencies of 4.3 GHz, these VMs leverage AMD Simultaneous Multithreading technology to assign dedicated vCPU threads to each VM. The series offers five configuration options, ranging from 1/6 of a GPU with a 4-GiB frame buffer to a full V710 GPU with a 28GB GDDR6 PCIe card. These VMs do not require additional GPU licensing and support NVMe for ephemeral local storage. This series is optimized for GPU-accelerated graphics applications and cloud-based virtual desktops, providing cost-effective, high-performance options for graphics-enabled workloads. It is also well-suited for interactive cloud-based gaming and small to medium AI/ML inference workloads such as semantic indexing and recommendation systems.

Networking

Azure Virtual Network Monitoring IP Address Management (preview)

The new public preview of Azure Virtual Network Monitoring IP address management enhances Azure’s network management suite by simplifying IP address planning and allocation. This feature offers centralized control over IP addresses, helping organizations manage complex network environments more efficiently. It provides capabilities to automatically assign non-overlapping addresses, reserve IP addresses for specific use cases, and prevent Azure address space from overlapping with on-premises or multi-cloud environments. Users can now monitor IP usage and allocation in real time, ensuring seamless and well-organized network operations. This new feature is critical for maintaining a clear overview of network resources and preventing IP conflicts across different environments.

Azure Retirement in Networking Services

Azure continues to evolve its networking services to align with security standards and enhance overall performance. As part of this ongoing transformation, several key networking features and services are being retired or updated. Customers are encouraged to stay informed of these changes to ensure a smooth transition and avoid service disruptions. Below is a summary of the upcoming retirements and their timelines, along with recommended migration paths and improvements:

  • Starting from January 1, 2025, the creation of new gateways on VpnGw1-5 (Non-AZ SKUs) will no longer be possible. To ensure a smooth transition, Microsoft will be seamlessly migrating all existing gateways on VpnGw1-5 (Non-AZ SKUs) to VpnGw1-5 (AZ SKUs) between April 2025 and October 2026. As part of this process, prices on the AZ SKUs will be reduced to facilitate the migration for customers.
  • Additionally, starting June 30, 2025, new NSG flow logs will no longer be supported. Microsoft recommends migrating to virtual network flow logs in Network Watcher, which provide enhanced capabilities and overcome the limitations of NSG flow logs.
  • As part of Azure’s ongoing security enhancements, from August 31, 2025, all connections to Azure Application Gateway must use Transport Layer Security (TLS) 1.2 or later. TLS 1.0 and 1.1 will no longer be supported, and TLS 1.2 and above offer improved security features, such as perfect forward secrecy and stronger cipher suites.
  • Similarly, connections to Azure Front Door must also adhere to TLS 1.2 or later, with support for TLS 1.0 and 1.1 being discontinued from December 1, 2024. The later versions of TLS improve security with enhanced encryption features.
  • In addition, Azure CDN Standard from Microsoft (classic) will be retired on September 30, 2027. Customers using this service must migrate to Azure Front Door Standard or Premium before this date to avoid service disruptions.
  • Finally, on September 30, 2027, Inbound NAT rule V1 for Azure Virtual Machines and Azure Virtual Machine Scale Sets in Azure Load Balancer will be retired. Users are advised to migrate to Inbound NAT rule V2 by this date to prevent any interruptions to their services.

gRPC and Frontend mTLS Now Available for Application Gateway for Containers

Azure has introduced two important updates for Application Gateway for Containers, enhancing security and communication capabilities. Frontend mutual authentication (mTLS) is now supported, ensuring that only specific clients are authenticated before their requests are forwarded to the backend service. This update brings feature parity for customers using the Application Gateway Ingress Controller and adds an additional layer of security, complementing the already available backend mutual authentication.

Moreover, gRPC support is now available for Application Gateway for Containers. With gRPC, customers can benefit from four advanced communication methods between the client and the Application Gateway: unary, client streaming, server streaming, and bidirectional streaming. These capabilities offer flexible and efficient communication options for modern application architectures.

Storage

Azure File Sync Agent v19 Release Now Available

The Azure File Sync agent v19 is now generally available for download via Microsoft Update and Microsoft Download Center, bringing key improvements and new features. With this release, server provisioning times for Azure File Sync server endpoints have been drastically reduced, providing faster setup for new servers. Additionally, managed identity support (preview) has been introduced, allowing Azure File Sync to authenticate using system-assigned identities from Microsoft Entra ID, eliminating the need for shared keys. The update also delivers significant sync performance improvements, particularly for file share migrations and metadata changes, and introduces support for Windows Server 2025. This release includes other reliability and telemetry enhancements for cloud tiering and sync operations. The agent version for this release is 19.1.0.0, and a restart is required for servers running earlier versions. Full installation instructions can be found in KB5040924.

Azure Stack

Azure Stack HCI

Announcing the Public Preview of Azure Migrate for VMware to HCI migrations (preview)

Microsoft has introduced the public preview of Azure Migrate’s new feature that facilitates the migration of virtual machines (VMs) from VMware environments to Azure Stack HCI. This enhancement extends Azure’s migration capabilities to the edge, aligning with Microsoft’s adaptive cloud strategy. Key advantages include agent-less replication, which allows VM migration without the need to install agents, reducing potential disruptions. The platform also enables workload configuration during migration, allowing users to adjust properties such as CPU and RAM. Additionally, Azure Migrate ensures no workload impact during replication by utilizing technologies like LEDBAT++ and vCenter API interaction, providing a seamless, disruption-free migration experience. Importantly, data remains on-premises throughout the process, ensuring compliance and control. With minimal cutover time, this solution is designed to maintain business continuity while transitioning to Azure Stack HCI.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Azure IaaS and Azure Stack: announcements and updates (September 2024 – Weeks: 37 and 38)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

General

ItalyNorth – New Service Available: Azure Web PubSub

Azure Web PubSub is now available in the ItalyNorth Azure region. This service allows developers to easily build real-time messaging applications with support for WebSockets and other protocols, enabling low-latency communication between servers and clients. With this release, businesses in Italy can leverage Azure Web PubSub to enhance their user engagement and interactivity in real-time applications like live dashboards, chat rooms, and gaming leaderboards.

ItalyNorth – New Service Available: Azure SignalR

Azure SignalR has been introduced in the ItalyNorth Azure region. This service simplifies the process of adding real-time web functionality to applications, such as live chat and notifications, by handling the complexities of managing WebSocket connections at scale. With this addition, developers in Italy can now build highly responsive, real-time web applications without worrying about infrastructure management, directly benefiting from the cloud’s scalability.

ItalyNorth – New Service Available: Apache Kafka® & Apache Flink® on Confluent Cloud™ – An Azure Native ISV Service

Apache Kafka® and Apache Flink® are now available on Confluent Cloud™ in the ItalyNorth Azure region as an Azure-native ISV service. This offering enables customers to build real-time data pipelines and event-driven applications with Kafka, while leveraging Flink for real-time data processing and analytics. By hosting this service in the ItalyNorth region, businesses can reduce latency and improve the performance of their data integration and streaming solutions.

Networking

DNAT on Azure Firewall Private IP address (preview)

Destination Network Address Translation (DNAT) on Azure Firewall Private IP address is now in Public Preview. This feature is ideal for enterprises dealing with overlapping IP networks, especially when integrating new partners or during mergers. It facilitates seamless communication by enabling connections between private resources over non-routable IP addresses. Additionally, DNAT proves beneficial for hybrid environments, as it helps bridge on-premises datacenters to Azure, improving connectivity and operational continuity for enterprises in complex networking scenarios.

Advanced Container Networking Services for AKS (preview)

The Public Preview of Advanced Container Networking Services introduces enhanced security and observability for Azure Kubernetes Service (AKS). Key features include FQDN filtering, which allows network policies to be defined based on domain names rather than IP addresses. This simplifies policy management while ensuring precise control over domain-specific access, reducing security risks. Additionally, a High Availability (HA) DNS proxy ensures uninterrupted DNS resolution, improving the reliability and availability of containerized applications. These features are designed to enhance security, minimize administrative overhead, and ensure consistent policy enforcement.

Storage

Force Detach Zone Redundant Data Disks During Zone Outage

Azure has introduced the ability to force detach zone-redundant storage (ZRS) data disks during a zone outage, now generally available. This feature allows users to detach ZRS data disks from a virtual machine or virtual machine scale set affected by a zone failure and reattach them to another VM, reducing the recovery time objective (RTO). This capability improves the resilience of Azure managed disks, ensuring businesses can quickly recover and continue operations. It is important to note that this feature is not available for ZRS OS disks, but it supports both Premium SSDs and Standard SSDs.

Azure Data Box 80 TB in Azure China

Azure Data Box 80 TB SKU is now generally available in Azure China. Azure Data Box is an offline data transfer solution, designed to transfer large amounts of data to and from Azure Storage securely and efficiently. The service allows users to import or export petabytes of data using a dedicated Azure Data Box device. With the general availability in China, customers can now benefit from quick, inexpensive, and reliable data migration between Azure China regions, enhancing data handling capabilities in compliance with regional standards.

Azure NetApp Files Reserved Capacity

Azure NetApp Files Reserved Capacity is now available, providing significant savings for predictable workloads. Customers can commit to one-year or three-year reserved capacity terms and save up to 34% on Azure NetApp Files usage. Reserved capacity is offered in increments of 100TiB or 1PiB, covering Standard, Premium, and Ultra service levels. This option is beneficial for customers with stable, long-term workloads who wish to optimize costs while improving financial predictability. The reserved capacity is applied to existing capacity pools, and any additional usage will continue to be billed at the standard pay-as-you-go rate.

Access-Based Enumeration and Non-Browsable Shares for Azure NetApp Files

Access-Based Enumeration (ABE) and Non-Browsable Shares for Azure NetApp Files are now generally available. ABE ensures that users only see files and folders in directory listings that they have permission to access, providing an additional layer of security in shared environments. This capability hides inaccessible items from users, protecting sensitive data. Additionally, Azure NetApp Files now supports non-browsable shares, preventing specific volumes from appearing in the Windows File Explorer, further enhancing security for sensitive content. Both features enhance data protection and access control, making Azure NetApp Files a more secure and flexible storage solution for enterprises.

Live Resize for Azure Premium SSD v2 and Ultra Disks (preview)

The Public Preview of Live Resize for Premium SSD v2 and Ultra Disks is now available. This new feature allows users to dynamically increase the storage capacity of their disks without disrupting their running applications. It is designed to reduce costs by enabling users to start with smaller disks and scale up as needed, ensuring no downtime during the resizing process. This feature is particularly useful for businesses that require flexible storage solutions without compromising on operational efficiency.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Azure IaaS and Azure Stack: announcements and updates (September 2024 – Weeks: 35 and 36)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

General

Microsoft Fabric is available on Italy North Azure Region

Microsoft has expanded the availability of Microsoft Fabric by launching it in the ItalyNorth Azure Region. This strategic move allows organizations in Italy to leverage the advanced capabilities of Microsoft Fabric, enhancing their data integration, transformation, and analysis efforts. By being hosted locally, businesses can also benefit from reduced latency and improved compliance with regional data residency requirements. This expansion underscores Microsoft’s commitment to providing localized services that meet the needs of diverse global markets.

Compute

VMSS Automatic Instance Repairs – Reimage, Restart Repair Actions

Virtual Machine Scale Sets (VMSS) now offer more flexible automatic instance repair options, allowing users to choose between Replace, Reimage, or Restart as default actions when an “Unhealthy” signal is detected. The introduction of Reimage and Restart provides less disruptive repair processes, which maintain VM properties and metadata, making it ideal for customers with sensitive workloads. This new functionality is designed to enhance application availability while minimizing the impact on VM instances during repairs.

Networking

Azure Public IPs are Zone Redundant by Default

Azure Public IPs are now zone redundant by default, improving the resiliency of applications using these public IPs. Unless a single zone is specifically chosen when creating Standard Public IPs, they will be automatically created across all three zones of a region. This ensures that the IP can survive any single zone failure, providing greater stability for hosted applications. Notably, this enhancement comes at no additional cost. Currently, the functionality is available in limited regions, with plans to expand further.

Azure Bastion: Entra ID Support for SSH Connections in Portal

Azure Bastion has introduced support for Microsoft Entra ID authentication for SSH connections within the Azure portal. This new integration offers two major benefits to users. First, it eliminates the reliance on local authentication mechanisms, reducing the risk of security breaches. Second, the Entra ID authentication simplifies the user experience by enabling a seamless one-click sign-on to virtual machines, enhancing both security and convenience for administrators managing their environments.

Storage

Azure File Sync v19 Agent Now Available

The Azure File Sync v19 agent is now available and can be downloaded via the Microsoft Update Catalog. This version brings several key improvements, including faster server provisioning and enhanced disaster recovery options for Azure File Sync server endpoints. Previously, provisioning a new server endpoint could take hours or even days, but with the latest update, the process is significantly faster. Additionally, there are sync performance improvements, specifically for file share migrations and scenarios where only metadata, such as ACLs, is updated. The new release also adds support for Windows Server 2025 and includes various reliability and telemetry enhancements for cloud tiering and sync. A restart is required for servers running versions earlier than 18.2, and the latest agent version is 19.1.0.0.

Managed Identity Support for Azure File Sync (preview)

Azure File Sync now supports managed identities, which enhances the security and ease of use for this service. By leveraging Microsoft Entra ID’s system-assigned managed identity, users no longer need to rely on shared keys for authentication. This feature, currently in preview, offers a more streamlined and secure method of managing Azure File Sync service and server authentication. Managed identities simplify the process and improve the overall security posture by automating identity management for Azure resources.

New Azure Data Box Capabilities to Accelerate Your Offline Data Migration

Azure Data Box, the offline data transfer solution, has introduced several new capabilities to enhance the efficiency and security of data migration to Azure Storage. This service allows users to transfer petabytes of data quickly, cost-effectively, and reliably using secure hardware devices. The new features include the general availability of self-encrypted drives in the Azure Data Box Disk SKU, which facilitates fast data transfers on Linux systems. Additionally, users can now ingest data into multiple blob access tiers within a single order. A preview of cross-region data transfers has been introduced, allowing seamless data ingestion from a source country or region to select Azure destinations in different countries or regions. Furthermore, Azure Storage Mover now supports online catch-up data copying, enabling the synchronization of changes made by active workloads post offline migrations. Azure Data Box has also achieved HIPAA/BAA, PCI 3DS, and PCI DSS certifications, ensuring compliance with industry standards. These enhancements make Azure Data Box an even more robust solution for secure and efficient offline data migrations.

Azure Storage Mover with Bandwidth Management

Azure Storage Mover now supports bandwidth management scheduling, providing users with the ability to set bandwidth limits for Storage Mover agents. This feature optimizes file migration processes by preventing agents from consuming excessive WAN link upload bandwidth during peak times. By allowing users to schedule bandwidth usage, Azure Storage Mover helps maintain smooth network performance, especially in on-premises data center environments.

Azure Stack

Azure Stack HCI

Azure Stack HCI Supportability Forum

Microsoft has introduced the Azure Stack HCI Supportability Forum, a public repository designed to centralize troubleshooting guides (TSGs), known issues, and user feedback for Azure Stack HCI. This repository provides a hub for community-driven support content and is referenced by both Customer Support Services and the Azure Stack HCI engineering team when addressing support incidents. Users can also access this repository to discover solutions to active system issues on their own. This initiative is part of Microsoft’s ongoing commitment to enhancing the support experience for Azure Stack HCI users by making critical information easily accessible and user-driven.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Azure IaaS and Azure Stack: announcements and updates (August 2024 – Weeks: 33 and 34)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

General

Enable Multifactor Authentication by 15 October 2024

Starting on 15 October 2024, Azure will require all users to utilize multifactor authentication (MFA) when signing into the Azure portal, Microsoft Entra admin center, and Intune admin center. To ensure continued access for users, it is crucial to enable MFA by the specified date. For those unable to implement MFA by 15 October 2024, there is an option to apply for a postponement of the enforcement date. Failure to enable MFA or apply for a postponement will result in users being required to set up MFA when accessing these services. Azure provides documentation to assist in identifying which users are signing in with or without MFA.

Azure Chaos Studio Supports New Network Isolation Fault for Virtual Machines

Azure Chaos Studio has introduced a new agent-based fault action for both Windows and Linux virtual machines (VMs) and virtual machine scale sets (VMSS). The Network Isolation fault allows customers to isolate an Azure VM from network connections by dropping all packets for a specified duration, subject to certain environment limitations. This feature is designed to help test the resilience of applications running inside VMs against network traffic loss. Users can implement this fault in Chaos Experiments through templates, the REST API, or directly in the Azure portal.

Compute

Attach and Detach of VMs on Virtual Machine Scale Sets for a Single Fault Domain (preview)

In a new public preview, Azure now offers support for attaching and detaching Virtual Machines (VMs) to and from Virtual Machine Scale Sets (VMSS) configured with Flexible Orchestration Mode and a fault domain count of 1. Once a VM is attached to the VMSS, it becomes part of the scale set, gaining access to features such as autoscale, Instance Repair, and Automatic OS Upgrades, all without requiring downtime. Conversely, if troubleshooting outside of the scale set is needed, the VM can be easily detached for further investigation. This functionality is designed to streamline the management of VMs within and across scale sets.

Instance Mix on Virtual Machine Scale Sets (preview)

Azure has introduced the public preview of Instance Mix, a feature designed to enhance the flexibility and cost efficiency of Virtual Machine Scale Set (VMSS) deployments. Instance Mix allows users to specify a variety of VM sizes within a single VMSS, enabling better alignment with workload requirements. The feature also includes an allocation strategy that optimizes either price or capacity. Key benefits include the ability to mix different VM sizes to meet diverse task demands, achieve cost savings by utilizing appropriately sized VMs, and simplify management by overseeing a heterogeneous VM set under one scale set. This new capability helps to maximize performance by ensuring the right resources are allocated to each task.

Networking

Dedicated Log Analytics Tables in Application Gateway

Azure Application Gateway has introduced general availability for storing logs in dedicated log analytics tables. This new feature allows customers to opt for resource-specific tables instead of using the existing Azure Diagnostic table. In resource-specific mode, separate tables are created for each selected category in the diagnostic settings within the chosen workspace. This enhancement offers better log querying capabilities, along with reduced ingestion latencies and faster query times, making it easier to analyze and manage logs efficiently.

Storage

Double Encryption at-Rest for Azure NetApp Files

Azure NetApp Files has introduced a double encryption at-rest feature, adding multiple independent encryption layers to protect data from threats that could compromise a single encryption layer. This feature mitigates risks such as the compromise of a single encryption key, errors in encryption algorithm implementations, and misconfigurations in data encryption. Users can opt for double encryption when creating capacity pools, ensuring that all volumes within these pools are automatically protected without additional steps. Customers requiring their own encryption key management can configure customer-managed keys for this purpose. Importantly, this enhanced security does not significantly impact performance, allowing existing applications to benefit from FIPS-140 certified double encryption without sacrificing efficiency.

Azure NetApp Files Now Supports 50 GiB Minimum Volume Sizes

Azure NetApp Files has introduced support for 50 GiB minimum volume sizes, a significant enhancement from the previous 100 GiB minimum. This new capability allows customers to create storage volumes as small as 50 GiB, optimizing costs for workloads that require less storage. By enabling customers to right-size their volumes, this update offers more efficient storage management and cost savings, particularly for those with smaller-scale storage needs.

Azure NetApp Files Storage with Cool Access for All Service Levels

Azure NetApp Files has reached general availability with its cool access feature, offering a cost-effective storage solution across all service levels, including standard, premium, and ultra. The cool access feature allows data that is infrequently accessed to be transparently moved to Azure storage accounts, optimizing storage costs. This feature includes configurable options for the “coolness period”, determining the duration after which cold data is tiered to a cool storage tier, based on your workload’s access patterns. While this may introduce some latency due to data being tiered, it significantly reduces overall storage expenses. Additionally, in scenarios involving cross-region or cross-zone replication, cool access can be configured for destination volumes, ensuring data protection while optimizing costs.

Customer Managed Planned Failover for Azure Storage (preview)

Azure Storage has introduced a public preview of the planned failover feature, empowering users with enhanced disaster recovery capabilities. Planned failover allows for the seamless failover of a storage account while maintaining geo-redundancy, with no data loss and without the need to reconfigure geo-redundant storage (GRS) after the operation. This feature facilitates the swapping of primary and secondary endpoints, ensuring continuous availability of storage service endpoints. Once the failover is completed, all new data writes are directed to the region that was previously the secondary, now designated as the new primary region. This feature is ideal for scenarios like planned disaster recovery testing, proactive disaster preparedness, or recovery from non-storage related outages.

Azure Stack

Azure Stack HCI

Upgrade and Update from Azure Stack HCI Version 22H2 to 23H2 Now Available

Azure has announced the gradual availability of upgrade and update from Azure Stack HCI version 22H2 to 23H2, the latest iteration of its hyper-converged infrastructure solution. This new version integrates seamlessly with Azure Arc infrastructure, enabling streamlined provisioning and management of workloads such as Arc-enabled virtual machines, Azure Kubernetes Services, and Azure Virtual Desktop. With the 23H2 release, Azure Stack HCI transitions from being solely a cloud-connected operating system to becoming a fully Arc-enabled solution. This evolution layers Azure Arc and the Orchestrator (also known as the Lifecycle Manager) atop the base operating system, packaged together following an Infrastructure as Code (IaC) model for improved deployment and management efficiency.

Upgrading from version 22H2 to 23H2 introduces a host of new capabilities and represents a significant advancement in functionality. The upgrade process involves several key steps: first, updating the existing operating system to the new version using preferred methods such as PowerShell (recommended), Windows Admin Center, or other manual approaches; followed by performing necessary post-upgrade tasks, validating the solution’s readiness, and finally applying the complete solution upgrade.

It’s important to distinguish this upgrade from regular updates, which are periodic changes applied to enhance performance, security, or stability within the same version. Organizations are encouraged to perform this upgrade to leverage the enhanced features and integrations offered by Azure Stack HCI, version 23H2.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Azure IaaS and Azure Stack: announcements and updates (August 2024 – Weeks: 31 and 32)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

General

Azure Carbon Optimization (preview)

Azure Carbon Optimization, now in preview, equips Azure developers and IT professionals with the data and insight to optimize the carbon footprint of their cloud consumption. By providing insights into carbon emissions and offering recommendations to enhance the efficiencies of cloud resources, organizations can make more informed decisions to meet their business and cloud sustainability goals. Key features include granular emissions data at the resource level, optimization recommendations, role-based access control, carbon equivalents for better visualization, and integration with Microsoft Azure emissions insights (preview) for deeper analytics capabilities.

Storage

Azure Blob Storage Lifecycle Management Now Supports Improved Control on Archiving

Lifecycle management now offers users more control over how objects rehydrated from the archive tier are returned to archive after access. The daysAfterLastTierChangeGreaterThan option has been expanded, allowing users to specify a minimum duration that rehydrated objects stay accessible in an online tier. This prevents immediate re-archiving of recently rehydrated objects by applying the daysAfterLastTierChangeGreaterThan property in lifecycle rules based on Creation Time and Last Accessed Time, in addition to the existing Last Modified Time.

Azure NetApp Files zone volume placement enhancement – Populate existing volume
Azure NetApp Files has introduced an enhancement to its availability zone volume placement feature, allowing users to populate previously deployed, existing volumes with logical availability zone information. This update aligns volumes with other Azure services within the same availability zone, without moving them between zones. The enhancement is particularly beneficial for workloads initially deployed regionally, enabling them to align with virtual machines in the same failure domain, which is essential for high-availability architectures across availability zones. Additionally, this feature supports replication across availability zones, facilitating improved data protection.

Azure NetApp Files cross-zone replication
Azure NetApp Files has launched a new cross-zone replication feature, enabling asynchronous replication of volumes across different availability zones within the same Azure region. Leveraging SnapMirror® technology, this feature ensures that only changed blocks are transferred in a compressed format, optimizing network usage and reducing replication times. Cross-zone replication is designed to protect data against unforeseen zone failures without requiring host-based replication. It minimizes data transfer requirements, thereby lowering replication time and achieving a smaller Restore Point Objective (RPO). Additionally, this feature is highly cost-effective as it does not involve any network transfer costs.

Azure NetApp Files Volume Encryption Key Transition (preview)

This new feature in preview allows customers to transition their existing volumes protected with platform-managed keys (PMK) to volumes encrypted using customer-managed keys (CMK) stored in Azure Key Vault. CMK provides enhanced key manageability and security by enabling direct management of key rotation, access, permissions, and auditing tasks. This feature helps organizations comply with regulatory requirements and manage encryption keys securely without impacting performance, as the CMK protects the account encryption key using Azure Key Vault.

Azure Stack

Azure Stack HCI

Optimize Azure Stack HCI with the Well-Architected Framework

Microsoft is announcing the Azure Well-Architected Framework Service Guide for Azure Stack HCI. This guide contains design checklists and detailed configuration recommendations to assist cloud architects in designing and deploying Azure Stack HCI according to the guiding principles of the Well-Architected Framework: Reliability, Security, Cost Optimization, Operational Excellence, and Performance Efficiency. Whether planning a new deployment or enhancing an existing one, the guide provides tailored advice, rationales for recommendations, and links to product documentation for further details.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Azure IaaS and Azure Stack: announcements and updates (July 2024 – Weeks: 29 and 30)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

General

Azure Lab Services is being retired on June 28, 2027

Azure Lab Services will be retired on June 28, 2027, due to the availability of other Microsoft VDI services such as Azure Virtual Desktop, Windows 365, Azure DevTest Labs, and Microsoft Dev Box. Existing customers can continue to use the service until the retirement date, but new customers will not be allowed to sign up starting July 15, 2024. Microsoft recommends reviewing the retirement guide for more details about partner options. After June 28, 2027, Azure Lab Services will no longer be supported, and users will lose access to their lab accounts, lab plans, and labs.

Compute

Upgrade existing Azure Gen1/Gen2 VMSS to Gen2-Trusted launch (preview)

Microsoft is excited to announce preview support for enabling Trusted launch on existing Azure Gen1/Gen2 Virtual Machine Scale Sets (VMSS) Uniform by upgrading the VMSS Uniform resource to Gen2-Trusted launch. This upgrade aims to improve the foundational security of existing Azure VMSS resources. Trusted Launch VMs provide enhanced compute security for Azure Generation 2 VMs by enabling Secure Boot and vTPM capabilities, which protect the OS against rootkits and bootkits and enable attestation by measuring the boot chain of the VM.

Public Preview: 6th generation Intel-based VMs – Dv6/Ev6 (preview)

Microsoft is pleased to announce the public preview of the D and E family VMs built on the new 5th Gen Intel® Xeon® Platinum 8537C (Emerald Rapids) processor. These new Intel-based VMs come with three different memory-to-core ratios and offer options with and without local SSD across all the new VMs – the General Purpose Dsv6, Dlsv6, Ddvs6, and Dldsv6 series and the Memory Optimized Esv6 and Edsv6 series. Additionally, constrained core variants for the Esv6 series are ideal for workloads that require high data throughput without a high number of vCPUs.

These VMs, available initially in the US West and US East regions, offer up to 27% higher vCPU performance and 3x larger L3 cache than the previous generation Intel Dv5/Ev5 VMs, with up to 192vCPU and 1.8TB of memory. Azure Boost technology enables up to 400k IOPS and 12 GB/s remote storage throughput and up to 200 Gbps VM network bandwidth. The new Dv6 VMs balance memory to vCPU ratio with scalability up to 128 vCPUs and 512 GiB of RAM, while the Ev6 VMs cater to memory-intensive workloads with up to 192 vCPUs and 1832 GiB of RAM. These VMs also feature enhanced security through Total Memory Encryption (TME) technology and significantly larger local SSD capacity.

Networking

Azure Virtual Network Manager mesh and direct connectivity

As of June 13, 2024, Azure Virtual Network Manager’s mesh connectivity configuration and direct connectivity option in the hub and spoke connectivity configuration are generally available in all public regions. This feature allows a group of virtual networks to directly communicate with each other without an additional hop, reducing latency and management overhead. For instance, in a hub and spoke topology, a subset of spoke virtual networks that require low latency can directly communicate with each other. Traffic between these virtual networks can be filtered using network security groups (NSGs) and Azure Virtual Network Manager’s security admin rules while maintaining direct connectivity.

ExpressRoute FastPath Support for VNet Peering & UDR

Microsoft is announcing support for ExpressRoute FastPath VNet Peering and User Defined Routes (UDR) connectivity. This feature enhances data path performance between on-premises customer networks and Azure Virtual Networks, enabling 100Gbps connectivity to VMs in hub and spoke designs over ExpressRoute. With FastPath enabled, network traffic is sent directly to virtual machines within the virtual network, reducing hops and potential bottlenecks. While a virtual network gateway is still required to exchange routes between the virtual network and on-premises network, FastPath now supports traffic directly to VMs in “spoke” virtual networks and honors any UDRs configured on the Gateway Subnet.

ExpressRoute Traffic Collector support for provider circuits

Azure ExpressRoute customers can now configure ExpressRoute Traffic Collector on their 1G+ provider circuits. This expansion of the existing service, which previously only supported ExpressRoute Direct circuits, allows for improved visibility into circuit traffic. ExpressRoute Traffic Collector is a fully managed traffic monitoring solution that logs IPFIX flow records, which can then be queried for insights into circuit traffic patterns.

Storage

Azure Data Box now supports select cross region transfers (preview)

Azure Data Box has introduced cross-region data transfer capabilities, now in preview, to support seamless ingestion of on-premises data from a source country/region to select Azure destinations in a different country/region. For example, data can now be copied from Singapore or India to the West US Azure destination region. The Azure Data Box device is not shipped across commerce boundaries; instead, it is transported within the originating country or region, and data transfer to the destination Azure region occurs over the Azure network without incurring additional fees.

Azure NetApp Files Large Volume Enhancement – Increased Throughput and Maximum Size Limit of 2 PiB Volume

Azure has announced an exciting update to Azure NetApp Files, significantly enhancing large volumes with increased maximum throughput and size limits. The update brings a size limit increase to 1-PiB, accessible via Azure Feature Exposure Control (AFEC), offering more robust data management solutions for workloads such as HPC, EDA, VDI, and more. Additionally, a public preview of an even larger volume type, ranging from 1-PiB to 2-PiB, is available upon request, subject to regional availability and capacity. Key benefits of this update include performance enhancements up to 12.5-GiB/s per large volume, scalability from 50-TiB to 2-PiB, selection of service levels (Standard, Premium, Ultra), advanced data management features, and cost efficiency through consolidation.

Convert to Azure Premium SSD v2 disks (preview)

Azure has announced the Public Preview of the feature for converting to Premium SSD v2 disks (Pv2). This new feature allows users to confidently move their workloads to Pv2, leveraging its balance of price and performance. The conversion process is designed to be straightforward, enabling the migration of existing Standard SSD, Standard HDD, or Premium SSD v1 disks to PV2 disks with minimal downtime. Notably, this feature avoids disk destruction, eliminates the need to use snapshots as a staging resource, and removes the requirement for waiting for background data copying. This enhancement simplifies the migration process and ensures that users can take full advantage of Pv2 disks efficiently.

Azure Stack

Azure Stack HCI

Introducing the Comprehensive Azure Stack HCI OEM License

The new Azure Stack HCI OEM license is designed to provide a streamlined and efficient licensing solution for Azure Stack HCI hardware, including Azure Stack HCI Premier Solutions, Integrated Systems, and Validated Nodes. This license is valid for the entire lifetime of the hardware and covers up to 16 cores, with additional two-core and four-core license add-ons available for larger systems.

The Azure Stack HCI OEM license includes three essential services for your cloud infrastructure:

  1. Azure Stack HCI – Ensures you have a robust and scalable cloud infrastructure.
  2. Azure Kubernetes Services (AKS) – Provides container orchestration for deploying, managing, and scaling containerized applications.
  3. Windows Server Datacenter 2022 or earlier version supported guest virtual machines (VMs) – Supports your virtual machine needs with the latest Windows Server capabilities.

Key Benefits:

  • Simplified Licensing and Activation: A single license covers Azure Stack HCI, AKS, and Windows Server 2022 guest VMs, reducing complexity and cost.
  • No Activation Tools Needed: The Azure Stack HCI operating system is automatically activated without additional tools or keys.
  • Unified Procurement and Support: Purchase hardware, software, and get full stack support from a single vendor, streamlining your procurement process.

Requirements and Recommendations:

  • Active Azure Account: Necessary for license activation.
  • Latest Software Installations: Ensure you install the most recent versions of Azure Stack HCI, AKS, and Windows Server Datacenter 2022 guest VMs.
  • Continuous Updates: Keep Azure Stack HCI and AKS up to date to receive the latest features and security patches. Upgrade to newer versions when the current version reaches the end of its lifecycle.

For managing Windows Server VMs, you can use Automatic Virtual Machine Activation (AVMA) client keys through Windows Admin Center or PowerShell.

In mixed-node scenarios, where clusters consist of different hardware models, operating system versions, or billing models, the OEM license ensures clarity. If any server in your cluster lacks the OEM license, you will receive a notification in your monthly billing statement. To identify servers without the OEM license, check the OEM license column under Overview > Nodes.

The Azure Stack HCI OEM license not only simplifies the licensing process but also enhances the operational efficiency of your cloud infrastructure by ensuring you have access to the latest technologies and support in a unified manner.

Azure Arc gateway for Azure Stack HCI, version 23H2 (preview)

For enterprises implementing Azure Stack HCI, the new Arc gateway will significantly streamline the deployment and management process. The Arc gateway reduces the number of required endpoints for Azure Stack HCI clusters. Upon creating the Arc gateway, it can be used for both new and existing deployments. This gateway introduces the Arc gateway resource, which serves as a common entry point for Azure traffic through a specific domain or URL, and the Arc proxy, which runs as a service and functions as a forward proxy for Azure Arc agents and extensions. Traffic flows through Arc agentry, gateway router, enterprise proxy, Arc gateway, and finally to the target service, with each Azure Stack HCI cluster node having its own Arc agent.

Local UI to bootstrap Azure Stack HCI (preview)

Microsoft has introduced a new local web-based UI to facilitate the bootstrapping and registration of servers intended to cluster as an Azure Stack HCI system. This local UI simplifies the initial setup and management of Azure Stack HCI clusters, making the process more user-friendly and efficient.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.

Azure IaaS and Azure Stack: announcements and updates (July 2024 – Weeks: 27 and 28)

This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks.

Azure

Compute

Retirement: Azure Cloud Services Guest OS Families 2, 3, and 4

In July 2024, Azure announced the upcoming retirement of Guest OS Families 2, 3, and 4 for Cloud Services and Cloud Services Extended Support. The end-of-life dates are as follows: Windows Server 2008 R2 will retire in December 2024, while Windows Server 2012 and Windows Server 2012 R2 will retire in February 2025. Customers utilizing these OS families need to take action to ensure their cloud services remain supported. To identify which cloud services are running the soon-to-be-retired OS Families, Azure provides a PowerShell script. The script will help pinpoint services that need migration, with recommendations to move to Guest OS family 7 (Windows Server 2022) for continued functionality and support.

Networking

Cisco Firepower Threat Defense (FTD) integration with Virtual WAN (preview)

Azure has announced the public preview of integrating Cisco Firepower Threat Defense (FTD) with Virtual WAN. Customers can now deploy Cisco FTD directly into a Virtual WAN hub, jointly managed by Microsoft Azure and Cisco. This integration allows the Cisco FTD in the hub to perform Next-Generation Firewall capabilities, inspecting all North-South, East-West, and Internet-bound traffic.

Storage

Azure File Sync Agent v18.2 Release

Azure has released version 18.2 of the Azure File Sync agent, now available on Microsoft Update and Microsoft Download Center. This release includes a rollup update for previous v18 and v18.1 releases, along with sync reliability improvements. It supports installations on Windows Server 2016, 2019, and 2022. Notably, a server restart is required for existing agent installations. The agent version for this release is 18.2.0.0, with detailed installation instructions provided in KB5023059.

Azure Elastic SAN Feature Updates

Azure has introduced significant updates to the Elastic SAN feature, now generally available. Customers can delete unused space on their SANs and scale down as necessary. This capability is useful for those who realize they do not need as much capacity as initially allocated. Note that scaling down can only occur at the SAN level, not at the volume level. Additionally, Azure has released diagnostic logging capabilities, allowing configuration of Elastic SAN to send Azure platform logs and metrics to various destinations. Two log configurations are available: “All” for every resource log and “Audit” for logs that record customer interactions with data or service settings.

Azure Stack

Azure Stack HCI

CISPE and Microsoft Agree Settlement in Fair Software Licensing Case

On July 11, 2024, Microsoft and CISPE reached an agreement related to CISPE’s competition complaint filed against Microsoft with the European Commission in November 2022. Microsoft committed to changes addressing European CISPE members’ claims, leading CISPE to withdraw its complaint. Amazon Web Services, Google Cloud Platform, and AliCloud are excluded from these terms. A significant part of the agreement is the collaboration to release an enhanced version of Azure Stack HCI for European cloud providers. This will include features such as multi-session virtual desktop infrastructure, free Extended Security Updates, and pay-as-you-go SQL Server licensing. An independent European Cloud Observatory will monitor the agreement’s implementation. Microsoft has nine months to fulfill its commitments, or CISPE may refile its complaint.

Conclusion

Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.