Category Archives: Announcements and updates

Azure IaaS and Azure Stack: announcements and updates (November 2020 – Weeks: 43 and 44)

This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.

Azure

Compute

Microsoft plans to establish new cloud datacenter region in Austria

Microsoft announced intent to build a new datacenter region in Austria. The announcement also included details around establishment of a new Center of Digital Excellence in Austria, as well as a digital skilling initiative targeted at reaching approximately 120,000 Austrians by 2024.

Microsoft to establish its first datacenter region in Taiwan

Microsoft has announced plans to build a new datacenter region in Taiwan, along with a skilling initiative for over 200,000 people in Taiwan by 2024. The new region will also include Availability Zones, building on Microsoft’s 30+ year history in Taiwan.

Microsoft Cloud for Healthcare (generally available)

Microsoft Cloud for Healthcare is now generally available. This integrated solution enables customers to quickly access a portfolio of released and new healthcare capabilities tailored to the unique requirements of health data in the cloud. It unlocks the power of Microsoft Azure, Microsoft 365, Microsoft Dynamics 365, Microsoft Power Platform, and our ecosystem of partner healthcare solutions to create trusted, end-to-end cloud-based solutions. Healthcare organizations can engage in more proactive ways with patients and give caregivers tools to improve workflow efficiency and streamline interactions. Microsoft Cloud for Healthcare will make it easier for healthcare organizations to remain agile and focus on what they do best delivering better experiences, insights, and care. For more information on general availability read this page.

New VM series supported by Azure Batch

Use Azure Batch to run large-scale parallel and high-performance computing (HPC) batch jobs in Azure. The selection of VMs that can be used by Azure Batch has been expanded, allowing newer Azure VM series to be used. The following additional VM series can now be specified when Batch pools are created:

  • Dav4, Dasv4
  • Ddv4, Ddsv4
  • Eav4, Easv4
  • Edv4, Edsv4
  • E64iv3
  • Mv2
  • NVv4

Azure SQL Virtual Machines with SQL Server IaaS Agent extension

Registering your SQL Server Virtual Machine images in Azure Marketplace and extracting the total value from your Azure IaaS data estate is now easier with the SQL Server IaaS Extension now in general availability. Previously, in order to enjoy the full scope of cost saving and manageability features offered on Azure SQL Server Virtual Machines, you had to run a complicated script that required a large portion of time. Now you can simply tick a consent checkbox and allow Microsoft to automatically register all existing and future SQL Server Virtual Machines in your subscription. Access a number of features designed to save you money and increase manageability by providing a PaaS-like service while still maintaining the ability to customize your data estate that is integral to any IaaS service.

Storage

Soft delete for Azure file shares is now generally available in all regions

Soft delete acts like a recycle bin for your file shares, protecting your Azure file shares from accidental deletion. Now when a file share is deleted, it transitions to a soft deleted state in the form of a soft deleted snapshot. You get to configure how long soft deleted data is recoverable for before it is permanently erased. In January 2021, soft delete will be enabled by default for all new storage accounts with a default retention period of 7 days. Settings for existing storage accounts will not change.

Azure Blob storage lifecycle management supports blob versions management

Azure Blob storage lifecycle management now supports blob versions. Microsoft recommends using blob versioning to maintain previous versions of a blob for data protection. When blob versioning is enabled for a storage account, Azure Storage automatically creates a new version of a blob each time that blob is modified or deleted. You can use lifecycle management to automatically transition old blob versions to a cooler storage tier (hot to cool, hot to archive, or cool to archive) or delete old blob versions to optimize for cost. The lifecycle management feature is free of charge. Customers are charged the regular operation cost for the Set Blob Tier API calls. Delete operation is free. For more information about pricing, see Block Blob pricing.

Policy to control the minimum TLS version used with Azure Storage

Azure Storage now offers administrators the flexibility to specify the minimum version of TLS that a client application must use to communicate with a storage account. Microsoft recommends that you follow a DRAG (Detection-Remediation-Audit-Governance) framework to continuously manage secure TLS for your storage accounts.

Networking

New features for Azure VPN Gateway (preview)

Microsoft is announcing the following new features for Azure VPN Gateway in public preview:

  • High availability for RADIUS servers in point-to-site VPN – This feature enables highly available configuration for customers using RADIUS/AD authentication for their point-to-site VPN.
  • VPN over ExpressRoute private peering – For customers such as those in financial and health industries, double encryption over both their private WANs and Azure WAN is a key compliance requirement. VPN over ExpressRoute private peering allows customers to use IPsec tunnels over their ExpressRoute private peering to satisfy this need.
  • Custom IPsec/IKE policy with DPD timeout – Setting IKE DPD (Dead Peer Detection) timeout allows customers to adjust the IKE session timeout value based on their connection latency and traffic conditions to minimize unnecessary tunnel disconnect, improving both reliability and experience. This feature brings the entire custom IPsec/IKE policy configuration experience to Azure Portal.
  • APIPA support for BGP speaker – This feature supports customers with legacy VPN routers and Amazon Web Service (AWS) VGW, Google Cloud Platform (GCP) VPN which use APIPA addresses as their BGP speaker IP addresses. Now they can establish BGP sessions with Azure VPN gateways using APIPA addresses.
  • FQDN support for site-to-site VPN – This feature supports customer branches or locations without static public IP addresses to connect to Azure VPN gateways. Customers can now leverage dynamic DNS services and use their FQDNs instead of IP addresses. Azure VPN gateways will automatically resolve and update the VPN target to establish IPsec/IKE connections.
  • Session management and revocation for point-to-site VPN users – Enterprise administrators can now list and revoke individual user connections to their VPN gateways from Azure Portal in real time, addressing a key management asks.

Azure IaaS and Azure Stack: announcements and updates (October 2020 – Weeks: 41 and 42)

This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.

Azure

Compute

New cloud datacenter region in Greece

Microsoft has announced plans build its newest datacenter region in Greece. This announcement will also encompass a skilling initiative which will reach a minimum of 100,000 people in Greece, as well as an AI for Cultural Heritage initiative, which will digitize 3D video from the Ancient City of Olympia. The new region is anticipated to include Microsoft Azure, with Microsoft 365, Dynamics 365 and Power Platform to follow.

New Azure Spot Virtual Machines features

In the Azure portal, you can now access the spot price and the eviction rate for the past 28 trailing days for the specific Spot VM you intend to deploy. These new capabilities will enable you to derive estimates about the probability that your workloads will be evicted while providing insights regarding the cost of running interruptible workloads using Spot VMs.

Azure Virtual Machines DCsv2-series expanding within Europe, United Kingdom and United States

Confidential computing DCsv2-series virtual machines (VMs) are now available in North Europe, UK West and US West. Customers in Europe, United Kingdom and United States now have disaster recovery capabilities available. These VMs are backed by the latest generation of Intel XEON E-2288G processor with Software Guard Extensions (SGX) technology, and with the Intel Turbo Boost Technology these machines can go up to 5.0 GHz. Use the DCsv2-series instances to build secure, enclave-based applications to protect your code and data while it’s in use.

Azure DevTest Labs: network isolated lab

An Azure Virtual Network helps ensure that private network traffic is logically isolated from outside traffic. Each lab can be configured with an Azure network to ensure virtual machines and environments created within are isolated from unwanted traffic and follow enterprise networking policies. Lab owners can also now create a network isolated lab. This means, alongside isolating lab virtual machines and environments to a selected network, lab owners can also isolate the lab storage account and key vaults created for certain lab operations. Learn more about how you can create an isolated network lab.

Azure DevTest Labs: available in more regions

Azure DevTest Labs is now available in the UAE North, Germany West Central and Norway East regions. The support includes full Azure DevTest Labs capabilities.

Storage

Azure NetApp Files Manual QoS Capacity Pool (preview)

Microsoft is introducing Azure NetApp Files (ANF) manual quality of service (QoS) capacity pool, which is a new type of capacity pool that allows you to assign the capacity and throughput for a volume independently. The total throughput of all volumes created with a manual QoS capacity pool is limited by the total throughput of the pool. The total throughput of the pool is determined by the combination of the pool size and the service-level throughput. Find more details in the ANF user documentation.

Azure Blob: Soft Delete for Containers preview region expansion

Soft delete for containers expands upon Azure Blob Storage’s existing capabilities such as blob versioning, soft delete for blobs, account delete locking, and immutable blobs, making our data protection and restore capabilities even better. When container soft delete is enabled for a storage account, any deleted container and their contents are retained in Azure Storage for the period that you specify. During the retention period, you can restore previously deleted containers and any blobs within them. Microsoft is expanding the public preview to all public Azure regions. There is no additional charge to enable container soft delete. Data in soft deleted containers is billed at the same rate as active data.

Azure Files premium tier is now available in more regions with LRS, ZRS, and NFS support

Azure Files premium tier storage offers highly-performant, highly available file services, that is built on solid-state drives (SSD). Premium tier is optimized to deliver consistent performance for IO-intensive workloads that require high-throughput and low latency. More Azure Files premium tier regions, more premium files regions with locally redundant storage (LRS), zone redundant storage (ZRS) support, and Network File System (NFS 4.1) public preview support. Stay up to date on the premium tier region availability through the Azure region availability page.

Networking

Standard Load Balancer and Public IP addresses support resource group move

Standard Load Balancers and Standard Public IP addresses now support being moved across resource groups within the same subscription. Moving a resource only moves it to a new resource group. It doesn’t change the location of the resource or the subscription. Moving Standard Load Balancers and Public IP addresses across resource groups is supported in all Azure public cloud regions.

Azure IaaS and Azure Stack: announcements and updates (October 2020 – Weeks: 39 and 40)

This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.

In this dedicated post you can find the most important announcements and major updates officialized last week during Microsoft Ignite 2020 conference.

Azure

Compute

The new Azure VMware Solution is now generally available

Designed, built, and supported by Microsoft, Cloud Verified by VMware, running VMware Cloud Foundation technologies, Azure VMware Solution enables customers to extend or migrate VMware workloads to the cloud seamlessly. Organizations can maintain existing VMware skills and operational processes, running VMware Cloud Foundation technologies, and leverage the benefits of Azure, all at the same time.

Azure Availability Zones in more regions

Azure Availability Zones, high-availability solutions for mission-critical applications, are now generally available in Australia East and Canada Central.

Azure DevTest Labs: Encrypt OS disks in your lab

Server-side encryption (SSE) protects your data and helps you meet your organizational security and compliance commitments. SSE automatically encrypts your data stored on managed disks in Azure (OS and data disks) at rest by default when persisting it to the cloud. Within DevTest Labs, all OS disks and data disks created as part of a lab are encrypted using platform-managed keys. As a lab owner you can now choose to encrypt lab virtual machine OS disks using your own keys. If you choose to manage encryption with your own keys, you can specify a customer-managed key to use for encrypting data in lab OS disks.

Storage

Price reduction on the Azure Files premium tier by 33%

The new pricing is effective October 1st and applies to all the regions/redundancy options for the premium tier. The price reduction on the premium tier, coupled with the recent introduction of two new hot and cool tiers, makes customers’ decision easier to choose the right files storage tier that fits best their workload’s needs while offering a most cost effective storage. Azure Files premium tier hosted on SSD storage, with no additional cost for transactions, is best suited for workloads that are IO intensive, with high throughput and low latency needs. The three standard tiers (transaction optimized, hot, and cool) are best suited for workloads that do not need high throughput or IOPS but require a reliable lower cost storage.

Shared disks on Azure Disk Storage is now available in broader set of regions

With shared disks, Azure Disk Storage is the only shared block storage in the cloud that supports both Windows and Linux based clustered or high-availability applications. Shared disks is now available for Premium SSDs in all regions and available for Ultra Disks in all regions that support Ultra Disks. Shared disks allows a single disk to be attached to multiple virtual machines, enabling customers to run their most demanding enterprise applications in the cloud like clustered databases, parallel file systems, persistent containers, and machine learning applications, without compromising on well-known deployment patterns for fast failover and high availability.

Azure Ultra Disk is now available in more regions

Azure Ultra Disks offer high throughput, high IOPS, and consistent low latency disk storage for Azure VMs. Azure Ultra Disk is now available in Australia Central, India Central, Korea Central and US Gov Texas.

Azure IaaS and Azure Stack: announcements and updates (Microsoft Ignite 2020 – Special Edition)

This special edition includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft this week during Microsoft Ignite 2020 conference. Microsoft announced several important additions to its Azure infrastructure as a service (IaaS) portfolio and the Microsoft infrastructure services continue to evolve to optimize the experience of running business-critical workloads.

Azure

Compute

Availability Zones deployed to more Azure Regions

Azure Availability Zones (AZs) provide a high-availability option for comprehensive business-continuity and disaster-recovery strategies (BCDR), 99.99% uptime service-level agreement (SLA) on virtual machines, flexible high-performance architecture and multizone support with built-in security. Microsoft continues to expand deployment of Availability Zones in datacenter regions worldwide, with a roadmap to provide Availability Zone options in each country it operates datacenters in over the next 24 months. In September, Availability Zones will be available in two more existing regions, Canada Central and Australia East, bringing the total number of Microsoft’s AZ-enabled regions to 14.

Zone to zone disaster recovery for azure virtual machines

Zone to Zone disaster recovery allows customers to replicate, failover and failback their business-critical virtual machines within the same region with zones. The capability adds options for scenarios such as metro-based disaster-recovery strategy while customers are hosting applications on-premises and are looking to mimic that after migrating applications over to Azure; those that have complicated networking infrastructure and want to avoid the cost and complexity of recreating it in a secondary region; and those in regions that prefer not to use paired region disaster recovery options.

New Azure Spot VM features

New Azure Spot VM features, in preview soon in the Azure portal, enable customers to access and review the price history of Spot VMs and eviction rate for the past 28 trailing days. Also, not only allow customers to derive estimates about the probability that their workloads will be evicted, but also enable better estimates for the cost of running interruptible workloads using Spot VMs.

Azure Hybrid Benefit for Linux workload (preview)

Azure Hybrid Benefit, available in preview, improves flexibility and enhances user experience for Red Hat and SUSE customers migrating Linux to Azure.Directly in the portal or through CLI, Red Hat Enterprise Linux (RHEL) and SUSE Linux Enterprise Server (SLES) customers will be able to convert existing Linux VMs from pay-as-you-go (PAYG) billing to bring-your-own-subscription (BYOS) billing, making use of their existing Red Hat and SUSE subscriptions. This is a unique capability that allows customers to first deploy a POC in Azure using the convenience of on-demand PAYG Linux VMs, and when testing is complete, convert it to long-term production using RHEL and SLES subscriptions. This removes the headache of production redeployment, preserves existing investments in on-premises RHEL and SLES subscriptions, and reduces migration planning worries.

A new Azure-supported Linux distribution

Flatcar Container Linux by Kinvolk, is now available in Azure Marketplace. Flatcar is an immutable Linux distribution and is compatible with Core OS (which reached its end of service on May 26, 2020), making Flatcar Container Linux a viable and straightforward migration choice for container workloads running on Azure.

Azure Image Builder

Azure Image Builder, generally available by the end of this year, is a free image-building service that streamlines the creation, update, patch, management and operation of Linux and Windows images. Azure Image Builder will deploy resources into your subscription when used, and you pay only for the virtual machines and associated storage and networking resources consumed when running your image-building pipeline.

Multiple new Azure Infrastructure features

Multiple new Azure Infrastructure features are now available:

  • New Azure Virtual Machines (VMs) are now generally available featuring Intel Cascade Lake processors for general purpose and memory-intensive workloads. These VMs provide up to 20% greater CPU performance compared to the prior generation.
  • Azure Dedicated Host now gives customers more control. Customers can schedule host maintenance operations on Dedicated Hosts and isolated VMs as well as control when guest OS image updates are rolled out. Azure Dedicated Host also supports Virtual Machine Scale Sets and simplifies deployment by offering customers the ability to let the platform select the host group where VMs are deployed to.

Storage

New Azure Disk Storage updates

New Azure Disk Storage updates, including:

  • Azure Private Link integration which enables secure import and export of data over a private virtual network for enhanced security
  • Support for 512E on Azure Ultra Disks to enable migration of legacy databases to Azure.

Networking

Cisco SD-WAN with Azure Virtual and Global Load Balancer feature (preview)

Azure networking enhancements announced at Ignite include the addition of Cisco Software-Defined Wide Area Network (SD-WAN) native support within the Azure Virtual WAN hubs, and the Global Load Balancer feature for Azure Load Balancer. Both are available in preview.

The use of Cisco SD-WAN with Azure Virtual WAN aligns with networking trends to leverage technologies such as SD-WAN to improve performance through intelligent path selection and central policies. They work to eliminate traditional networking backhauls by sending traffic directly from branch to the cloud via local breakouts and allow you to leverage your chosen vendor’s path selection and policy management.

With Global Load Balancer, customers can use the feature in the Azure Load Balancer to distribute traffic to their global applications, improving performance and availability.

Azure orbital: a new managed service that provides access to physical satellite communication (private preview)

Azure Orbital is a new managed service that provides access to physical satellite communication capabilities to process and analyze data in Microsoft Azure. Take advantage of a low-latency global fiber network when working with large satellite datasets. Azure Orbital is available now to select customers in private preview. Azure Orbital enables satellite operators to schedule contacts with their spacecrafts and directly downlink data into their virtual network (VNet) in Azure.

Azure Stack

Azure Stack Edge

Two new Azure Stack Edge rugged devices are available

Customers can perform machine learning and gain quick insights at the edge by running the Azure Stack Edge Pro R with NVIDIA’s powerful T4 GPU and the lightweight, portable Azure Stack Edge Mini R. Both devices are designed to operate in the harshest environments at remote locations.

Azure Stack Edge is now available with GPUs

Customers can run visualization, inferencing, and machine learning at the edge with the Azure Stack Edge Pro series powered by the NVIDIA T4 Tensor Core GPU. This unlocks a broad set of new edge scenarios, such as automatically recognizing license plates for efficient retail curbside pickup, and detecting defects in real time in products on a manufacturing assembly line.

Azure Stack HCI

Preview of Azure Kubernetes Services (AKS) on Azure Stack HCI

AKS on Azure Stack HCI enables customers to deploy and manage containerized apps at scale on Azure Stack HCI, just as they can run AKS within Azure. This now provides a consistent, secure, and fully managed Kubernetes experience for customers who want to use Azure Stack HCI within their datacenters. Sign up for the preview of AKS on Azure Stack HCI.

Azure Stack Hub

Azure Stack Hub is now available with GPUs

To power visualization intense apps, we’ve partnered with AMD to bring the AMD Mi25 GPU to Azure Stack Hub, which allows users to share the GPU in an efficient way. The NVIDIA V100 Tensor Core GPU enables customers to run compute intense machine learning workloads in disconnected or partially connected scenarios. The NVIDIA T4 Tensor Core GPU provides visualization, inferencing, and machine learning for less compute intense workloads

Azure IaaS and Azure Stack: announcements and updates (September 2020 – Weeks: 37 and 38)

This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.

Azure

Compute

Azure Virtual Machines DCsv2-series are available in Southeast Asia

Confidential computing DCsv2-series virtual machines (VMs) are available in Southeast Asia in multiple availability zones.

Storage

Azure Blob storage object replication

Object replication is a new capability for block blobs that lets you replicate your data from your blob container in one storage account to another anywhere in Azure.

Object replication unblocks a new set of common replication scenarios:

  • Minimize latency: users consume the data locally rather than issuing cross-region read requests.
  • Increase efficiency: compute clusters process the same set of objects locally in different regions.
  • Optimize data distribution: data consolidated in a single location for processing/analytics and then distribute only resulting dashboards to your offices worldwide.
  • Minimize cost: tier down your data to Archive upon replication completion using lifecycle management policies to minimize the cost.

Change feed support is generally available for Azure Blob Storage

Change feed provides a guaranteed, ordered, durable, read-only log of all the creation, modification, and deletion change events that occur to the blobs in your storage account. Change feed is the ideal solution for bulk handling of large volumes of blob changes in your storage account, as opposed to periodically listing and manually comparing for changes. It enables cost-efficient recording and processing by providing programmatic access such that event-driven applications can simply consume the change feed log and process change events from the last checkpoint.

Azure Blob storage lifecycle management now supports append blobs

Azure Blob storage lifecycle management offers a rich, rule-based policy for Azure storage accounts. You can use the policy to transition your data to the appropriate access tiers or expire at the end of the data’s lifecycle. Azure Blob storage lifecycle management now supports expiration of append blobs.

Azure Blob access time tracking and access time-based lifecycle management (preview)

Once access time tracking is enabled, each blob has a new property called last access time which is updated when the blob is read. Azure Blob lifecycle management supports using last access time as a filter to transition data between access tiers and manage data retention. You can minimize your storage cost automatically by setting up a policy based on last access time to:

  • Transition your data from a hotter access tier to a cooler access tier (hot to cool, cool to archive, or hot to archive) if there is no access for a period.
  • Transition your data from the cool tier to the hot tier immediately if there is an access on the data.
  • Delete your data if there is no access for an extended period.

NFS 4.1 support for Azure Files (preview)

NFS file system is very popular choice for Linux applications and end users for their shared storage needs. Having a fully managed NFS file system in Azure will enable customers to easily lift-and-shift their enterprise workloads and leverage the elasticity, scale and cost savings of cloud. Azure Files is built on Azure Storage platform which by nature is highly durable, highly available and highly secure. It is backed by same Azure Storage SLA. NFS on Azure Files is being offered first on the highly performant SSD backed Premium Files tier enabling customers to run their most demanding enterprise applications. The NFS file system can grow and shrink to meet your scale and performance requirement from 100 GiB to 100 TiB per volume. Azure Files NFS can be accessed from a variety of clients like Azure VM Linux distros like Ubuntu, RHEL, SUSE etc., Azure Kubernetes Service(AKS), Azure Container Instances (ACI), Azure VMWare Service (AVS), VMSS, etc. NFS has a broad range of use cases. 

Azure NetApp Files: cross region replication (preview)

With this new disaster recovery capability, you can replicate your Azure NetApp Files volumes from one Azure region to another in a fast and cost-effective way, protecting your data from unforeseeable regional failures.

Azure IaaS and Azure Stack: announcements and updates (September 2020 – Weeks: 35 and 36)

This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.

Azure

Compute

Azure Dedicated Hosts now support new Azure Virtual Machines series

Azure Dedicated Host provides a single-tenant physical server to host your Azure Virtual Machines for Windows and Linux. The server capacity is not shared with other customers. Address specific organizational compliance requirements or plan your maintenance window by deploying your workloads on Azure Dedicated Hosts. You can now deploy Dsv4, Ddsv4, Esv4, and Edsv4 Azure Virtual Machines on Dedicated Hosts. New Azure Dedicated Host SKUs featuring new hardware types for the Dsv3 and Esv3 Azure VM series are now generally available as well. With this update, we continue to expand the range of general purpose and memory intensive workloads that you can run on Azure Dedicated Hosts while providing greater performance.

New Azure VMs for general purpose and memory intensive workloads

The new D v4 and E v4 series Azure Virtual Machines, now generally available, are based on the Intel Xeon Platinum 8272CL custom processor, which can achieve up to 3.4Ghz all core turbo frequency. These new Azure Virtual Machines do not provide any temporary storage. If you require temporary storage select the latest Dd v4 and Ed v4 Azure virtual machines, which are also generally available.

  • The D v4 / Ds v4 virtual machine sizes offer a combination of vCPUs and memory able to meet the requirements associated with most general-purpose workloads. You can attach Standard SSDs and Standard HDDs disk storage to the D v4 virtual machines. If you prefer to use Premium SSD or Ultra Disk storage, please select the Ds v4 virtual machines.
  • The E v4 / Es v4 virtual machines feature up to 504 GiB of RAM and are ideal for various memory-intensive enterprise applications. You can attach Standard SSDs and Standard HDDs disk storage to the E v4 VMs. If you prefer to use Premium SSD or Ultra Disk storage, please select the Es v4 virtual machines.

Automated deployment of Always On availability groups through the Azure portal (Public preview)

A new, automated way to deploy Always On availability groups is now in preview for SQL Server on Azure Virtual Machines (VMs) using the SQL VM resource provider. The VM resource provider simplifies configuring Always On availability groups by handling infrastructure and network configuration details. It offers a reliable deployment method with the correct resource dependency settings and internal re-try policies. Deploying automated Always On availability groups with SQL VM resource provider today will improve availability for SQL Server on Azure Virtual Machines. Learn more about Always On availability group deployments.

Storage

AzCopy: new version available

AzCopy v10.6 has released with support for:

  • Sync command now includes access control lists (ACLs) between supported resources (e.g. Windows and Azure Files) using persist-smb-permissions flag
  • Sync also includes SMB properties (Created Time, Last Write Time, and attributes such as Read Only) between supported resources (e.g. Windows and Azure Files) using the persist-smb-info flag
  • Support for higher block & blob size.  Blob block size up to 4,000 MiB supported.  This provides block blob sizes up to 190.7 TiB (4,000 MiB x 50,000 blocks)
  • Support for Blob Versioning using list-of-versions flag for both download and delete operations

Azure Data Lake Storage Gen2: access control list recursive update (public preview)

The ability to recursively propagate access control list (ACL) changes from a parent directory to its existing child items for Azure Data Lake Storage (ADLS) Gen2 is now available in public preview. This public preview is available globally in all Azure regions, through PowerShell, .NET SDK, and Python SDK.

Azure Blob versioning is now general available

Azure storage strives to protect your business critical data from any accident or attack. To support that goal, Microsoft is announcing the general availability of Azure Blob versioning. Azure Blob Versioning automatically maintains previous versions of an object and identifies them with version IDs. You can list both the current blob and previous versions using version ID timestamps. You can also access and restore previous versions as the most recent version of your data if it was erroneously modified or deleted by an application or other users.

Networking

Azure DNS: Introducing automatic child zone delegation

A new update released to general availability in all clouds that makes it easier for you to create Child Zones which are easily attached to Parent Zones. Prior to this release, when a customer was creating a new child zone, they would add their resource records to the newly created zone but often missed the step adding the complicated nameserver records back to the parent zone, causing name resolution failure when the customer would try to test the newly created zone.  This update creates an option for you to identify their new zone as a child (please see illustration) of an existing zone in Azure DNS. When this selection has been made, the name server records for the child zone will be automatically populated in the parent, saving you 4 additional steps. For a quick explanation on how to create child zones, please check out our tutorial guide.

Upcoming changes to Standard Public IPs and Standard Load Balancers

With Network API version 2020-08-01, zone behavior for Standard SKU resources (Azure Load Balancer and Public IP addresses) will be updated such that:

  • when no zone is specified, a non-zonal resource is created
  • when a single zone is specified, a zonal resource is created 
  • when multiple zones are specified in a region with Availability Zones, a zone-redundant resource is created

A zone-redundant resource can only be created in regions where Availability Zones are supported

Azure Stack

Azure Stack Hub

Stream Analytics can be run on Azure Stack Hub

Azure Stream Analytics now can be run on Azure Stack Hub as an IoT Edge module. Configurations have been added to the IoT Edge module which allows it to interact with blob storage, Event Hubs, and IoT Hubs running in an Azure Stack Hub subscription. Customers can build truly hybrid architectures for stream processing in your own private, autonomous cloud, which can be connected or disconnected with cloud-native apps using consistent Azure services on-premises.

Azure IaaS and Azure Stack: announcements and updates (August 2020 – Weeks: 33 and 34)

This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.

Azure

Compute

New GPU NCas T4 v3 VMs (preview)

The NCas T4 v3 Series virtual machine is a new addition to the Azure GPU family specifically designed for the AI and machine learning workloads. The VMs feature 4 NVIDIA T4 GPUs with 16 GB of memory each, up to 64 non-multithreaded AMD EPYC 7V12(Rome) processor cores, and 448 GiB of system memory. These virtual machines are ideal to run ML and AI workloads utilizing Cuda, TensorFlow, Pytorch, Caffe, and other Frameworks or graphics workloads using NVIDIA GRID technology.

Azure Virtual Machines DCsv2-series in West US 2

Confidential computing DCsv2-series virtual machines (VMs) are now available in two availability zones in West US 2.

Storage

Azure Blob storage: Network File System 3.0 protocol support region expansion (preview)

Azure Blob storage is the only storage platform that supports NFS 3.0 protocol over object storage natively (no gateway or data copying required), with crucial object storage economics. NFS 3.0 support to block blob storage accounts with premium performance public preview regions now include: US East, US Central, US West Central, Australia Southeast, North Europe, UK West, Korea Central, Korea South, and Canada Central.

Azure Blob storage: Soft Delete for Containers (preview)

Soft delete for containers expands upon Azure Blob Storage’s existing capabilities such as soft delete for blobs, account delete locking, and immutable blobs, making our data protection and restore capabilities even better. When container soft delete is enabled for a storage account, any deleted container and their contents are retained in Azure Storage for the period that you specify. During the retention period, you can restore previously deleted containers and any blobs within them. Container soft delete is available in preview in the following regions: France Central, Canada East, and Canada Central. There is no additional charge to enable container soft delete. Data in soft deleted containers is billed at the same rate as active data.

Azure Ultra Disk: generally available in more regions and Availability Zones

Azure Ultra Disks offer high throughput, high IOPS, and consistent low latency disk storage for Azure Virtual Machines (VMs). It is now available in Australia East, East Asia, Brazil South, and Canada Central. Moreover, Azure Ultra Disk support is now expanded to the 3 Availability Zones in US East 2 and Japan East.

Azure Data Box Disk is now available in South Africa and China

Data Box Disk is an SSD-disk-based option for offline data transfer to Azure. It’s ideal for a recurring or one-time data migration of up to 40 TB to Azure and is especially well-suited for data migration from multiple remote or branch offices. Azure Data Box Disk is now Generally Available in South Africa and China. This is in addition to the regions where Data Box Disk is now generally available.

Azure IaaS and Azure Stack: announcements and updates (August 2020 – Weeks: 31 and 32)

This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.

Azure

Compute

SQL Server FCI on Shared Disks for SQL Server on virtual machines

Azure Shared Disks for SQL Server Failover Cluster Instance (SQL FCI) on Azure IaaS is now in general availability. Azure Shared disks for SQL FCI enables lift and shift migrations for the most commonly used high availability configuration on-premises to Azure IaaS.

Storage

New regions for Azure Blob storage object replication (preview)

Object replication is a new capability for block blobs that lets you replicate your data from your blob container in one storage account to another anywhere in Azure. Microsoft has expanded the preview regions to include East US 2 and Central US.

Azure Blob storage: Network File System 3.0 protocol support (preview)

Network File System (NFS) 3.0 protocol support for Azure Blob storage is now in preview. Azure Blob storage is the only storage platform that supports NFS 3.0 protocol over object storage natively (no gateway or data copying required), with crucial object storage economics. This new level of support helps with large scale read-heavy sequential access workloads where data will be ingested once and minimally modified further including large scale analytic data, backup and archive, NFS apps for seismic and subsurface processing, media rendering, genomic sequencing, and line-of-business applications. NFS 3.0 is available to block blob storage accounts with premium performance in the following regions: US East, US Central, and Canada Central. Support for GPV2 accounts with standard tier performance will be announced soon. During the preview, test data stored in your NFS 3.0-enabled storage accounts will be billed at the same capacity rate (per GB per month) as Azure Blob storage. Pricing for transactions is subject to change and will be determined when generally available.

Azure File Sync agent v10.1

Azure File Sync agent v10.1 is available and it’s now on Microsoft Update and Microsoft Download Center.

Improvements and issues that are fixed:

  • Azure private endpoint support
  • Files Synced metric will now display progress while a large sync is running, rather than at the end.
  • Miscellaneous reliability improvements for agent installation, cloud tiering, sync and telemetry.

Installation instructions are documented in KB4522411.

Networking

Upcoming billing changes to Azure Bandwidth

On a rolling basis throughout September 2020, Microsoft will move Bandwidth to a source–destination billing model. Additionally, metering will be divided into inter-region meter IDs. As a result, Bandwidth charges for inter-region data transfers will either remain the same or decrease. First 5 GB of outbound data transfers will remain free of charge and the current data volume tiers will be replaced by one flat price.

Azure IaaS and Azure Stack: announcements and updates (July 2020 – Weeks: 29 and 30)

This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.

Azure

Storage

Advanced threat protection for Azure Storage

The preview of extending advanced threat protection for Azure Storage is available to support Azure Files and Azure Data Lake Storage Gen2 API, helping customers to protect their data stored in file shares and data stores designed for enterprise big data analytics. With this release, Azure Files customers can benefit from the following capabilities of advanced threat protection for Azure Storage:

  • World-class algorithms that learn, profile, and detect unusual or suspicious activity in your file shares
  • Actionable alerts in a centralized view in Azure Security Center with optional email notifications
  • Integration with Azure Sentinel for efficient threat investigation
  • Azure-native support for Azure Files with one click enablement from the Azure portal and with no need to modify your application code

Allow or disallow blob public access on Azure Storage accounts

Azure Storage now supports anonymous public read access for containers and blobs. By default, all requests to a container and its blobs must be authorized by using either Azure Active Directory (Azure AD) or shared key authorization. When you configure a container’s public access level setting to permit anonymous access, clients can read data in that container without authorizing the request. Anonymous public read access to containers and blobs in Azure Storage is a convenient way to share data, but may also present a security risk. It’s important to enable anonymous access judiciously and to understand how to evaluate anonymous access to your data. If your scenario does not require it, you can disable it for the storage account.

Azure Blob versioning public preview region expansion

Azure Blob Versioning automatically maintains previous versions of an object and identifies them with version IDs. You can list both the current blob and previous versions using version ID timestamps. You can also access and restore previous versions as the most recent version of your data if it was erroneously modified or deleted by an application or other users. Microsoft has expanded the preview regions to include East US 2, Central US, West Europe, and North Europe. You can start previewing this feature on any existing or new General-purpose (GPv2) storage accounts in those regions.

Azure shared disks general availability

With shared disks, Azure Disk Storage is the only shared block storage in the cloud that supports both Windows and Linux-based clustered or high-availability applications. This unique offering allows a single disk to be simultaneously attached and used from multiple virtual machines (VMs), enabling you to run your most demanding enterprise applications in the cloud, such as clustered databases, parallel file systems, persistent containers, and machine learning applications, without compromising on well-known deployment patterns for fast failover and high availability.

Improved availability guarantees with single VM SLA for Standard SSD and Standard HDD

To strengthen the availability guarantee of VMs, Microsoft is extending the single-instance VM SLA to all disk types including Standard SSD and Standard HDD. Previously, it offered an SLA of 99.9 percent for single-instance VMs using Premium SSD and Ultra Disks. Now it offer an SLA of 99.5 percent for single-instance VMs using Standard SSD and an SLA of 95 percent for single-instance VMs using Standard HDD, improving the availability guarantee to cover all single-instance VMs.

Azure Disk Storage with Azure Private Link integration is in preview

For enhanced security, you can now restrict access to your data by only allowing import and export from your private Azure virtual network by leveraging the integration with Azure Private Link.

Performance tiers for Azure Disk Storage are in limited preview

Azure Disk Storage now enables you to set performance tiers (in limited preview) of your Premium SSD for a specific duration of time without increasing the capacity of the disk. Performance tiers provide the flexibility to achieve higher performance while controlling costs. This helps to sustain high-performance demands. Your provisioned disk is first set to a baseline performance tier based on its size. When your application has higher performance demands, choose a higher performance tier, then return your provisioned disk to the baseline performance tier when the high-demand period is over.

Networking

Azure Virtual WAN: install network virtual appliances directly into an hub

Several new capabilities for Azure Virtual WAN are now in preview, including the option to install network virtual appliances directly into a virtual WAN hub as an option for SD-WAN connectivity. Microsoft is currently partnering with Barracuda, to be followed by other third-party network virtual appliance partners, to provide this service. This allows you to leverage your vendor’s proprietary path selection and policy management capabilities with Azure infrastructure and virtual WAN routing capabilities.

Azure Application Gateway: URL rewrite and wildcard listener in preview

URL rewrite and wildcard host names in listener for Azure Application Gateway are now available in preview.

Use the URL rewrite capability in Application Gateway to:

  • Rewrite the host name, path, and query string of the request URL.
  • Choose to rewrite the URLs of all requests on a listener or only those requests thta match one or more of the conditions you set. These conditions are based on the request and response properties.
  • Choose to route the request (select the backend pool) based on either the original URL or the rewritten URL.

Use wildcard host names in listener to:

  • Use wildcard characters like asterisk (*) and question mark (?) in the host name, which can accept any incoming request with the host header matching the pattern.
  • Configure up to five host names per multisite listener using the new hostnames field.

Azure Stack

New Azure Stack HCI Preview

Microsoft just announced the new Azure Stack HCI, delivered as an Azure hybrid service, at Microsoft Inspire 2020. Azure Stack HCI Preview is a hyperconverged infrastructure host from Microsoft, now delivered as an Azure hybrid service. Run Windows and Linux virtual machines on-premises on a host platform that’s IT friendly and managed by you with existing tools, processes, and skillsets. Easily extend your infrastructure with up-to-date Azure hybrid services for monitoring at scale.

Azure IaaS and Azure Stack: announcements and updates (July 2020 – Weeks: 27 and 28)

This series of blog posts includes the most important announcements and major updates regarding Azure infrastructure as a service (IaaS) and Azure Stack, officialized by Microsoft in the last two weeks.

Azure

Compute

Virtual machine scale sets: Automatic image upgrades for custom images

Automatically deploy new versions of custom images to scale set virtual machines using the new capabilities of virtual machine scale sets. Automatic OS image upgrade monitors your image gallery and automatically begins scale set upgrades when a new image version is deployed, facilitating faster image deployment without additional overhead. Enabling automatic OS image upgrades will safely upgrade the OS disk for all virtual machines in the scale set, helping to ease update management.

Distributed network name for SQL Server on Virtual Machines

Support for distributed network name (DNN) for SQL Server failover cluster instance (SQL FCI) on Azure IaaS with SQL Server 2019 CU2 and higher is now available. Connectivity configuration with DNN increases the availability and robustness of SQL FCI. By using DNN, you don’t need an Azure Load Balancer, and can simply use the same method you’ve been using on-premises for automated failover.

Storage

Azure Data Lake Storage

The following news have been announced for Azure Data Lake Storage:

  • Immutable storage for Azure Data Lake Storage is available in preview. Immutable storage provides the capability to store data in a write once, read many (WORM) state. Once data is written, the data becomes non-erasable and non-modifiable, and you can set a retention period so that files can’t be deleted until after that period has elapsed. Additionally, legal holds can be placed on data to make that data non-erasable and non-modifiable until the hold is removed.
  • The archive tier for Azure Data Lake Storage is generally available. The archive tier provides an ultra-low cost tier for long term retention of data while keeping your data available for future analytics needs. Tier your data seamlessly among hot, cool, and archive so all your data stays in one storage account. Lifecycle management policies can be set so files are moved automatically to the archive tier when data access becomes rare. When needed, data in the archive tier can be quickly and easily rehydrated so that the data is available for your analytics workloads.
  • File snapshots for Azure Data Lake Storage are available in preview. Use file snapshots to take an unlimited number of point-in-time snapshots of your files. These snapshots can be used to revert a file back to that snapshot in the case of accidental or inadvertent updates. Snapshots can also be retained so you can reference the content of a file at that point in time.
  • Static website for Azure Data Lake Storage is in preview. Use static website to directly host static content from Azure Data Lake Storage, and view that site content from a browser by using the public URL of that website.

Azure Storage 200 TB block blob size in preview

Azure Blob storage provides massively scalable object storage for workloads including application data, HPC, backup, and high-scale workloads. Microsoft has increased the maximum size of a single blob from 5 TB to 200 TB, now available in preview.
The increase in blob size better supports use cases from seismic data processing to genomics that require support for multiple TB object sizes.

Azure Shared Disks for SQL Server failover cluster instance on Azure IaaS (preview)

Preview support is now available for Azure Shared Disks for SQL Server failover cluster instance (SQL FCI) on Azure IaaS with SQL Server 2019 on Windows Server 2019 and higher. Azure Shared Disks for SQL FCI enables lift and shift migrations for the most commonly used HA configuration on-premises to Azure IaaS.

Networking

New Azure Firewall features

The following several new Azure Firewall features have been announced by Microsoft that allow your organization to improve security, have more customization, and manage rules more easily. These new capabilities were added based on customer top feedback:

  • Custom DNS support now in preview.
  • DNS Proxy support now in preview.
  • FQDN filtering in network rules now in preview.
  • IP Groups now generally available.
  • AKS FQDN tag now generally available.
  • Azure Firewall is now HIPAA compliant.

Azure Firewall Manager

Azure Firewall Manager is now generally available and includes Azure Firewall Policy, Azure Firewall in a Virtual WAN Hub (Secure Virtual Hub), and Hub Virtual Network. Microsoft is introducing several new capabilities to Firewall Manager and Firewall Policy to align with the standalone Azure Firewall configuration capabilities:

  • Threat intelligence-based filtering allow list in Firewall Policy is now generally available.
  • Multiple public IP addresses support for Azure Firewall in Secure Virtual Hub is now generally available.
  • Forced tunneling support for Hub Virtual Network is now generally available.
  • Configuring secure virtual hubs with Azure Firewall for east-west traffic (private) and a third-party security as a service (SECaaS) partner of your choice for north-south traffic (internet bound).
  • Integration of third-party SECaaS partners are now generally available in all Azure public cloud regions.
  • Zscaler integration will be generally available on July 3, 2020. Check Point is a supported SECaaS partner and will be in preview on July 3, 2020. iboss integration will be generally available on July 31, 2020.
  • Support for domain name system (DNS) proxy, custom DNS, and fully-qualified domain name (FQDN) filtering in network rules using Firewall Policy are now in preview.

Private endpoints for Azure File Sync

Starting with Azure File Sync agent 10.1, Azure File Sync supports private endpoints in all public and Azure US Government cloud regions where Azure File Sync is available. Private endpoints enable you to assign your Storage Sync Service private IP addresses from within the address space of your virtual network. This allows you to:

  • Securely connect to your Azure resources from on-premises networks using a VPN or ExpressRoute connection with private-peering.
  • Secure your Azure resources by disabling the public endpoints for Azure Files and File Sync.
  • Increase security for your Azure virtual networks by blocking exfiltration of data from your network boundaries.

Azure Virtual WAN: new capabilities

Several key Azure Virtual WAN capabilities are now generally available:

  • Hub to Hub connectivity providing fully meshed virtual hubs.
  • Custom Routing adding advanced routing enhancements: custom route tables and optimization of virtual network routing.
  • Virtual Network Transit with 50 Gbps transit speeds between Virtual Networks (Vnets) connected with Virtual WAN.
  • VPN and ExpressRoute Transit for seamless interconnectivity between VPN/SD-WAN and ExpressRoute connected sites and users.
  • New VPN Capabilities supporting custom BGP IP (also known as APIPA or Automatic Private IP Addressing) for VPN Site connections.
  • New Virtual WAN Partners VMware SD-WAN by Velocloud and Cisco Meraki now supporting automation of IPsec connectivity between their branch VPN/SD-WAN devices and Azure Virtual WAN VPN service.

Azure Load Balancer support for IP-based backend pool management (preview)

Azure Load Balancer now supports load balancing across IP addresses in the backend pool. Previously, you could only add network interfaces associated virtual machines in the backend of a Load Balancer. With this release, you can load balance to resources in Azure via your private IPv4 or IPv6 addresses using Standard Load Balancer.