Category Archives: Azure Stack HCI

Strategic Integration Between Azure Stack HCI and Azure Virtual Desktop

In the current context of continuous technological evolution, the importance of resilient, scalable, and secure infrastructure solutions has never been more apparent. Microsoft’s Azure Stack HCI emerges as a key player in this landscape, offering a powerful hybrid platform that bridges on-premises environments and the cloud. With the integration of Azure Virtual Desktop (AVD), this solution becomes even more strategic for companies looking to navigate the complexities in the field of desktop and application virtualization, extending the capabilities of Microsoft’s managed cloud service to the hybrid cloud environment. Through this approach, organizations can now deploy virtual desktops and applications more efficiently, while ensuring low-latency connectivity and access to Azure’s managed services for leading-edge management, security, and scalability. This article will explore in detail the features, benefits, and innovations of Azure Virtual Desktop on Azure Stack HCI, providing a comprehensive overview of how these technologies can transform company IT infrastructures to better face the challenges of the modern work world.

Overview of Azure Stack HCI and Azure Virtual Desktop

What is Azure Stack HCI?

Azure Stack HCI is an innovative solution from Microsoft that enables the implementation of a hyper-converged infrastructure (HCI) for running workloads on-premises while maintaining a strategic connection to Azure services. This system eliminates the need for various traditional hardware components, opting instead for a software solution that integrates computing, storage, and networking into a single platform. This marks an evolution from traditional “three-tier” infrastructures, characterized by network switches, appliances, physical systems with hypervisors, storage fabric, and SAN, to a more simplified and efficient solution. Azure Stack HCI offers an infrastructure powered by a hyper-converged model, which supports both Windows and Linux virtual machines as well as containerized workloads, together with their storage. As a quintessential hybrid product, Azure Stack HCI facilitates the integration between on-premises systems and Azure, allowing access to cloud-based services, monitoring, and management. This gives organizations the agility and benefits typical of public cloud infrastructure, while effectively responding to use cases and regulatory requirements of specialized workloads that need to remain on-premises. Azure Stack HCI thus positions itself as a strategic choice for organizations aiming to combine cloud efficiency with the specific needs of the on-premises environment.

What is Azure Virtual Desktop?

Azure Virtual Desktop is a state-of-the-art VDI (Virtual Desktop Infrastructure) solution, cloud-based, designed to effectively meet the needs of modern work, whether remote or hybrid. Unique in its kind, it is fully optimized to leverage the multi-session capabilities of Windows 11 and Windows 10, ensuring optimal integration and efficiency. Additionally, Azure Virtual Desktop stands out for its robust security features, designed to protect corporate applications and data while ensuring compliance with current regulations. The platform is designed to significantly simplify the deployment and management of the VDI infrastructure, offering complete control over configuration and management. Thanks to its consumption-based pricing structure, it allows for reduced operational costs, leveraging investments and skills already acquired in the field of virtualization, paying only for the resources actually used.

What is Azure Virtual Desktop for Azure Stack HCI?

Azure Virtual Desktop for Azure Stack HCI represents an innovative technological solution that integrates the distinctive benefits of Azure Virtual Desktop and Azure Stack HCI. This integration offers organizations the flexibility to run virtualized desktops and applications securely not only in the cloud but also on-premises. Particularly suitable for entities with specific data residency requirements, latency sensitivity, or data proximity needs, Azure Virtual Desktop for Azure Stack HCI extends the capabilities of the Microsoft Cloud to corporate datacenters, promoting an IT environment more adaptive and responsive to business needs.

Key Features and Benefits

The main features and benefits of this solution include:

  • Performance optimization: enhances the user experience of Azure Virtual Desktop in regions with limited connectivity to the Azure public cloud, offering session hosts in physical proximity to users.
  • Compliance with data locality requirements: allows organizations to meet data residency requirements, keeping the data of applications and users on-premises. This aspect is crucial for companies operating in regulated sectors or with specific data privacy and security needs.
  • Access to legacy resources: facilitates access to legacy applications and data sources by keeping them in the same physical location as virtualized desktops and apps.
  • Full and efficient Windows experience: ensures a smooth and complete user experience thanks to compatibility with Windows 11 and Windows 10 Enterprise multi-session, while optimizing operational costs.
  • Unified management: simplifies the deployment and management of the VDI infrastructure compared to traditional on-premises solutions, using the Azure portal for centralized and integrated control.
  • Optimal network performance: ensures the best connection performance with RDP Shortpath, reducing latency and improving user access to virtualized resources.
  • Simple updates: allows for quick and simple deployment of the latest fully updated images through the use of Azure Marketplace images, thus ensuring that the virtual environment remains secure and up-to-date.

Azure Virtual Desktop for Azure Stack HCI is configured as a highly scalable and secure solution that enables companies to effectively address challenges related to data management, latency, and compliance, promoting an optimized and centrally manageable virtual work environment.

Integration Mechanisms

The main key mechanisms through which AVD integrates with Azure Stack HCI include:

  • Virtual machines as Session Hosts: the virtual machines (VMs) created on Azure Stack HCI act as session hosts for AVD. These VMs are managed just like any Azure VM but are located on-premises.
  • Azure managed components: AVD on Azure Stack HCI uses Azure managed components, such as brokerage and gateway services, while deploying session host pools directly on Azure Stack HCI clusters.
  • System requirements: to implement this configuration, you need to have Azure Stack HCI version 23H2 or higher. Additionally, you must have a Windows image for the VMs and a logical network that supports DHCP on Azure Stack HCI.

Deployment and Management

Here is how the deployment and management of AVD in this hybrid context works:

  • Location definition: deploying on Azure Stack HCI requires defining a custom location that represents the Azure Stack HCI cluster during the creation of resources on Azure. This step is crucial to ensure that resources are correctly associated with the desired physical infrastructure.
  • Configuration of Session Host pools: session host pools can be made up of VMs located in the Azure cloud or on a specific Azure Stack HCI cluster. It is important to note that VMs from both origins cannot be combined within a single pool.
  • Consistent management: the management of session hosts and user identities, which must be hybrid configurations synchronized between AD on-premises and Microsoft Entra ID, remains in line with standard Azure Virtual Desktop practices.

Licensing and Pricing

To implement Azure Virtual Desktop on Azure Stack HCI, it is essential to understand and ensure compliance with the necessary licenses and pricing models. Here are the three main components that influence the cost of Azure Virtual Desktop on Azure Stack HCI:

  1. Infrastructural costs: these costs directly relate to the Azure Stack HCI infrastructure on which Azure Virtual Desktop is run. More information on the Azure Stack HCI cost model can be found in this article.
  2. User access rights: the same licenses that grant access to Azure Virtual Desktop on Azure also apply to Azure Virtual Desktop for Azure Stack HCI. It is important to note that user access pricing for external users is not supported on Azure Virtual Desktop for Azure Stack HCI.
  3. Hybrid service rate: this is an additional rate that applies to each active virtual CPU (vCPU) on Azure Virtual Desktop session hosts operating on Azure Stack HCI. The rate for the hybrid service is $0.01 per vCore per hour of use.

Conclusions

The innovative contribution of Azure Stack HCI, further enhanced by the integration with Azure Virtual Desktop, marks a fundamental turning point for organizations aspiring to an advanced and hybrid IT infrastructure. Azure Stack HCI establishes itself as the backbone of this transformation, offering optimized management of on-premises workloads, together with the flexibility and efficiency characteristic of the cloud. The implementation of Azure Virtual Desktop on Azure Stack HCI proves ideal for organizations that wish to leverage the potential of the cloud, while maintaining the specific needs of on-premises environments. This solution sets a new standard in the sector of hybrid VDI solutions, proposing an effective balance between innovation and customization.

Impact of Broadcom’s acquisition of VMware and Microsoft’s alternative solutions

The tech industry witnessed one of the most significant mergers in recent times in November 2023, with Broadcom’s acquisition of VMware. This historic deal, now known as “VMware by Broadcom,” immediately raised questions and sparked interest among customers and industry analysts. Indeed, in an ever-evolving technological landscape, the repercussions of such a merger extend well beyond the walls of VMware and Broadcom, directly affecting existing customers and the global market for cloud services and IT infrastructure. Amidst a sea of changes, including shifts in licensing policies and potential uncertainty about the continuity of products and services offered, a clear need emerges for organizations to carefully assess their options.

It is in this context that Microsoft emerges as a key player, offering alternative solutions that promise not only to mitigate the risks associated with this major acquisition but also to provide new opportunities for growth and innovation. With a wide range of cloud services, virtualization tools, and infrastructure solutions, Microsoft stands out as a solid reference point for those seeking stability and reliability in a rapidly evolving IT landscape.

This article aims to explore in detail the impact of Broadcom’s acquisition of VMware, highlighting the main concerns of customers and outlining how Microsoft’s proposed alternative solutions can represent a strategic way out for organizations facing this significant change.

Main Customer Concerns

The following paragraphs report the main concerns raised by customers following Broadcom’s acquisition of VMware.

Transition from Perpetual Licenses to Subscriptions

A significant change introduced by Broadcom involves the transition from perpetual licenses, once a cornerstone of VMware’s offering, to a subscription-based model. This move raises concerns about long-term costs, as the recurring expenses of subscriptions can accumulate and exceed the one-time costs of perpetual licenses. Moreover, there is fear that customers may lose control over software versions and be subject to additional costs for updates.

Lack of Price Transparency

Customers express concerns about the lack of transparency in the pricing structure post-acquisition. Broadcom has announced reductions in “unit cost” but without providing clear details, raising fears of hidden costs and included services not requested. This uncertainty makes it difficult for customers to predict their future expenses.

Risk of Product Discontinuity

Broadcom’s history of optimizing product portfolios through the elimination of less profitable offerings has fueled concern over the potential discontinuity of popular VMware products. A case in point was the announcement of the end of availability of the free hypervisor vSphere (ESXi 7.x and 8.x), which has created uncertainty and pushed customers to evaluate alternative solutions.

Reduced Choice and Vendor Lock-in

The elimination of some products and increased dependence on Broadcom’s offerings can limit customers’ options, increasing the risk of lock-in with a single vendor. This scenario raises concerns about a possible increase in costs and a reduction in bargaining power.

Concerns about Reduced R&D

There is a strong concern that Broadcom’s historically cost-cutting approach could limit investments in research and development (R&D), compromising the innovation that has characterized VMware’s success. Memories of past acquisitions, where Broadcom cut R&D budgets, fuel fears about the future competitiveness and vitality of VMware products.

Impact on the VMware Ecosystem

Forrester Research Prediction

Forrester Research has predicted that about 20% of VMware’s enterprise customers may decide to abandon the VMware stack, driven by concerns related to the acquisition. This significant percentage of customers is looking for alternatives to meet their needs in areas such as virtualization, cloud environment management, remote access for end-users, and hyper-converged infrastructure solutions.

VMware Product Strategy and Focus

VMware has responded by simplifying its product portfolio, focusing the offering on three main areas: VMware Cloud Foundation, VMware vSphere Foundation, and additional services. This simplification aims to make it clearer for customers the technological path to follow, maintaining unchanged integrations with major cloud providers such as Azure, AWS, and Oracle. Moreover, for smaller implementations, VMware has kept the vSphere Standard and the vSphere Essentials Plus Kit, offering accessible options without overwhelming customers with an overly broad range of products.

Pricing and Offers

Despite the changes, VMware maintains a constant in its pricing strategy and offerings, opting for a subscription model that allows customers to align costs with the actual use of the software. This approach includes:

  • Subscription model: Allows paying for software based on actual use, aligning costs with real needs and avoiding large initial capital expenses (CAPEX). With terms of 1, 3, and 5 years, it offers the possibility to choose the duration of the subscription that best suits the organization’s needs and budget forecasts.
  • Core-based pricing: Rates are determined by the number of CPU cores used by the virtual machines, ensuring a cost allocation proportional to the resources used. A key aspect of the pricing model is the minimum threshold, which is equal to 16 cores per CPU.

Microsoft’s Alternative Solutions

Microsoft emerges as a key partner for customers looking for alternatives, offering innovative solutions for the migration and modernization of IT infrastructure. With an approach focused on innovation and flexibility, Microsoft primarily proposes the following solutions that can meet different needs and scenarios.

Azure Stack HCI: Bringing Azure into your data center with a hybrid infrastructure

Azure Stack HCI is Microsoft’s solution for creating an efficient and modern hyper-converged (HCI) infrastructure, suitable for running workloads in an on-premises environment with tight integration with Azure services. This solution is designed to facilitate the modernization of hybrid data centers, allowing users to enjoy a cohesive and familiar Azure experience even on-premises. Azure Stack HCI aims to simplify IT infrastructure management while improving efficiency and operational agility. For a detailed exploration of the Microsoft Azure Stack HCI solution, I invite you to read this article or watch this video. Additionally, for scenarios where a constant connection cannot be guaranteed (“disconnected” scenarios), it is possible to foresee the implementation of virtualization, storage, and network management solutions that leverage recent and innovative technologies included in Windows Server. For the latter, the new version 2025 will soon be launched.

Figure 1 – Azure Stack HCI overview

Azure VMware Solution (AVS): VMware in Microsoft’s data centers for enterprise realities

Azure VMware Solution leverages VMware technology on Azure to maintain symmetry with on-premises VMware environments, thereby accelerating the migration of VMware workloads to the Azure cloud with minimal adjustments. AVS facilitates the management of a hybrid cloud environment, offering private clouds in Azure, built on dedicated Azure infrastructure and bare-metal. Managed and supported directly by the Azure team and validated by VMware, this solution frees organizations from managing infrastructure and software. AVS includes essential VMware licenses such as vSphere, vSAN, NSX, and vMotion (VMware HCX), significantly simplifying migration and integration with Azure. For more details on the solution, you can consult this article on How to natively run VMware workloads in Azure.

Moreover, the Azure VMware Solution was recently made available in the Azure region of Northern Italy. This expansion allows customers in Italy to seamlessly integrate their VMware workloads with Azure services, leveraging the global scale, security, and performance of Azure while maintaining the VMware tools and skills they are accustomed to.

Figure 2 – Azure VMware Solution (AVS) overview

A particularly relevant aspect for organizations using Windows Server 2012 and 2012 R2 systems is the continuity of support in terms of security updates. Azure VMware Solution offers a significant advantage in this area: Extended Security Updates (ESU) for these systems are available at no additional cost when run on Azure VMware Solution. The provision of free ESU in Azure VMware Solution removes a common concern among many organizations regarding the costs and complexity associated with maintaining older systems in a secure environment. This approach allows companies to plan their migration and modernization of workloads with greater peace of mind, knowing that their Windows Server 2012 and 2012 R2 systems will continue to receive the necessary security updates for another 3 years during the transition to more recent technologies.

Azure VMware Solution not only facilitates the migration and integration of VMware environments with the Azure cloud but also provides essential support for managing legacy operating systems, offering a secure path to technological innovation and modernization without compromising security or operational stability.

Azure IaaS and PaaS: Migration and Modernization with Azure

For organizations aiming for a more radical modernization, Microsoft proposes migration to Azure IaaS (Infrastructure as a Service) and PaaS (Platform as a Service). This strategy allows migrating, restructuring, and rewriting applications leveraging modern architectural models. Azure IaaS ensures the management and execution of applications on a reliable cloud infrastructure, with a focus on security and compliance. Azure PaaS options further accelerate application development, providing a rich variety of tools. These platforms facilitate the quick creation of applications, support for development across different platforms, and the use of advanced resources in a cost-effective manner thanks to a payment model based on actual use. Modernization with Azure IaaS and PaaS offers a smooth transition to a flexible infrastructure, eliminating the need for VMware licenses.

Figure 3 – Moving to Azure IaaS and PaaS

Conclusions

Broadcom’s acquisition of VMware represents a significant turning point for the tech industry, marking the beginning of a new era of uncertainty and opportunity. While this merger raises legitimate concerns among customers regarding the continuity of products, price transparency, and the safeguarding of IT investments, it also opens the door to new horizons of growth and innovation. In this context of change, Microsoft stands out as a reference point, offering robust alternative solutions that not only directly address the concerns raised by this situation but also provide an opportunity for organizations to renew and enhance their IT infrastructures with cutting-edge technologies. The solutions proposed by Microsoft, including Azure Stack HCI, Azure VMware Solution (AVS), and migration and modernization options with Azure IaaS and PaaS, represent a strategic response to the challenges posed by the acquisition. These offerings allow organizations to achieve operational continuity, flexibility, and access to an innovative ecosystem that supports growth and innovation.

Azure Stack HCI: the continuously evolving Hyper-Converged solution – December 2023 Edition

In the rapidly evolving current technological landscape, the need for flexible and scalable IT infrastructures has never been more pressing. Azure Stack HCI emerges as a response to this need, offering a hyper-converged (HCI) solution that enables the execution of workloads in on-premises environments while maintaining a strategic connection with various services offered by Azure. Azure Stack HCI is not just a hyper-converged solution, but is also a strategic component of the Azure services ecosystem, designed to integrate and amplify the capabilities of existing IT infrastructure.

As part of Azure’s hybrid offering, Azure Stack HCI is constantly evolving, adapting to the changing needs of the market and user expectations. The recent wave of innovations announced by Microsoft testifies to the company’s commitment not only to maintaining but also improving its position as a leader in the HCI solutions sector. These new features, which will be explored in detail in this article, promise to open new paths for the adoption of Azure Stack HCI, significantly improving the management of hybrid infrastructures and offering new opportunities to optimize the on-premises environment.

The lifecycle of updates and upgrades of Azure Stack HCI

A fundamental aspect of Azure Stack HCI is its predictable and manageable upgrade and update experience. Microsoft’s strategy for Azure Stack HCI updates is designed to ensure both security and continuous innovation of the solution. Here’s how it works:

  • Monthly quality and security updates: Microsoft regularly releases monthly updates focused on quality and security. These updates are essential to maintain the integrity and reliability of the Azure Stack HCI environment.
  • Annual feature updates: in addition to monthly updates, an annual feature update is released. These annual updates aim to improve and enrich the capabilities of Azure Stack HCI with new features and optimizations.
  • Timing for installing updates: to keep the Azure Stack HCI service in a supported state, users have up to six months to install updates. However, it is recommended to install updates as soon as they are released to ensure maximum efficiency and security of the system.
  • Support from Microsoft’s Hardware Partners: Microsoft’s hardware solution partners support Azure Stack HCI’s “Integrated Systems” and “Validated Nodes” with hardware support services, security updates, and assistance, for at least five years.

In addition to these established practices, during Microsoft Ignite 2023, a significant new development was announced: the public preview of Azure Stack HCI version 23H2. This latest version represents an important step in the evolution of Azure Stack HCI. The final version of this updated solution will be released in early 2024, slightly behind the planned release cycle. This delay is attributable to significant changes made to the solution, aimed at further improving the capabilities and performance of Azure Stack HCI. Initially, Azure Stack HCI version 23H2 will be available exclusively for new installations. Over the course of the year, it is expected that most users currently on Azure Stack HCI version 22H2 will have the opportunity to upgrade their clusters to the new version 23H2.

Figure 1 – Azure Stack HCI update release cycles

Activation and management of different workloads

Modern organizations often find themselves managing a wide range of applications: some based on containers, others on virtual machines (VMs), some running in the cloud, others in edge environments. Thanks to Azure Arc and an adaptive approach to the cloud, it’s possible to use common tools and implement uniform operational practices for all workloads, regardless of where they are executed. The 23H2 version of Azure Stack HCI provides all the necessary Azure Arc infrastructure, automatically configured as part of the cluster deployment, including the Arc Resource Bridge and other management agents and components. This means that, from the start, it’s possible to begin deploying Arc-enabled virtual machines, Azure Kubernetes Service clusters, and Azure Virtual Desktop session hosts.

Virtual Machines

The 23H2 version of Azure Stack HCI offers the ability to activate general-purpose VMs with flexible sizing and configuration options to meet the needs of different applications. Users can use their own custom Linux or Windows images or conveniently access those available in the Azure Marketplace. When creating a new virtual machine (VM) using the Azure portal, the Command Line Interface (CLI), or an ARM template, it is automatically equipped with the Connected Machine Agent. This includes the integration of extensions like Microsoft Defender, Azure Monitor, and Custom Script, thus ensuring uniform and integrated management of all machines, both in the cloud and at the edge.

Azure Kubernetes Service

The 23H2 version of Azure Stack HCI offers the Azure Kubernetes Service, a managed Kubernetes solution that operates in a local environment. The Azure Kubernetes Service is automatically configured as part of the Azure Stack HCI deployment and includes everything needed to start deploying container-based workloads. The Azure Kubernetes Service runs its control plane in the same Arc Resource Bridge as the general-purpose VMs and uses the same storage paths and logical networks. Each new Kubernetes cluster deployed via the Azure portal, CLI, or an ARM template is automatically configured with Azure Arc Kubernetes agents inside to enable extensions such as Microsoft Defender, Azure Monitor, and GitOps for application deployment and CI/CD.

Azure Virtual Desktop for Azure Stack HCI (Preview)

The 23H2 version of Azure Stack HCI has been optimized to support the deployment of virtualized desktops and applications. Azure Virtual Desktop, a Microsoft-managed desktop virtualization service with centralized control in the cloud, offers the experience and compatibility of Windows 11 and Windows 10. This service is distinguished by its multi-session capability, which increases efficiency and reduces costs. With Azure Virtual Desktop integrated into Azure Stack HCI, it is possible to position desktops and apps (session hosts) closer to end-users to reduce latency, and there is also the option for GPU acceleration. The 23H2 version introduces an updated public preview that offers provisioning of host pools directly from the Azure portal, simpler guest operating system activation, and updated Marketplace images with pre-installed Microsoft 365 apps. Microsoft will soon share more information on timings and pricing for general availability.

Advanced security

The increase in applications and infrastructures in edge environments requires organizations to adopt advanced security measures to keep pace with increasingly sophisticated threats from attackers. The 23H2 version of Azure Stack HCI facilitates this process with advanced security settings enabled by default, such as native integration with Microsoft Defender for Cloud and the option to protect virtual machines with Trusted Launch.

Integrated and Default-Enabled Security

The new 23H2 version of Azure Stack HCI presents a significantly strengthened security posture. Leveraging the foundations of Secured Core Server, over 300 settings in the hypervisor, storage system, and network stack are pre-configured following Microsoft’s recommendations. This covers 100% of the applicable settings in the Azure security baseline, doubling the security measures compared to the previous version 22H2. Any deviations from the settings are detected and automatically corrected to maintain the desired security posture over time. For enhanced protection against malware and ransomware, application control is activated by default, using a base policy provided by Microsoft.

Integration with Microsoft Defender for Cloud

In Microsoft Defender for Cloud, in addition to workload protection for Kubernetes clusters and VMs, new integrated security recommendations provide coverage for the Azure Stack HCI infrastructure as part of the Cloud Security Posture Management plan. For example, if the hardware is not set up for Secure Boot, if clustered storage volumes are not encrypted, or if application control is not activated, these issues will be highlighted in the Microsoft Defender for Cloud portal. Furthermore, it is possible to easily view the security status of host clusters, nodes, and workloads in a unified view. This greatly improves the ability to control and correct the security posture efficiently on a large scale, making it suitable for environments ranging from a limited number to hundreds of locations.

Trusted launch for Azure Arc-Enabled Virtual Machines

Trusted launch is a security feature designed to protect virtual machines (VMs) from direct attacks on firmware and bootloaders. Initially available only in Azure’s cloud, it has now been extended to the edge with Azure Stack HCI version 23H2. When creating an Azure Arc-enabled VM, this security option can be selected using the Azure portal, the Command Line Interface (CLI), or an ARM template. Trusted launch provides VMs with a virtual Trusted Platform Module (TPM), useful for the secure storage of keys, certificates, and secrets. Additionally, Secure Boot is enabled by default. VMs using Trusted launch also support automatic failover and live migration, transparently maintaining the state of the vTPM when moving the VM between cluster nodes. This implementation represents a significant step towards introducing confidential computing into edge computing.

Innovations in edge management

Sectors like retail, manufacturing, and healthcare often face the challenge of managing physical operations across multiple locations. In fact, integrating new technologies in places such as stores, factories, or clinics can become a complex and costly process. In this context, an edge infrastructure that can be rapidly deployed and centrally managed becomes a decisive competitive advantage. Tools enhanced with artificial intelligence, capable of scaling to thousands of resources, offer unprecedented operational efficiency.

With the 23H2 version of Azure Stack HCI, fundamental lifecycle operations such as deployment, patching, configuration, and monitoring are entirely managed from the cloud. This significantly reduces the need for on-site tools and personnel, making it easier to manage edge infrastructures.

Cloud-based Deployment

The 23H2 version of Azure Stack HCI simplifies large-scale deployment. At edge sites, once new machines arrive with the operating system pre-installed, local staff can simply connect them and establish the initial connection with Azure Arc. From that point on, the entire infrastructure, including clusters, storage, and network configuration, is deployed from the cloud. This minimizes the time and effort required on-site. Using the Azure portal, it’s possible to create an Azure Stack HCI cluster or scale it with a reusable Azure Resource Manager (ARM) template, with unique parameters for each location. This infrastructure-as-code approach ensures consistent configuration of Azure Stack HCI on a large scale.

Cloud-based update management

Keeping the system up to date is now simpler. The 23H2 version introduces the new Lifecycle Manager, which organizes all applicable updates into a single monthly package, covering the operating system, agents, services, and even drivers and firmware for participating hardware solutions. Lifecycle Manager ensures that the cluster always runs a combination of software validated by Microsoft and its partners, reducing the risk of problems or incompatibility. Update management for Azure Stack HCI clusters is integrated with Azure Update Manager, providing a unified tool for all machines across the cloud and edge.

Cloud-based monitoring

Azure Monitor provides an integrated and comprehensive view for applications and infrastructure, covering both cloud and on-premises environments. This now includes logs, metrics, and alert coverage for Azure Stack HCI version 23H2. Over 60 standard metrics are available, including CPU and memory usage, storage performance, network bandwidth, and more. Azure Stack HCI health issues, such as a failed disk or a misconfigured network port, are reported as new platform alerts, customizable to trigger notifications or actions. Additionally, Azure Monitor Insights, powered by Data Collection Rules and Workbooks, provides pre-configured views to help administrators monitor specific features, such as storage deduplication and compression.

Useful references

For all the details regarding the 23H2 version of Azure Stack HCI, you can consult the official Microsoft documentation.

Conclusions

Azure Stack HCI represents a milestone in the landscape of IT infrastructures, offering a robust, scalable, and secure solution for organizations navigating today’s complex technological ecosystem. With its approach, Azure Stack HCI effectively adapts to the needs of hybrid infrastructures, enabling seamless integration between on-premises environments and the Azure cloud. Its advanced features, such as optimized workload management, cutting-edge security, and ease of edge system management, not only meet current challenges but also open new possibilities for future innovation. The constant updating of its capabilities, highlighted by the 23H2 version, demonstrates Microsoft’s commitment to keeping pace with the evolving market needs and user expectations. Azure Stack HCI is not just a solution for current needs but a strategic investment to bring cloud innovation into one’s on-premises environment.

The evolution of Azure Stack HCI with Premier Solutions

As businesses worldwide seek more efficient, scalable, and customizable solutions for their IT infrastructure needs, Microsoft unveils the “Premier Solutions for Azure Stack HCI.” This launch provides companies with a range of new opportunities, seamlessly integrating with existing solutions to achieve Azure Stack HCI systems and enhancing possibilities for businesses of all sizes. In this article, we will explore the features of this new offering, how it integrates with existing solutions, and how it might redefine the future of Azure Stack HCI.

Previous Context

To activate the Azure Stack HCI solution, on-premise hardware is required. Until now, companies could rely on:

  • Azure Stack HCI Integrated Systems: Some hardware providers offer systems specifically designed and optimized for Azure Stack HCI, providing an experience reminiscent of a dedicated appliance. These solutions also include unified support, provided in collaboration between the provider and Microsoft.
  • Azure Stack HCI Validated Nodes: This method relies on the use of hardware carefully verified and validated by a specific hardware provider. This strategy allows advanced hardware customization based on customer needs, offering the possibility to select specific details related to the processor, memory, storage, and network card features, always respecting the provider’s compatibility specifications. Several hardware manufacturers offer solutions compatible with Azure Stack HCI, and most Azure Stack HCI configurations are currently made following this approach.

What’s New: Premier Solutions for Azure Stack HCI

Premier Solutions” represent a new category in the Azure Stack HCI product landscape, created to offer users a better operational experience. These solutions promise faster achievement of tangible results and unprecedented flexibility thanks to “as-a-service” provisioning options. This significant advancement is the result of collaboration with tech giants like Dell Technologies and Lenovo. The essence of this initiative is the fusion of the best available technologies into a deeply integrated, complete infrastructure solution, providing a seamless experience between hardware, software, and cloud services.

Key strengths of the Premier Solutions include:

  • Advanced Integration: An unparalleled combination of hardware, software, and cloud services, allowing companies to reduce time spent on infrastructure management and focus more on innovation.
  • Guaranteed Reliability: Microsoft and its partners are dedicated to continuous testing to ensure maximum reliability and minimal downtime.
  • Simplified Implementation: Comprehensive deployment workflows, making the implementation of Azure Stack HCI clusters a simple and repeatable process.
  • Facilitated Updates: Jointly tested and automated full-stack updates, allowing for continuous, easy updates.
  • Flexible Purchase Models: Various purchase options and additional services to facilitate the start of Azure Stack HCI solutions.
  • Global Availability: A consistent solution available everywhere, ensuring consistency worldwide.

Figure 1 – Azure Stack HCI Solution Categories

Visually, we can imagine the Azure Stack HCI solution categories as overlapping layers: at the top, we find the Premier Solutions, ready for immediate use after deployment; followed by the Integrated Systems, targeted configurations with pre-installed software for specific tasks; and finally, the Validated Nodes, boasting the broadest variety of hardware components.

For a detailed comparison between the different categories of Azure Stack HCI solutions, you can refer to this document.

A Case in Point: Dell APEX Cloud Platform for Microsoft Azure

A shining example of this collaboration is the new Dell APEX Cloud Platform for Microsoft Azure. This platform goes beyond the capabilities of the Validated Node and Integrated System categories, offering a turnkey Azure Stack HCI experience.

Born from close collaboration between Dell and Microsoft, its native integration with Azure aims to realize a shared goal: to simplify the customer experience and provide the flexibility needed for modern IT infrastructure.

Dell APEX Cloud Platform for Microsoft Azure is the result of meticulous engineering collaboration between Dell and Microsoft. It offers deep integration and automation between the technological layers of the two companies, accelerating the value achieved by customers and amplifying IT agility and productivity. With a wide range of configuration options and form factors, optimized for both main data center infrastructures and edge deployments, this platform can address a wide range of use scenarios, allowing organizations to drive innovation in every context.

A Look to the Future

In the coming months, Microsoft plans to expand the Premier Solutions portfolio with innovative edge platforms from Lenovo, consolidating its industry leadership and offering solutions increasingly suited to customer challenges. To learn more about the available Azure Stack HCI solutions, you can visit the relevant catalog.

Conclusions

Hybrid solutions represent the future of IT infrastructure, offering flexibility, scalability, and unprecedented integration between on-premise and cloud. The recent introduction of “Premier Solutions for Azure Stack HCI” is clear evidence of this, demonstrating Microsoft’s commitment to the constant evolution of its ecosystem. Collaboration with giants like Dell and Lenovo highlights a strategic synergy aimed at providing companies with cutting-edge, efficient, and optimized solutions. In particular, the Dell APEX Cloud Platform for Microsoft Azure symbolizes the pinnacle of this collaboration, presenting a solution that perfectly meets the modern needs of IT infrastructure management and evolution. As the IT landscape continues to evolve, it’s clear that solutions like Azure Stack HCI will be at the heart of digital transformation, guiding organizations towards a more connected, integrated, and innovative future.

Embracing the future: why Azure Stack HCI is the optimal choice for modernizing On-Premises infrastructure

As the digital landscape evolves, businesses are constantly seeking ways to harness the power of technology to stay competitive and efficient. While cloud computing has emerged as a game-changer, offering unparalleled flexibility and scalability, many enterprises still grapple with the challenge of integrating their on-premises infrastructure with the cloud. Microsoft’s Azure Stack HCI presents a compelling solution to this dilemma, bridging the gap between traditional data centers and the innovative world of the cloud. In this article, we delve into the unique advantages of Azure Stack HCI and why it stands out as the preferred choice for businesses aiming to modernize their IT infrastructure.

Azure Stack HCI is Microsoft’s solution that allows you to create a hyper-converged infrastructure (HCI) for running workloads in an on-premises environment, with a strategic connection to various Azure services. Azure Stack HCI has been specifically designed by Microsoft to help customers modernize their hybrid data center, offering a complete and familiar Azure experience on-premises. If you need more information about the Microsoft Azure Stack HCI solution, I invite you to watch this video.

Figure 1 – Overview of Azure Stack HCI

In my daily interactions with customers, I am often asked why they should choose Azure Stack HCI over other well-known solutions that have been on the market for a long time. In the following paragraphs, I will outline what I believe are the main reasons to opt for Azure Stack HCI.

Modernize your on-premises infrastructure by bringing innovation

Azure Stack HCI is not synonymous with a virtualization environment but allows you to achieve much more. It is ideal if you want to modernize your infrastructure by adopting a hyper-converged architecture that allows you to:

    • Activate virtual machines based on consolidated technologies that make the environment stable and highly available, especially suitable for workloads that require high performance and scalability.
    • Deploy and manage modern applications based on microservices, alongside virtual machines, in the same cluster environment, using Azure Kubernetes Service (AKS). In addition to running Windows and Linux apps in containers, AKS provides the infrastructure to run selected Azure PaaS services on-premises, thanks to Azure Arc.
    • Activate virtual machines with Windows Server 2022 Azure Datacenter edition, which offers specific features not available in the classic Standard and Datacenter editions. To learn more about the features available in this edition, you can consult this article.
    • Create Azure Virtual Desktop session host pools using virtual machines running on-premises. This hybrid scenario becomes interesting in situations where applications are latency-sensitive, such as video editing, or scenarios where users need to use a legacy system on-premises that cannot be easily accessed.
    • Extend the features of the on-premises solution by connecting to various Azure services such as Azure Site Recovery, Azure Backup, Azure Monitor, and Defender for Cloud. This aspect ensures constant innovation, given the continuous evolution of cloud services.

Optimize costs

The Azure Stack HCI cost model, detailed in this article, is straightforward. Specifically, for customers with a Software Assurance contract, adopting Azure Stack HCI results in a drastic reduction in the costs of modernizing the virtualization environment, making this solution even more cost-competitive compared to competitors in the market. Recently, when comparing the costs between Azure Stack HCI and VMware vSphere + vSAN over a 3-year projection, it emerged that Azure Stack HCI allows savings of up to 40%.

Increase the level of security

Azure Stack HCI offers cross-cutting security on hardware and firmware, integrated into the operating system’s features, capable of helping protect servers from advanced threats. Azure Stack HCI systems can adopt Secured-core security features, all through an easy configuration experience from Windows Admin Center. Additionally, Azure Stack HCI allows you to obtain important security patches for legacy Microsoft products that have passed the support deadline, through the Extended Security Update (ESU) program. Considering that October 10, 2023, marks the end of extended support for Windows Server 2012 and Windows Server 2012 R2, Azure Stack HCI allows more time to embark on an application modernization path without neglecting security aspects.

Maximize existing investments

Azure Stack HCI can integrate with the existing environment and the most popular third-party solutions. Therefore, adopting this solution does not require new investments to introduce or adapt management, identity, security, and protection solutions. Specifically, the administrative management of Azure Stack HCI does not require specific software, but existing management tools such as Admin Center, PowerShell, System Center Virtual Machine Manager, and even third-party tools can be used. Furthermore, by adopting Azure Stack HCI and Azure Arc, it is possible to apply cloud management models to the on-premises environment, greatly simplifying the user experience. Azure Stack HCI allows you to fully exploit not only the investments already made concerning tools but also the skills of IT staff.

Conclusions

In today’s fast-paced technological era, the choice of IT infrastructure can significantly influence a business’s agility, security, and overall growth. While there are numerous solutions available, Azure Stack HCI emerges as a frontrunner, seamlessly merging the reliability of on-premises systems with the innovation of the cloud. Its unique features, cost-effectiveness, and robust security measures make it an invaluable asset for companies aiming to stay ahead of the curve. By choosing Azure Stack HCI, businesses not only safeguard their current investments but also pave the way for a future-ready, integrated, and efficient IT environment.

Hotpatching in Windows Server: a revolution in virtual machine management

In the digital age, ensuring business continuity is essential, no longer just an added value. For many companies, frequent interruptions, even of short duration, are unacceptable for their critical workloads. However, ensuring that continuity can be complex, whereas the management of virtual machines (VM) with Windows Server operating system is in some respects complex, especially in relation to applying security patches and updates. With the advent of the hotpatching feature from Microsoft, a new chapter in VM management has opened: a more efficient approach that minimizes disruption, guaranteeing servers that are always up-to-date and protected. This article looks at the features and benefits of this innovative solution.

What is Hotpatching?

Hotpatching, introduced by Microsoft, is an advanced technique that allows you to update Windows Server operating systems without the need to restart. Imagine you can “change tires” of your moving car without having to stop it. This is the "magic" of hotpatching.

Where you can use Hotpatching

Hotpatch functionality is supported on “Windows Server 2022 Datacenter: Azure Edition”, that you can use it for VMs running in Azure and Azure Stack HCI environment.

The Azure images available for this feature are:

  • Windows Server 2022 Datacenter: Azure Edition Hotpatch (Desktop Experience)
  • Windows Server 2022 Datacenter: Azure Edition Core

Note that Hotpatch is enabled by default on Server Core images and that Microsoft recently extended hotpatching support to include Windows Server with Desktop Experience, further expanding the scope of this feature.

Updates supported

Hotpatch covers Windows security updates and maintains an alignment with the content of security updates issued in the regular Windows update channel (non hotpatch).

There are some important considerations for running a Windows Server Azure Edition VM with hotpatch enabled:

  • reboots are still required to install updates that are not included in the hotpatch program;
  • reboots are also required periodically after a new baseline has been installed;
  • reboots keep the VM in sync with non-security patches included in the latest cumulative update.

Patches not currently included in the hotpatch program include non-security updates released for Windows, .NET updates and non-Windows updates (as driver, firmware updates, etc.). These types of patches may require a reboot during the Hotpatch months.

Benefits of Hotpatching

The benefits of this technology are many:

  • Better security: with hotpatching, security patches are applied quickly and efficiently. This reduces the window of vulnerability between the release of a patch and its application, offering fast protection against threats.
  • Minimization of downtime: one of the main benefits of hotpatching is the ability to apply updates without the need to restart the server. This means fewer outages and higher availability for applications and services.
  • More flexible management: system administrators have the freedom to decide when to apply patches, without the worry of having to do careful planning to ensure that running processes are not interrupted while applying updates.

How hotpatching works

During a hotpatching process, the security patch is injected into the operating system's running code in memory, updating the system while it is still running.

Hotpatch works by first establishing a baseline with the current Cumulative Update for Windows Server. Periodically (on a quarterly basis), the baseline is updated with the latest Cumulative Update, after which they are released hotpatch for the next two months. For example,, if a Cumulative Update is released in January, February and March would see the release of hotpatch. For the hotpatch release schedule, you can consult the Release Notes for Hotpatch in Azure Automanage for Windows Server 2022.

The hotpatch contain updates that do not require a restart. Because Hotpatch fixes the in-memory code of running processes without the need to restart the process, applications hosted on the operating system are not affected by the patching process. This action is separate from any performance and functionality implications of the patch itself.

The following image shows an example of an annual update release schedule (including examples of unplanned baselines due to zero-day corrections).

Figure 1 – Outline of a sample yearly schedule for releasing Hotpatch updates

There are two types of baselines:

  • Planned Baselines: are released on a regular basis, with hotpatch releases in between. Planned Baselines include all updates in a newer Cumulative Update and require a restart.
  • Unplanned Baselines: they are released when a major update is released (like a zero-day correction) and that particular update cannot be released as a hotpatch. When unscheduled baselines are released, a hotpatch release is replaced with an unplanned baseline in that month. Unplanned Baselines also include all updates in a newer Cumulative Update and require a restart.

The programming shown in the example image illustrates:

  • four baseline releases planned in a calendar year (five total in the diagram) and eight hotpatch releases;
  • two unplanned baselines that would replace the hotpatch releases for those months.

Patch orchestration process

Hotpatch is to be considered as an extension of Windows Update and patch orchestration tools vary depending on the platform in use.

Hotpatch orchestration on Azure

Virtual machines created in Azure are enabled by default for automatic patching when using a supported image of "Windows Server Datacenter: Azure Edition”:

  • patches classified as Critical or Security are automatically downloaded and applied to the VM;
  • patches are applied during off-peak hours considering the time zone of the VM;
  • Azure handles patch orchestration and patches are applied following the availability principles;
  • the health status of the virtual machine, determined through Azure platform health signals, is monitored for patching failures.

Hotpatch orchestration on Azure Stack HCI

Hotpatch updates for active VMs in Azure Stack HCI environment can be orchestrated using:

  • Group Policy to configure Windows Update client settings;
  • Windows Update client settings or SCONFIG per Server Core;
  • a third-party patch management solution.

Considerations and Limitations

However, like any technology, even hotpatching has its nuances. Not all patches are suitable for hotpatching; some may still require a traditional restart. Furthermore, before applying any patches, it remains crucial to test it in a controlled environment to avoid potential problems.

Installing Hotpatch updates does not support automatic rollback. In fact,, if a VM experiences a problem during or after an upgrade, you need to uninstall the update and install the latest known good baseline update. After the rollback you will need to restart the VM.

Conclusion

The introduction of hotpatching by Microsoft represents a significant step forward in the management of VMs running Windows Server operating system. With the ability to apply security patches and updates non-disruptively, administrators can ensure that their servers are protected and updated in a faster and more effective way. In a world where safety is paramount and where every second counts, hotpatching is positioned as a valuable solution for any company that uses Windows Server in an Azure environment or in an Azure Stack HCI environment.

Azure Stack HCI: IT infrastructure innovation that reduces environmental impact

The era of technological innovation has a duty to merge with environmental sustainability, and Microsoft Azure Stack HCI represents a significant step forward in this direction. In the fast-paced world of enterprise IT, organizations are constantly looking for solutions that not only offer excellent performance and innovation, but which also contribute to reducing the environmental impact of their IT infrastructures. Azure Stack HCI stands as a cutting-edge solution that combines technological excellence with a commitment to environmental sustainability. In this article, we will explore the positive environmental implications of adopting Azure Stack HCI.

 

Reduction of energy consumption

In a hyper-converged infrastructure (HCI), several hardware components are replaced by software, which combines the processing layers, storage and networking in a single solution. Azure Stack HCI is the Microsoft solution that allows you to create a hyper-converged infrastructure (HCI), where computing resources, storage and networking are consolidated into a single platform. This eliminates the need for separate devices, such as appliance, storage fabric and SAN, leading to an overall reduction in energy consumption. Furthermore, Azure Stack HCI systems are purpose-built to operate efficiently, making the most of available resources. This elimination of separate devices and optimization of resources help reduce the amount of energy required to maintain and cool the infrastructure, thus contributing to the reduction of carbon emissions.

Figure 1 – "Three Tier" Infrastructure vs Hyper-Converged Infrastructure (HCI)

Intelligent use of resources

Azure Stack HCI allows you to flexibly scale resources based on workload needs and allows you to extend its functionality with Microsoft Azure cloud services, including:

  • Azure Site Recovery to implement disaster recovery scenarios;
  • Azure Backup for offsite protection of your infrastructure;
  • Update Management which allows you to make an assessment of the missing updates and proceed with the corresponding deployment, for both Windows machines and Linux systems, regardless of their geographical location;
  • Azure Monitor which offers a centralized way to monitor and control what is happening at the application level, network and hyper-converged infrastructure, using advanced analytics based on artificial intelligence;
  • Defender for Cloud which guarantees monitoring and detection of security threats on workloads running in the Azure Stack HCI environment;
  • Cloud Witness to use Azure storage account as cluster quorum.

Furthermore, there is the possibility of modernizing and making the file server more efficient as well, which remains a strategic and widely used component in data centers, by adopting the solution Azure File Sync. This solution allows you to centralize the network folders of the infrastructure in Azure Files, while ensuring flexibility, the performance and compatibility of a traditional Windows file server. Although it is possible to maintain a complete copy of the data in an on-premises environment, Azure File Sync turns Windows Server into a “cache” which allows quick access to the contents present in a specific Azure file share: then, all files reside in the cloud, while only the latest files are also kept in the on-premises file server. This approach allows you to significantly reduce the storage space required in your datacenter.

Figure 2 – Platform integration with cloud solutions

Figure 2 – Platform integration with cloud solutions

Thanks to virtualization, the dynamic allocation of resources and the adoption of solutions in the cloud environment, you can use only the resources you need on-premises, avoiding waste of energy. This approach to infrastructure reduces the environmental impact of manufacturing, management and disposal of obsolete hardware components.

Optimization of physical space

Consolidating resources into a single Azure Stack HCI platform reduces the need for physical space for server installation, storage devices and network devices. This results in a significant reduction in the surface area occupied in server rooms, allowing for more efficient space management and higher computational density. In turn, the reduction of the occupied space means lower cooling and lighting needs, thus contributing to overall energy savings.

Conclusions

The adoption of Microsoft Azure Stack HCI offers significant benefits in terms of environmental sustainability. The reduction of energy consumption, resource optimisation, the intelligent use of physical space and the wide flexibility help to reduce the environmental impact of data centers and IT infrastructures. Azure Stack HCI represents a step forward towards the adoption of more sustainable IT solutions, enabling organizations to optimize resources, reduce carbon emissions and promote more efficient and environmentally conscious management of IT resources.

Maximize the performance of Azure Stack HCI: discover the best configurations for networking

Hyperconverged infrastructure (HCI) are increasingly popular as they allow you to simplify the management of the IT environment, reduce costs and scale easily when needed. Azure Stack HCI is the Microsoft solution that allows you to create a hyper-converged infrastructure for the execution of workloads in an on-premises environment and which provides a strategic connection to various Azure services to modernize your IT infrastructure. Properly configuring Azure Stack HCI networking is critical to ensuring security, application reliability and performance. In this article, the fundamentals of configuring Azure Stack HCI networking are explored, learning more about available networking options and best practices for networking design and configuration.

There are different network models that you can take as a reference to design, deploy and configure Azure Stack HCI. The following paragraphs show the main aspects to consider in order to direct the possible implementation choices at the network level.

Number of nodes that make up the Azure Stack HCI cluster

A single Azure Stack HCI cluster can consist of a single node and can scale up to 16 nodes.

If the cluster consists of a single server at the physical level it is recommended to provide the following network components, also shown in the image:

  • single TOR switch (L2 or L3) for north-south traffic;
  • two-four teamed network ports to handle management and computational traffic connected to the switch;

Furthermore, optionally it is possible to provide the following components:

  • two RDMA NIC, useful if you plan to add a second server to the cluster to scale your setup;
  • a BMC card for remote management of the environment.

Figure 1 – Network architecture for an Azure Stack HCI cluster consisting of a single server

If your Azure Stack HCI cluster consists of two or more nodes you need to investigate the following parameters.

Need for Top-Of-Rack switches (TOR) and its level of redundancy

For Azure Stack HCI clusters consisting of two or more nodes, in production environment, the presence of two TOR switches is strongly recommended, so that we can tolerate communication disruptions regarding north-south traffic, in case of failure or maintenance of the single physical switch.

If the Azure Stack HCI cluster is made up of two nodes, you can avoid providing a switch connectivity for storage traffic.

Two-node configuration without TOR switch for storage communication

In an Azure Stack HCI cluster that consists of only two nodes, to reduce switch costs, perhaps going to use switches already in possession, storage RDMA NICs can be connected in full-mesh mode.

In certain scenarios, which include for example branch office, or laboratories, the following network model can be adopted which provides for a single TOR switch. By applying this pattern, you get cluster-wide fault tolerance, and is suitable if interruptions in north-south connectivity can be tolerated when the single physical switch fails or requires maintenance.

Figure 2 – Network architecture for an Azure Stack HCI cluster consisting of two servers, without storage switches and with a single TOR switch

Although the SDN services L3 are fully supported for this scheme, routing services such as BGP will need to be configured on the firewall device that sits on top of the TOR switch, if this does not support L3 services.

If you want to obtain greater fault tolerance for all network components, the following architecture can be provided, which provides two redundant TOR switches:

Figure 3 – Network architecture for an Azure Stack HCI cluster consisting of two servers, without storage switches and redundant TOR switches

The SDN services L3 are fully supported by this scheme. Routing services such as BGP can be configured directly on TOR switches if they support L3 services. Features related to network security do not require additional configuration for the firewall device, since they are implemented at the virtual network adapter level.

At the physical level, it is recommended to provide the following network components for each server:

  • two-four teamed network ports, to handle management and computational traffic, connected to the TOR switches;
  • two RDMA NICs in a full-mesh configuration for east-west traffic for storage. Each cluster node must have a redundant connection to the other cluster node;
  • as optional, a BMC card for remote management of the environment.

In both cases the following connectivities are required:

Networks Management and computational Storage BMC
Network speed At least 1 GBps,

10 GBps recommended

 At least 10 GBps Tbd
Type of interface RJ45, SFP+ or SFP28 SFP+ or SFP28 RJ45
Ports and aggregation Twofour ports in teaming Two standalone ports One port

Two or more node configuration using TOR switches also for storage communication

When you expect an Azure Stack HCI cluster composed of more than two nodes or if you don't want to preclude the possibility of being able to easily add more nodes to the cluster, it is also necessary to merge the traffic concerning the storage from the TOR switches. In these scenarios, a configuration can be envisaged where dedicated network cards are maintained for storage traffic (non-converged), as shown in the following picture:

Figure 4 – Network architecture for an Azure Stack HCI cluster consisting of two or more servers, redundant TOR switches also used for storage traffic and non-converged configuration

At the physical level, it is recommended to provide the following network components for each server:

  • two teamed NICs to handle management and computational traffic. Each NIC is connected to a different TOR switch;
  • two RDMA NICs in standalone configuration. Each NIC is connected to a different TOR switch. SMB multi-channel functionality ensures path aggregation and fault tolerance;
  • as optional, a BMC card for remote management of the environment.

These are the connections provided:

Networks Management and computational Storage BMC
Network speed At least 1 GBps,

10 GBps recommended

 At least 10 GBps Tbd
Type of interface RJ45, SFP+ or SFP28 SFP+ or SFP28 RJ45
Ports and aggregation Two ports in teaming Two standalone ports One port

Another possibility to consider is a "fully-converged" configuration of the network cards, as shown in the following image:

Figure 5 – Network architecture for an Azure Stack HCI cluster consisting of two or more servers, redundant TOR switches also used for storage traffic and fully-converged configuration

The latter solution is preferable when:

  • bandwidth requirements for north-south traffic do not require dedicated cards;
  • the physical ports of the switches are a small number;
  • you want to keep the costs of the solution low.

At the physical level, it is recommended to provide the following network components for each server:

  • two teamed RDMA NICs for traffic management, computational and storage. Each NIC is connected to a different TOR switch. SMB multi-channel functionality ensures path aggregation and fault tolerance;
  • as optional, a BMC card for remote management of the environment.

These are the connections provided:

Networks Management, computational and storage BMC
Network speed At least 10 GBps Tbd
Type of interface SFP+ or SFP28 RJ45
Ports and aggregation Two ports in teaming One port

SDN L3 services are fully supported by both of the above models. Routing services such as BGP can be configured directly on TOR switches if they support L3 services. Features related to network security do not require additional configuration for the firewall device, since they are implemented at the virtual network adapter level.

Type of traffic that must pass through the TOR switches

To choose the most suitable TOR switches it is necessary to evaluate the network traffic that will flow from these network devices, which can be divided into:

  • management traffic;
  • computational traffic (generated by the workloads hosted by the cluster), which can be divided into two categories:
    • standard traffic;
    • SDN traffic;
  • storage traffic.

Microsoft has recently changed its approach to this. In fact,, TOR switches are no longer required to meet every network requirement regarding various features, regardless of the type of traffic for which the switch is used. This allows you to have physical switches supported according to the type of traffic they carry and allows you to choose from a greater number of network devices at a lower cost, but always of quality.

In this document lists the required industry standards for specific network switch roles used in Azure Stack HCI implementations. These standards help ensure reliable communication between nodes in Azure Stack HCI clusters. In this section instead, the switch models supported by the various vendors are shown, based on the type of traffic expected.

Conclusions

Properly configuring Azure Stack HCI networking is critical to ensuring that hyper-converged infrastructure runs smoothly, ensuring security, optimum performance and reliability. This article covered the basics of configuring Azure Stack HCI networking, analyzing the available network options. The advice is to always carefully plan the networking aspects of Azure Stack HCI, choosing the most appropriate network option for your business needs and following implementation best practices.

The cost model for Azure Stack HCI (12/2022)

Technologies from different vendors are available on the market that allow you to build hyper-converged infrastructures (HCI). Microsoft in this sector offers an innovative solution called Azure Stack HCI, deployed as an Azure service, that allows you to achieve high performance, with advanced security features and native integration with various Azure services. This article describes how much you need to invest to get the Azure Stack HCI solution and what aspects you can consider to structure the cost model as you like..

Premise: OPEX vs CAPEX

The term CAPEX (contraction from CAPital EXpenditure, ie capital expenditures) indicates the cost of developing or providing durable assets for a product or system.

Its counterpart, operational expenditure or OPEX (from the English term OPerational EXpenditure) is the cost of managing a product, a solution or a system. These are also called costs O&M (Operation and Maintenance) or operating and management costs.

CAPEX costs usually require a budget and a spending plan. Also for these reasons, companies generally prefer to incur OPEX costs, as they are easier to plan and manage.

Clarify these concepts, now let's see the Azure Stack HCI cost model and how to get a totally OPEX model.

Hardware costs

In order to activate the Azure Stack HCI solution, it is necessary to have on-premise hardware to run the dedicated operating system of the solution and to run the various workloads. There are two possibilities:

  • Azure Stack HCI Integrated Systems: determined by the vendor, offer specially structured and integrated systems for this solution, that provide an appliance-like experience. These solutions also include integrated support, jointly between the vendor and Microsoft.
  • Azure Stack HCI validated nodes: implementation takes place using hardware specifically tested and validated by a vendor. In this way you can customize the hardware solution according to your needs, going to configure the processor, memory, storage and features of network adapters, but respecting the supplier's compatibility matrices. There are several hardware vendors that offer suitable solutions to runAzure Stack HCI and can be consulted by accessingthis link. Most implementations are done in this way.

Figure 1 - Hardware deployment scenarios

Also for the hardware it is possible to make some evaluations to adopt a cost model based on rental. In fact,, major vendors such as HPE, Dell and Lenovo, are able to offer the necessary hardware in "infrastructure as-a-service" mode, through a payment model based on use.

Azure costs

Despite being running on premise, Azure Stack HCI provides for billing based on Azure subscription, just like any other service in Microsoft's public cloud.

Azure Stack HCI offers a free trial period that allows you to evaluate the solution in detail. The duration of this period is equal to 60 days and starts from when you complete the registration of the cluster environment in Azure.

At the end of the trial period, the model is simple and costs “10 € / physical core / month"*. The cost is therefore given by the total of physical cores present in the processors of the Azure Stack HCI cluster. This model does not provide for a minimum or a maximum on the number of physical cores licensed, much less limits on the activation duration.

Financial benefits for customers with a Software Assurance agreement

Customers who have Windows Server Datacenter licenses with active Software Assurance, can activate’Azure Hybrid Benefit also for Azure Stack HCI cluster. To activate this benefit, at no additional cost, you will need to exchange a Windows Server Datacenter core license with Software Assurance for an Azure Stack HCI physical core. This aspect allows to zero the Azure costs for the Azure Stack HCI host fee and provides the right to run an unlimited number of Windows Server guest virtual machines on the Azure Stack HCI cluster.

Furthermore, Azure Hybrid Benefits can also be activated for Azure Kubernetes Service (AKS). In this case, Windows Server StandardDatacenter licenses with active Software Assurance are required, or the presence of a Cloud Solution Provider subscription (CSP). Each Windows Server core license entitles you to use an AKS virtual core.

In the following image it is summarized as, customers with Software Assurance, can use Azure Hybrid Benefit to further reduce costs in the cloud, in on-premises datacenters and peripheral offices.

Figure 2 – What is included in the Azure Hybrid Benefit for customers in Software Assurance

Specifically for customers with a Software Assurance agreement, the adoption of Azure Stack HCI translates into a drastic reduction in the costs of modernizing the virtualization environment, making this solution even more competitive from a cost point of view compared to competitors on the market. To consult in detail the licensing requirements you can refer to this document.

Costs for guest VMs

The Azure costs listed in the previous paragraph do not include the operating system costs for guest machines running in the Azure Stack HCI environment. This aspect is also common to other HCI platforms, like Nutanix and VMware vSAN.

The following image shows how the licensing of guest operating systems can take place:

Figure 3 – Licensing of guest operating systems

Costs for Windows Server virtual machines

There are mainly two options for licensing Windows Server guest machines in Azure Stack HCI:

  • Buy Windows Server licenses (CAPEX mode), Standard or Datacenter, which include the right to activate the OS of guest virtual machines. The Standard Edition may be suitable if the number of Windows Server guest machines is limited, while if there are several Windows Server guest systems, it is advisable to evaluate the Datacenter Edition which gives the right to activate an unlimited number of virtualized Windows Server systems.
  • Pay for the Windows Server license for guest systems through your Azure subscription, just like in Azure environment. Choosing this option will incur a cost (OPEX) bet a “€22.4 / physical core / month ”* to be able to activate an unlimited number of Windows Server guest systems in the Azure Stack HCI environment.

*Costs estimated for the West Europe region and subject to change. For more details on the costs of Azure Stack HCI you can consult the Microsoft's official page.

Charges for other workloads running on Azure Stack HCI

The result we intend to pursue with the Azure Stack HCI infrastructure is to be able to run in an on-premises environment, not just virtual machines, but the same Microsoft public cloud workloads. To achieve this Microsoft is bringing the most popular Azure workloads to Azure Stack HCI and the following cost considerations apply to each of them:

  • Azure Kubernetes Service: the configuration of the K8s Arc enabled cluster is free **.
  • Azure Arc-enabled data services:
    • For SQL Server, customers can purchase SQL Server licenses in CAPEX mode or, who already has SQL licenses, can use Azure Hybrid Benefit for Azure Arc-enabled SQL Managed Instance, without having to pay the SQL license again.
    • If you want to switch to an OPEX model, you can obtain Microsoft SQL Server licenses through Microsoft's Azure Arc-enabled data services **.
  • Azure Virtual Desktop:
    • User access rights for Azure Virtual Desktop. The same licenses that grant access to Azure virtual desktops in the cloud also apply to Azure Virtual Desktop in Azure Stack HCI.
    • Azure Virtual Desktop Hybrid Service Fee. This fee is charged for each virtual CPU (vCPU) used by Azure Virtual Desktop session hosts running in Azure Stack HCI environment.

**For more details on Azure Arc costs you can consult this page.

Support costs

Azure Stack HCI, being in effect an Azure solution, is covered by Azure support with the following features:

  • A choice is provided between several Azure support plans, depending on your needs. Basic support is free, but in certain scenarios it is recommended that you at least consider Standard support, which provides a fixed monthly cost.
  • Technical support is provided by a team of experts dedicated to supporting the Azure Stack HCI solution and can be easily requested directly from the Azure portal.

Conclusions

Azure Stack HCI allows you to bring cloud innovation into your data center and at the same time create a strategic link to Azure. In the era of hybrid datacenters, a solution like Azure Stack HCI, allows you to structure the cost model at will and to have maximum flexibility. There are several vendors on the market offering solutions to build hyper-converged infrastructures (HCI) hybrid, and Azure Stack HCI can be very competitive, not only from the point of view of functionality, but also from the point of view of costs.

4 good reasons to choose Azure Stack HCI

Cloud computing is increasingly popular for companies looking to simplify management and achieve greater scalability of their IT environment. However, many organizations continue to use infrastructure at their datacenters for a variety of reasons, ranging from the need to ensure support for legacy workloads, the need to comply with specific technical and regulatory requirements. This article discusses the top reasons why you should consider adopting Azure Stack HCI over other on-premises virtualization solutions.

Azure Stack HCI is the Microsoft solution that allows you to create a hyper-converged infrastructure (HCI) for running workloads in an on-premises environment and that provides a strategic connection to various Azure services. Azure Stack HCI was specifically designed by Microsoft to help customers modernize their hybrid datacenter, offering a complete and familiar Azure experience in an on-premises environment. If there is an insight into the Microsoft Azure Stack HCI solution, I invite you to read this article or to view this video.

Figure 1 – Overview of Azure Stack HCI

Interacting with customers on a daily basis, I am often asked why they should choose Azure Stack HCI over other known solutions that have been on the market for a long time. In the following paragraphs I report those that, in my view, are the main reasons that lead to the adoption of Azure Stack HCI.

1. Modernize your on-premises infrastructure by bringing innovation

Azure Stack HCI is not synonymous with a virtualization environment, but it allows you to achieve much more. In fact,, it is ideal if you want to modernize your infrastructure, adopting a hyper-converged architecture that allows you to:

  • Activate virtual machines relying on consolidated technologies that make the environment stable and highly available, also particularly suitable for workloads that require high performance and high scalability.
  • Deploy and manage modern applications based on micro-services, parallel to virtual machines, on the same cluster environment, adopting Azure Kubernetes Service (AKS). As well as being able to run containerized Windows and Linux apps, AKS provides the infrastructure to run services PaaS selected of the Azure platform in an on-premises environment, thanks to Azure Arc.
  • Activate virtual machines with Windows Server 2022 Azure Datacenter edition, which offers specific features not available in the classic Standard and Datacenter editions. To learn more about the features available in this edition, you can consult this article.
  • Create session host pools of Azure Virtual Desktop using virtual machines running on-premises. This hybrid scenario becomes interesting in situations where applications are sensitive to latency, such as video editing, or scenarios where users need to take advantage of a legacy system present on-premises that cannot be easily reached.
  • Extend the functionality of the on-premises solution by connecting to various Azure services such as Azure Site Recovery, Azure Backup, Azure Monitor and Defender for Cloud. This aspect guarantees a constant innovation, given the continuous evolution of cloud services.

2. Optimize costs

The cost model for Azure Stack HCI, described in detail in this article, is very simple.

In particular, for customers with a Software Assurance contract, the adoption of Azure Stack HCI translates into a drastic reduction in the costs of modernizing the virtualization environment, making this solution even more competitive from a cost point of view compared to competitors on the market. Recently, doing a cost comparison between Azure Stack HCI and VMware vSphere + vSAN on a projection of 3 years, it emerged as Azure Stack HCI allows you to save up to 40%.

3. Increase the level of security

Azure Stack HCI offers cross-security across hardware and firmware, integrated into the functionalities of the operating system, that can help protect servers from advanced threats. In fact,, Azure Stack HCI systems, can adopt the security features of Secured-core, all through an easy setup experience from the Windows Admin Center.

Furthermore, Azure Stack HCI allows you to get free, just like in Azure, important security patches for Microsoft's legacy products that are past their end of support, through the Extended Security Update program (ESU). Currently applies to Windows Server 2008/R2 and will soon also apply to Windows Server 2012/R2 when end of support is reached, in addition to the corresponding versions of SQL Server. This allows you to have more time to undertake an application modernization process, without neglecting the safety aspects.

4. Maximize the investments already made

Azure Stack HCI can integrate with your existing environment as well as popular third-party solutions. Therefore, the adoption of this solution does not require new investments to introduce or adapt the management solutions, identity, security and protection.

In particular, the administrative management of Azure Stack HCI does not require specific software, but you can use existing management tools such as Admin Center, PowerShell, System Center Virtual Machine Manager and even third-party tools. Furthermore, by adopting Azure Stack HCI and Azure Arc it is possible to apply the cloud management models also to the on-premises environment, greatly simplifying the user experience.

Azure Stack HCI allows you to take full advantage of not only the investments already made in terms of tools, but also with regard to the skills of the IT staff.

Conclusions

Microsoft brings cloud innovation and experience managing one of the world's largest data centers to Azure Stack HCI. Customers, in turn, by adopting Azure Stack HCI they can modernize their on-premises datacenter, safeguarding the investments made and future ones, without neglecting the aspects related to security and integration. The reasons described in this article are particularly important, to the point of having already led several customers to choose Azure Stack HCI over other solutions in this area.