This blog post series highlights the key announcements and major updates related to Azure Infrastructure as a Service (IaaS) and Azure Stack, as officially released by Microsoft in the past two weeks. This week marks a significant milestone with the occurrence of the Microsoft Ignite event, bringing with it a substantial number of important updates and innovations announced by Microsoft. To delve deeper into the specific developments unveiled during this conference in these areas, I invite you to read the dedicated article: Unveiling the future: key insights from Microsoft Ignite on Azure IaaS and Azure Stack.
Azure to End Support for TLS 1.0 and 1.1 by 31 October 2024
Microsoft Azure has announced that it will end support for Transport Layer Security (TLS) versions 1.0 and 1.1 by 31 October 2024. This decision is part of Azure’s ongoing efforts to enhance security and provide best-in-class encryption for customer data. From this date, interactions with Azure services will require TLS 1.2 or later. While the Microsoft implementation of older TLS versions is not known to be vulnerable, TLS 1.2 and subsequent versions offer improved security features, such as perfect forward secrecy and stronger cipher suites. Customers are advised to confirm that their resources interacting with Azure services are using TLS 1.2 or later to avoid potential service disruptions. If resources are already exclusively using TLS 1.2 or later, no further action is required. However, if there is still a dependency on TLS 1.0 or 1.1, it is recommended to transition to TLS 1.2 or later by the specified deadline. Microsoft provides additional resources and support to assist with this transition.
Ubuntu Server to Ubuntu Pro in-place upgrade now available
Microsoft Azure has announced the general availability of an in-place upgrade from Ubuntu Server to Ubuntu Pro. This upgrade can be added as a subscription to your Azure Virtual Machines (VMs), enabling the transition without the need to redeploy or take VMs offline. Ubuntu Pro offers an extended support period of 10 years for over 2,300 Main and 23,000+ Universe packages, with the 18.04 version recently entering extended support. This upgrade enhances VMs with additional security and compliance features, making it a robust choice for enterprise environments. For detailed instructions on the upgrade process, Azure users can refer to the official documentation, and pricing information for Ubuntu Pro is available on the Azure pricing page.
Introducing NGads V620 Series VMs Optimized for Gaming Scenarios
Microsoft Azure has announced the general availability of the NGads V620 series VMs, a new addition optimized for gaming scenarios. These GPU-enabled virtual machines are powered by AMD Radeon™ PRO V620 GPUs and AMD EPYC 7763 (Milan) CPUs, designed to deliver a high-quality, interactive gaming experience hosted in Azure. The NGads V620 VMs feature GPU Partitioning, allowing VMs to access ¼, ½, or a whole GPU, enabling customers to tailor their performance and cost according to their business needs. Additionally, these VMs come standard with NVMe drives, offering up to 1025 GB of temp storage for rapid local data access. A key component of the NGads V620 series is the AMD Software: Cloud Edition. This software targets optimizations available in the consumer gaming version of the AMD Adrenaline driver, further tested and optimized for cloud environments. It is frequently updated to support the latest game releases. The software also supports accelerated virtual desktop environments, with Radeon PRO optimizations for high-end workstation applications in design or rendering.
Application Gateway: using a common port for Public and Private listeners
Microsoft Azure has announced the general availability of the feature that allows configuring the same port number for public and private listeners on your Application Gateway. This update simplifies the use of Application Gateway deployments to serve both internet-facing and internal clients without the need for non-standard ports or backend application customizations. The feature is available in all public regions, including Azure China and Azure Government cloud regions. Note that additional configuration may be necessary for inbound rules when using Network Security Groups.
Rate-Limit Rules for Application Gateway Web Application Firewall
Azure has introduced rate-limit custom rules for its regional Web Application Firewall (WAF) on Application Gateway, now generally available. This feature allows the detection and blocking of unusually high levels of traffic aimed at your application. Rate-limiting is instrumental in mitigating various types of denial-of-service attacks, managing misconfigured clients sending excessive requests, or controlling traffic from specific geographical locations. This enhancement bolsters the security and management of your web applications.
Application Gateway Supports IPv6 Frontend (preview)
Azure’s Application Gateway v2 is now in public preview for supporting dual-stack (IPv4 and IPv6) connections at the frontend. This upgrade enables the Application Gateway to manage traffic from both IPv4 and IPv6 clients, enhancing flexibility and connectivity options. This feature is particularly beneficial for addressing IPv4 address exhaustion and meeting various regulatory requirements. Users can now set up a new Application Gateway with both IPv4 and IPv6 addresses, reflecting Azure’s commitment to delivering top-notch service and customer experience.
Azure NetApp Files Datastores for Azure VMware Solution in US Government Regions
Azure NetApp Files datastores have achieved general availability in US Government Cloud regions to support storage-intensive workloads on Azure VMware Solution (AVS). This advancement allows users to create datastores through the Azure VMware Solution resource provider with Azure NetApp Files NFS volumes, which can be attached to any selected private cloud clusters. With the ability to scale storage independently of compute and surpass the local instance storage limits provided by vSAN, this feature aims to reduce the total cost of ownership. This service is now available in the US Gov Virginia and US Gov Arizona regions.
Azure Elastic SAN Updates – Snapshots, Security, and Usability (preview)
Azure Elastic SAN, currently in preview, has received new updates to enhance its performance and security. The updates include live volume resizing, force delete capabilities, and Server-Side Encryption with Customer Managed Keys (SSE with CMK) for improved security. As a VMware Certified datastore, Elastic SAN offers scalable storage and performance, which optimizes total cost of ownership and scalability. These improvements are part of Azure’s ongoing efforts to provide seamless integration with other native Azure products and a robust, secure storage solution.
Azure Stack HCI
AKS on Azure Stack HCI and Windows Server 2023-10-30
The AKS HCI management cluster has been updated to Kubernetes version 1.26.6, laying the groundwork for future Kubernetes versions for workload clusters. This release includes security updates to address vulnerabilities, enhancements to Azure Arc onboarding prechecks for better network resilience, and several bug fixes. Users are encouraged to try AKS on Azure Stack HCI or Windows Server using the evaluation guide and to contribute feedback and follow the AKS hybrid roadmap through GitHub.
Over the past two weeks, Microsoft has introduced a slew of updates and announcements pertaining to Azure Infrastructure as a Service (IaaS) and Azure Stack. These developments underscore the tech giant’s unwavering commitment to enhancing its cloud offerings and adapting to the ever-evolving needs of businesses and developers. Users of Azure can anticipate improved functionalities, streamlined services, and enriched features as a result of these changes. Stay tuned for more insights as I continue to monitor and report on Azure’s progression in the cloud sphere.