I am here to provide a single post for Azure updates on the previous month. In this blog, we will be covering up May month updates from Azure. Each update on this blog is not an exhaustive list of monthly updates. I want to call out the most specific updates from Infrastructure technologies (compute, storage, networking, identity, monitoring & security, etc.) and have categorized the updates based on high-level sections.
Azure Compute
General availability of Azure Bastion IP based connection
Azure Bastion now supports connectivity to Azure virtual machines or on-premises resources via a specified IP address. IP-based connection lets you connect to your on-premises, non-Azure, and Azure virtual machines via Azure Bastion over ExpressRoute or a VPN site-to-site connection using a specified private IP address. When IP based connection feature is enabled, Azure Bastion can be used to RDP/SSH into an on-premises resource over ExpressRoute and Site-to-Site VPN.
This feature currently has some limitations:
- IP – based connection won’t work with force tunneling over VPN or when a default route is advertised over an ExpressRoute circuit.
- Azure Bastion SKU should be a standard.
Azure Stack HCI single-node
The new single-node Azure Stack HCI fulfills growing hybrid infrastructure needs in remote locations while maintaining the innovation of native integration with Azure Arc. Specifically, this new configuration offers flexibility to deploy the stack in smaller spaces and with fewer processing needs, optimizing resources while still delivering quality and consistency.
Azure Stack HCI single-node clusters are resilient to failures such as a failed disk, but unlike multi-node clusters, they can’t tolerate an entire server failing. Because of this more limited resiliency, single-node clusters can contain only a single drive type (NVMe or SSD).
Subnet per node pool in AKS
The subnet per node pool feature allows multiple subnets in the same virtual network within an AKS cluster by assigning new node pools to different subnets. This allows for the expansion of cluster address space over time as cluster size increases. This removes the network planning constraints during the AKS setup.
This feature currently has some limitations:
- All subnets assigned to node pools must belong to the same virtual network.
- System pods must have access to all nodes/pods in the cluster to provide critical functionality such as DNS resolution and tunneling kubectl logs/exec/port-forward proxy.
- Suppose you expand your VNET after creating the cluster. In that case, you must update your cluster (perform any managed cluster operation, but node pool operations don’t count) before adding a subnet outside the original CIDR.
Generally available: Azure Compute Gallery support for trusted launch Virtual Machines
A trusted launch provides a seamless way to improve the security of Azure Generation 2 VMs. It protects against advanced and persistent attack techniques by combining technologies that can be independently enabled, like secure boot and virtualized version of trusted platform module (vTPM). Now you can use Azure Compute Gallery to create and share images of trusted launch virtual machines.
Public preview: App Service’s new migration capabilities
The Azure Migrate tool now offers additional capabilities that make it easier for you to move applications from on-premises environments to Azure App Service and Azure Kubernetes Service. Azure App Service bulk migration capabilities are now in public preview through the Azure Migrate feature:
- Discover and assess ASP.NET web apps in addition to categorizing which apps are ready for migration.
- Suggest a destination for migration and provide a guided content and configuration experience for ASP.NET web apps to Azure App Service.
- Discover and migrate with Java Tomcat applications to App Service Linux and Azure Kubernetes Service.
- Containerize your ASP.NET web apps and move them to Windows Containers on App Service or Azure Kubernetes Service.
Azure Data & Storage
General availability: Azure Data Lake Storage Gen1 to Gen2 using Azure Portal
Azure Data Lake Storage Gen1 will be retired on 29 February 2024. Microsoft recommends migrating your data lake to Azure Data Lake Storage Gen2 and taking advantage of the capabilities dedicated to big data analytics built on Azure Blob Storage. Microsoft now offers a simple and intuitive user experience in the Azure portal to lower the barrier to this migration. You can provide your consent in the Azure portal and migrate your data from Azure Data Lake Storage Gen1 to Azure Data Lake Storage Gen2.
Azure Networking & Security
Public preview: Azure DNS Private Resolver – Hybrid name resolution and conditional forwarding
Resolve DNS names hosted in Azure Private DNS Zones from on-premises networks and DNS queries for your domain names. Azure DNS private resolver is a cloud-native, highly available, and DevOps-friendly service. It provides a simple, zero-maintenance, reliable, and secure Domain Name System (DNS) service to resolve and conditionally forward DNS queries from a virtual network, on-premises, and to other target DNS servers without the deploying VM based DNS servers. You no longer need to provide IaaS-based solutions to resolve names registered on Azure private DNS zones on your virtual networks. You can configure conditional forwarding of domains back to on-premises, multi-cloud, and public DNS servers. This will make DNS infrastructure work privately and seamlessly across on-premises networks and enable critical hybrid networking scenarios.
Other Azure Services
General availability: Azure Backup supports backup of Write Accelerator enabled disks
Microsoft has announced the general availability of backup for Write Accelerator-enabled disks. Azure customers widely use these disks with M-Series Virtual Machines (VMs) to improve the I/O latency of writes against Azure Premium Storage. As part of the preview, Azure Backup has offered backup support for such disks to enrolled customers. With this general availability announcement, this support is available to all customers who configure Azure Virtual Machine Backup with disks enabled with Write Accelerator. You can choose to configure selective disk feature to remove the backup of these disks as part of Azure Virtual Machine Backup.
. Thanks for your time, and I hope you had a quick preview
Santhosh has over 15 years of experience in the IT organization. Working as a Cloud Infrastructure Architect and has a wide range of expertise in Microsoft technologies, with a specialization in public & private cloud services for enterprise customers. My varied background includes work in cloud computing, virtualization, storage, networks, automation and DevOps.
