After a couple of weeks off due to holidays and a general lack of updates from MS, we now return to our regularly scheduled programming :-)

Summary of Azure snippets for the week commencing 8th July 2024, grouped by Azure service. No Azure Monthly summary this month as there’s only one other post for June.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

Summary of Azure snippets for the week commencing 17th June 2024, grouped by Azure service. I managed to miss a week as the Azure Updates site is currently undergoing maintenance (so the RSS feed isn’t updating) and I’ve only just found its temporary replacement.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• Azure DB for PostgreSQL
• Azure Kubernetes Service
• Azure Landing Zones
• Azure Resource Manager
• Azure SQL
• Compute
• Virtual Network Manager

Azure DB for PostgreSQL

• IOPS scaling for Flexible Server (GA) : This feature empowers you to dynamically scale your IOPS based on your workload needs. Ensure optimal performance during high-demand operations like migrations or data loads and scale down to save costs when demand decreases.

Azure Kubernetes Service

• kube-egress-gateway (GA) : kube-egress-gateway is an open-source project that offers a scalable and cost-efficient solution for configuring fixed source IPs for Kubernetes pod egress traffic on Azure.
• OS Security Patch channel for Linux in AKS (GA) : SecurityPatch now added to the channels for node OS image upgrades in AKS.
• az command invoke in AKS (GA) : Invoke a command (e.g. running kubectl) remotely in a private cluster through the AKS API, without connecting directly to the cluster. This can be done from a client that isn’t on the cluster’s private network. Access to the command invoke command is controlled through RBAC permissions.
• Kubernetes patch version 1.27.13 now available in AKS (GA)

Azure Landing Zones

• Zone Redundancy and Multi-Region Capabilities in Azure Landing Zones : Being integrated into Bicep and Terraform accelerators by EoY 2024.

Azure Resource Manager

• Change Actor (GA) : Identifying who made a change to your Azure resources and how the change was made just became easier! With Change Analysis, you can now see who initiated the change and with which client that change was made, for changes across all your tenants and subscriptions. Accessed via the Azure Resource Graph.

Azure SQL

• Advance Notifications for Managed Instance (GA) : Get alerts for planned maintenance events 24 hours ahead of time. Works with SQL Maintenance Windows. Configured via Service Health in the Azure Portal.

Compute

• Windows Server 2025 (Public Preview) : Previewing Windows Server 2025 images for VMs

Virtual Network Manager

• Azure Virtual Network Manager mesh and direct connectivity (GA) : Deploy mesh or hub and spoke network topologies for VNets through VMM without having to set up all the peerings manually.

A summary of May’s (and the start of June’s) weekly Azure snippets, highlighting some of the developments and new features that particularly caught my eye.

This post draws from the following weekly snippets - visit the posts for more details:

• Azure Snippets w/c 06/05/2024
• Azure Snippets w/c 13/05/2024
• Azure Snippets w/c 20/05/2024 - Microsoft Build summary post
• Azure Snippets w/c 27/05/2024
• Azure Snippets w/c 03/06/2024

API Center

• API Center (GA) (Azure Snippets w/c 06/05/2024)

API Management

• Backend Load Balancer (GA) (Azure Snippets w/c 20/05/2024)
• Backend Circuit Breaker (GA) (Azure Snippets w/c 20/05/2024)
• Audit logging in Developer portal (GA) (Azure Snippets w/c 03/06/2024)

Application Gateway

• Application Gateway v2 Basic SKU (Public Preview) (Azure Snippets w/c 13/05/2024)

Availability Zones

• Inter-zone data transfer will no longer be charged for (Azure Snippets w/c 20/05/2024)

Azure Container Storage

• Azure Container Storage (GA) (Azure Snippets w/c 20/05/2024)

Azure DB for PostgreSQL

• Azure Database for PostgreSQL - Flexible Server enhanced disaster recovery features (GA) (Azure Snippets w/c 06/05/2024)
• Azure Database for PostgreSQL - Flexible Server networking with Azure Private Link (GA) (Azure Snippets w/c 06/05/2024)

Azure Load Balancer

• Health Event Logs (Public Preview) (Azure Snippets w/c 03/06/2024)
• Admin State (Public Preview) (Azure Snippets w/c 03/06/2024)

Azure Monitor

• Log Analytics Simple Mode (Public Preview) (Azure Snippets w/c 03/06/2024)

Azure Kubernetes Service

• Initialization taints (Public Preview) (Azure Snippets w/c 06/05/2024)
• Kubernetes 1.30 support (Public Preview) (Azure Snippets w/c 20/05/2024)
• AKS Automatic (Public Preview) (Azure Snippets w/c 20/05/2024)
• In context observability for AKS object overviews in Azure Portal (GA) (Azure Snippets w/c 20/05/2024)
• Advanced Container Networking Services for AKS (Public Preview) (Azure Snippets w/c 27/05/2024)
• Open Service Mesh deprecation (Azure Snippets w/c 27/05/2024)

Azure Resource Graph

• Azure Change Analysis - New Portal experience (Public Preview) (Azure Snippets w/c 06/05/2024)

Azure Resource Manager

• Deployment Stacks (GA) (Azure Snippets w/c 27/05/2024)

Azure SQL

• Licence-free standby replica (GA) (Azure Snippets w/c 20/05/2024)
• Availability portal metric (Public Preview) (Azure Snippets w/c 27/05/2024)
• Update policy for Managed Instances (GA) (Azure Snippets w/c 27/05/2024)

Defender for Cloud

• Azure Defender for Microsoft Azure Database for PostgreSQL - Flexible Server (GA) (Azure Snippets w/c 06/05/2024)

Virtual Networks

• Virtual network flow logs (GA) (Azure Snippets w/c 06/05/2024)
• Virtual Network encryption in all regions (GA) (Azure Snippets w/c 06/05/2024)

Summary of Azure snippets for the week commencing 3rd June 2024, grouped by Azure service.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• API Management
• Azure Bastion
• Azure Load Balancer
• Azure Monitor
• Compute

API Management

• Audit logging in Developer portal (GA) : Audits user actions in the developer portal. Logs can be sent to a storage account, event hub or Log Analytics workspace (common pattern with diagnostic logs in Azure).

Azure Bastion

• Premium SKU (Public Preview) : Adds session recording and private-only deployment to the Standard SKU feature set. Private-only deployment is probably the major new feature here at the moment, though more features are apparently planned for Premium.

Azure Load Balancer

• Health Event Logs (Public Preview) : I can think of several instances when this would have been useful :-) Health event logging through Azure Monitor to help troubleshoot ALB issues. Supported for Standard (regional and global) and Gateway load balancers. A good augmentation to the availability metrics to get more detail - can be queried through Log Analytics and stored/parsed for historical data. UK South only for the preview.
• Admin State (Public Preview) : Override a Load Balancer’s health probe behaviour for each individual backend pool instance without making changes to network security rules or closing ports on a VM. ‘Maintenance mode’ for ALBs (or for the backends) essentially - no need now to modify NSGs or VM config to block connections when maintaining the backends. Only works when a health probe is configured. Documentation and blog post give more details on how it works. Preview available in all regions.

Azure Monitor

• Log Analytics Simple Mode (Public Preview) : Point-and-click analysis of logs without having to know KQL - very useful! KQL mode still available for full-featured querying and analysis. Part of the ’new’ Log Analytics experience.
• Kubernetes Metadata and Logs Filtering in Azure Monitor - Container Insights (Public Preview) : Enhances the ContainerLogsV2 schema with additional Kubernetes metadata. The Logs Filtering feature provides filtering capabilities for both workload and platform (i.e. system namespaces) logs coming out of containers. Visualise results with a Grafana dashboard.
  • Blog post
  • Documentation

Compute

• VM Hibernation (GA) : Hibernation allows saving on compute costs, but persists the VM’s in-memory state so apps etc. resume where they were left off (just like a physical machine hibernating). Available in all public regions.
  • Documentation
  • Blog post

Summary of Azure snippets for the week commencing 27th May 2024, grouped by Azure service.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• API Center
• Azure Kubernetes Service
• Azure Resource Manager
• Azure Site Recovery
• Azure SQL

API Center

• Azure API Center Extension for VS Code (GA) : Build, discover, try, and consume APIs in your API center

Azure Kubernetes Service

• Advanced Container Networking Services for AKS (Public Preview) : A new suite of services bringing advanced network monitoring and diagnostics to AKS clusters. Currently includes only Advanced Network Observability as its inaugural and foundational feature - more are planned.
  • Advanced Network Observability is based on Hubble (itself based on Cilium, but both Cilium (with Kubernetes 1.29) and non-Cilium AKS data planes are supported). It uses Grafana and Prometheus for visualisation (Azure-managed or bring your own), and Retina on non-Cilium nodes (presumably as the eBPF ‘bridge’). It also supports all Azure CNI variants including kubenet.
• Open Service Mesh deprecation : I noticed when looking through the AKS LTS docs that Open Service Mesh was noted as being deprecated. Looks like the CNCF are retiring it and Istio is currently the only option for an AKS-supported service mesh.

Azure Resource Manager

• Deployment Stacks (GA) : Deployment stacks are an Azure resource type which provide a means of managing a collection of Azure resources as a single unit. They are designed to work primarily with Bicep, and are essentially a replacement for Blueprints (which never made it out of preview).

Azure Site Recovery

• Reporting Capabilities for Azure Site Recovery (Preview) : Full-featured and customisable reports based on Azure Monitor logs. Available via Business Continuity Center, Recovery Services Vault and Backup Center
  • Blog post
  • Documentation
• Monitoring improvements for ASR : An improved alerting solution for Azure Site Recovery, including default alerts via Azure Monitor. Brings ASR alerting into the Azure Monitor alerts space for a more consistent experience.
  • Blog post
  • Documentation

Azure SQL

• Availability portal metric (Public Preview) : Monitor SLA-compliant availability of Azure SQL databases in the Azure portal. Supported for DTU and vCore-based DBs at all service tiers, and for single DBs and elastic pools.
• Update policy for Managed Instances (GA) : Choose the speed of updates for new SQL engine features for your managed instance:
  • Always up to date (engine features deployed as soon as they are released in Azure, without waiting for the next major release of SQL Server) or SQL Server 2022 (follows the mainstream servicing lifecycle of SQL Server 2022, with no new SQL engine features deployed until SQL Server vNext is released).
  • The former brings new functionality faster but keeps the database format changing (so e.g. restores or replication to other (‘on-premises’) SQL Server instances might break); latter keeps the SQL engine at 2022 (you still get Azure SQL platform updates) and maintains the database compatibility level, but no new features until SQL vNext.
  • Can change from SQL 2022 policy to Always up to date, but cannot go the other way as DB format can’t be downgraded.

Summary of Azure snippets for the week commencing 20th May 2024, grouped by Azure service.

GA = Generally Available
Public/Private Preview = as stated :-)

Microsoft Build took place this week, so lots of announcements - unsurprisingly, a strong focus on Copilot and AI, though there were some other technologies covered as well. Have a look at the Build 2024 Book of News for all the new stuff announced.

Azure services with highlighted updates this week:

Summary of Azure snippets for the week commencing 13th May 2024, grouped by Azure service.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• Application Gateway
• Azure Kubernetes Service
• Azure Site Recovery

Application Gateway

• Application Gateway v2 Basic SKU (Public Preview) : AG v2 gets a Basic SKU. Same base functionality and Capacity Units as Standard, with a slightly lower SLA (99.9% vs 99.95%), lower scaling maximums, and none of the advanced stuff (e.g. Private Link, URL rewrites). SKU comparison here. Presumably the fixed cost will be cheaper (once it’s out of preview and being charged for :-)

Azure Kubernetes Service

• New version of AKS extension in Visual Studio Code : The AKS extension in Visual Studio Code has been updated to version 1.4.3. This new release includes general enhancements as well as a new command “Retina capture” (which uses the Retina tool Microsoft recently open-sourced).
• AKS automatic use of Zone-Redundant storage to create managed disks when AKS cluster is deployed across availability zones : With Kubernetes 1.29 and built-in storage classes. As ZRS is more expensive than LRS, this can be overridden with a custom storage class.

Azure Site Recovery

• ASR support for Trusted Launch VMs (Public Preview) : Fills a gap in ASR provision. Few gotchas to check though.

Summary of Azure snippets for the week commencing 6th May 2024, grouped by Azure service.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• API Center
• Azure DB for PostgreSQL
• Azure Kubernetes Service
• Azure Resource Graph
• Azure Storage
• Cloud Services (classic)
• Defender for Cloud
• Virtual Network Manager
• Virtual Networks

API Center

• API Center (GA) : A centralised solution for delivery, consumption and governance of APIs. Provides (among other features): cataloguing and inventory of APIs (including from APIM), governance and design rule enforcement, API Analysis for consistency and compliance, and a Visual Studio Code extension for an enhanced developer experience. More full featured than I thought - is this the future of the APIM developer portal?
  • Azure API Center GA blog post

Azure DB for PostgreSQL

• Azure Database for PostgreSQL - Flexible Server enhanced disaster recovery features (GA) : Enhancements to the read replicas feature - Virtual Endpoints and promote a read replica to primary server
  • Virtual endpoints for read replicas
  • Promote to primary server
• Azure Database for PostgreSQL - Flexible Server networking with Azure Private Link (GA) : Private Link joins VNet integration as a supported private VNet access method for PostgreSQL Flexible Server
  • Networking with Private Endpoint docs

Azure Kubernetes Service

• Initialization taints (Public Preview) : Temporary taints on AKS nodes, for example if more time is needed to set up nodes
  • Node initialisation taints docs

Azure Resource Graph

• Azure Change Analysis - New Portal experience (Public Preview) : See all resoure changes across all tenants and subscriptions in the Azure Portal. New portal experience includes filtering, grouping and Change Actor (who made the change and how)
  • View resource changes in the Azure portal (Learn)
  • Change Actor (public preview)

Azure Storage

• Azure Storage Actions (public preview) : Serverless and no-code framework for managing storage operations. Currently supports operations on Blobs in Storage Accounts, and isn’t available in UK regions yet.
• SLA on Blob Storage Cold Tier (GA) : Cold tier Blob storage now backed with a Microsoft uptime and connectivity SLA.

Cloud Services (classic)

• Cloud Services (classic) deployment model is retiring on 31 August 2024 : Migrate to Cloud Services (extended support) if you need to keep using them
  • Five classic networking services which depend on classic Cloud Services are also being retired

Defender for Cloud

• Azure Defender for Microsoft Azure Database for PostgreSQL - Flexible Server (GA) : Part of the Defender for open-source relational databases plan which includes MySQL and MariaDB as well. I have no idea why they refer to it as Azure Defender (the old name for Microsoft Defender for Cloud) here!
  • Azure DB for PostgreSQL docs - Defender for Cloud support

Virtual Network Manager

• Virtual Network Manager UDR (Public Preview) : Enabling users to describe their desired routing behavior via configuration, simplifying the management of routing behaviors at scale.
• Azure Virtual Network Manager security admin rule (GA) : Empowering users to enforce security rules across their virtual networks globally.
  • Security admin rule concepts

Virtual Networks

• Virtual network flow logs (GA) : New capability of Network Watcher, enhancing the flow log support already available for NSGs to the VNet scope
  • Azure Networking blog announcement
  • VNet flow logs
• Virtual Network encryption in all regions (GA) : Customers can enable encryption of traffic between Virtual Machines and Virtual Machines Scale Sets within the same virtual network and between regionally and globally peered virtual networks. This new feature enhances the existing encryption in transit capabilities in Azure.
  • Virtual Network encryption docs

Hello World!

Obligatory ‘hello world’ post while I try to figure out Markdown!