Summary of Azure snippets for the week commencing 12th August 2024, grouped by Azure service.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• Azure DB for PostgreSQL
• Azure Kubernetes Service
• Azure Portal/Entra ID

Azure DB for PostgreSQL

• Terraform support for geo-restore in Azure Database for PostgreSQL - Flexible Server (GA) : You can now use Terraform to perform geo-restore for Azure Database for PostgreSQL - Flexible Server data.

Azure Kubernetes Service

• Azure CNI Powered by Cilium & Azure CNI Overlay support in AKS (Public Preview) : Public preview of Azure CNI Overlay dual-stack with Azure CNI powered by Cilium for Linux clusters in AKS is now available. This enhancement enables AKS clusters to support IPv4 and IPv6 network policies, providing greater flexibility and control over network traffic within your Kubernetes environments.

Azure Portal/Entra ID

• Enable multifactor authentication for your tenant by 15 October 2024 (GA) : This has been on the way for a little while - starting 15 October 2024, MS will require users to use multifactor authentication (MFA) to sign into the Azure portal, Microsoft Entra admin center, and Intune admin center. Applies to break-glass accounts as well - check the documentation for more info.

A summary of July’s (and the start of August’s) weekly Azure snippets, highlighting some of the developments and new features that particularly caught my eye.

This post draws from the following weekly snippets - visit the posts for more details:

• Azure Snippets w/c 22/07/2024
• Azure Snippets w/c 29/07/2024
• Azure Snippets w/c 05/08/2024

Azure Container Storage

• Azure Container Storage for Ephemeral (Local NVMe/Temp SSD) and Azure Disk (GA) (Azure Snippets w/c 29/07/2024)

Azure Kubernetes Service

• Latest AKS release (Azure Snippets w/c 05/08/2024)

Azure Storage

• Convert to Azure Premium SSD v2 disks (Public Preview)(Azure Snippets w/c 22/07/2024)
• Customer Managed Planned Failover for Azure Storage (Public Preview) (Azure Snippets w/c 05/08/2024)

Compute

• 6th generation Intel-based VMs – Dv6/Ev6 (Public Preview) (Azure Snippets w/c 22/07/2024)

Sustainability

• Azure Carbon Optimization (Public Preview) (Azure Snippets w/c 29/07/2024)

Summary of Azure snippets for the week commencing 5th August 2024, grouped by Azure service.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• Azure Extended Zones
• Azure Kubernetes Service
• Azure Storage

Azure Extended Zones

• Azure Extended Zones (Public Preview) : Extending Azure into a small-footprint deployment (for specific services) where latency or data residency for workloads is a primary concern. Looks like the first Extended Zone is in Los Angeles.

Azure Kubernetes Service

• Leveraging Azure Copilot for AKS : More and deeper integration to make cluster management simpler.
• The latest AKS release is now rolling out :
  • AKS patch versions 1.30.3, 1.29.7, 1.28.12, 1.27.16, are now available (so check your cluster versions for any that now fall into ‘N - 3’ or lower).
  • The AKS extension for Visual Studio Code now supports the ability to attach an ACR to your cluster, generate Kubernetes deployment files, generate Dockerfiles, and generate GitHub Actions

Azure Storage

• Customer Managed Planned Failover for Azure Storage (Public Preview) : Finally, the ability to failover storage endpoints while they’re still healthy is coming! Definitely a boon for DR testing, moving regions if there’s a problem with a different service, etc. Very limited set of regions supported at the moment.

Summary of Azure snippets for the week commencing 29th July 2024, grouped by Azure service.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• Azure Backup
• Azure Container Storage
• Azure Kubernetes Service
• Sustainability

Azure Backup

• VM Backup support for Premium SSD v2 disks (GA) : Several updates around Premium SSD v2 and Ultra disks, but VM Backup now supporting them both with the Enhanced backup policy is probably the biggest update from my point of view. Note that cross-region and file-level restores (from a mounted disk) are still not supported. Also (importantly) note that you can’t use geo-redundant (GRS) Recovery Services Vaults for enabling backup with Premium SSD v2 and Ultra disks.
• Vaulted Backup for Azure Blob Storage (GA) : Blob backups can now be stored in a Vault instead of just as snapshots in a Storage Account. Available in all public regions, but there are some limitations to be aware of.

Azure Container Storage

• Azure Container Storage for Ephemeral (Local NVMe/Temp SSD) and Azure Disk (GA) : ACS now ready for production workloads (ephemeral disks and Azure Disk-based ones, anyway). Lots of publicity for this one - Azure Blog post, AKS Engineering blog post, documentation.

Azure Kubernetes Service

• OS SKU in-place migration for AKS (GA) : The OS SKU in-place migration feature allows you to trigger a node image upgrade between one Linux SKU (i.e. Ubuntu) to another (i.e. Azure Linux) on an existing nodepool. No need to create new nodes, cordon and drain the existing ones, and then delete them - the upgrade can roll through the cluster without having to create new node pools.

Sustainability

• Azure Carbon Optimization (Public Preview) : Sustainability is still very much a hot topic with cloud workloads. Carbon optimization joins the emissions dashboard and emissions insights (another preview service) to allow you to get a full picture of your cloud deployment impact and where it could be improved.

Summary of Azure snippets for the week commencing 22nd July 2024, grouped by Azure service. The Azure Updates site is working again, in its new v2 version, though the RSS feed isn’t yet.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• Azure DB for PostgreSQL
• Azure Kubernetes Service
• Azure Storage
• Compute
• Governance

Azure DB for PostgreSQL

• Major version upgrade support for PostgreSQL 16 (GA) : Azure Database for PostgreSQL - Flexible Server now supports in-place major version upgrades to PostgreSQL 16. This update offers access to the latest PostgreSQL features with minimal downtime and a simplified upgrade process.

Azure Kubernetes Service

• The latest AKS release is now rolling out :
  • AKS version 1.30 is now GA.
  • AKS patch versions 1.30.2, 1.30.1, 1.29.6, 1.28.11, 1.27.15, are now available (so check your cluster versions for any that now fall into ‘N - 3’ or lower).

Azure Storage

• Convert to Azure Premium SSD v2 disks (Public Preview) : This feature allows you to migrate your existing Standard SSD, Standard HDD, or Premium SSD v1 disks to Pv2 disks in a few clicks with minimal downtime. This process avoids disk destruction, eliminates the need to use snapshots as a staging resource, and doesn’t require waiting for background data copying. Expands the conversion capability and could be very useful if your workloads can take advantage of Premium SSD v2 capabilities - you had to create a new v2 SSD disk from a snapshot previously.

Compute

• 6th generation Intel-based VMs – Dv6/Ev6 (Public Preview) : General Purpose and Memory-optimised variants, initially available in US West and US East. Claimed performance increase over v5 VMs as well as increased scalability. Also support Azure Boost for increased performance (as will all new VM series going forward).

Governance

• Azure Essentials | Azure Migrate and Modernize | Azure Innovate - Curated collections of resources to kick off and develop Azure projects. Quite a heavy focus on AI (unsurprisingly :-) but covers other areas as well. Useful starting points to go with resources like the Well-Architected and Cloud Adoption Frameworks.

After a couple of weeks off due to holidays and a general lack of updates from MS, we now return to our regularly scheduled programming :-)

Summary of Azure snippets for the week commencing 8th July 2024, grouped by Azure service. No Azure Monthly summary this month as there’s only one other post for June.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

Summary of Azure snippets for the week commencing 17th June 2024, grouped by Azure service. I managed to miss a week as the Azure Updates site is currently undergoing maintenance (so the RSS feed isn’t updating) and I’ve only just found its temporary replacement.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• Azure DB for PostgreSQL
• Azure Kubernetes Service
• Azure Landing Zones
• Azure Resource Manager
• Azure SQL
• Compute
• Virtual Network Manager

Azure DB for PostgreSQL

• IOPS scaling for Flexible Server (GA) : This feature empowers you to dynamically scale your IOPS based on your workload needs. Ensure optimal performance during high-demand operations like migrations or data loads and scale down to save costs when demand decreases.

Azure Kubernetes Service

• kube-egress-gateway (GA) : kube-egress-gateway is an open-source project that offers a scalable and cost-efficient solution for configuring fixed source IPs for Kubernetes pod egress traffic on Azure.
• OS Security Patch channel for Linux in AKS (GA) : SecurityPatch now added to the channels for node OS image upgrades in AKS.
• az command invoke in AKS (GA) : Invoke a command (e.g. running kubectl) remotely in a private cluster through the AKS API, without connecting directly to the cluster. This can be done from a client that isn’t on the cluster’s private network. Access to the command invoke command is controlled through RBAC permissions.
• Kubernetes patch version 1.27.13 now available in AKS (GA)

Azure Landing Zones

• Zone Redundancy and Multi-Region Capabilities in Azure Landing Zones : Being integrated into Bicep and Terraform accelerators by EoY 2024.

Azure Resource Manager

• Change Actor (GA) : Identifying who made a change to your Azure resources and how the change was made just became easier! With Change Analysis, you can now see who initiated the change and with which client that change was made, for changes across all your tenants and subscriptions. Accessed via the Azure Resource Graph.

Azure SQL

• Advance Notifications for Managed Instance (GA) : Get alerts for planned maintenance events 24 hours ahead of time. Works with SQL Maintenance Windows. Configured via Service Health in the Azure Portal.

Compute

• Windows Server 2025 (Public Preview) : Previewing Windows Server 2025 images for VMs

Virtual Network Manager

• Azure Virtual Network Manager mesh and direct connectivity (GA) : Deploy mesh or hub and spoke network topologies for VNets through VMM without having to set up all the peerings manually.

A summary of May’s (and the start of June’s) weekly Azure snippets, highlighting some of the developments and new features that particularly caught my eye.

This post draws from the following weekly snippets - visit the posts for more details:

• Azure Snippets w/c 06/05/2024
• Azure Snippets w/c 13/05/2024
• Azure Snippets w/c 20/05/2024 - Microsoft Build summary post
• Azure Snippets w/c 27/05/2024
• Azure Snippets w/c 03/06/2024

API Center

• API Center (GA) (Azure Snippets w/c 06/05/2024)

API Management

• Backend Load Balancer (GA) (Azure Snippets w/c 20/05/2024)
• Backend Circuit Breaker (GA) (Azure Snippets w/c 20/05/2024)
• Audit logging in Developer portal (GA) (Azure Snippets w/c 03/06/2024)

Application Gateway

• Application Gateway v2 Basic SKU (Public Preview) (Azure Snippets w/c 13/05/2024)

Availability Zones

• Inter-zone data transfer will no longer be charged for (Azure Snippets w/c 20/05/2024)

Azure Container Storage

• Azure Container Storage (GA) (Azure Snippets w/c 20/05/2024)

Azure DB for PostgreSQL

• Azure Database for PostgreSQL - Flexible Server enhanced disaster recovery features (GA) (Azure Snippets w/c 06/05/2024)
• Azure Database for PostgreSQL - Flexible Server networking with Azure Private Link (GA) (Azure Snippets w/c 06/05/2024)

Azure Load Balancer

• Health Event Logs (Public Preview) (Azure Snippets w/c 03/06/2024)
• Admin State (Public Preview) (Azure Snippets w/c 03/06/2024)

Azure Monitor

• Log Analytics Simple Mode (Public Preview) (Azure Snippets w/c 03/06/2024)

Azure Kubernetes Service

• Initialization taints (Public Preview) (Azure Snippets w/c 06/05/2024)
• Kubernetes 1.30 support (Public Preview) (Azure Snippets w/c 20/05/2024)
• AKS Automatic (Public Preview) (Azure Snippets w/c 20/05/2024)
• In context observability for AKS object overviews in Azure Portal (GA) (Azure Snippets w/c 20/05/2024)
• Advanced Container Networking Services for AKS (Public Preview) (Azure Snippets w/c 27/05/2024)
• Open Service Mesh deprecation (Azure Snippets w/c 27/05/2024)

Azure Resource Graph

• Azure Change Analysis - New Portal experience (Public Preview) (Azure Snippets w/c 06/05/2024)

Azure Resource Manager

• Deployment Stacks (GA) (Azure Snippets w/c 27/05/2024)

Azure SQL

• Licence-free standby replica (GA) (Azure Snippets w/c 20/05/2024)
• Availability portal metric (Public Preview) (Azure Snippets w/c 27/05/2024)
• Update policy for Managed Instances (GA) (Azure Snippets w/c 27/05/2024)

Defender for Cloud

• Azure Defender for Microsoft Azure Database for PostgreSQL - Flexible Server (GA) (Azure Snippets w/c 06/05/2024)

Virtual Networks

• Virtual network flow logs (GA) (Azure Snippets w/c 06/05/2024)
• Virtual Network encryption in all regions (GA) (Azure Snippets w/c 06/05/2024)

Summary of Azure snippets for the week commencing 3rd June 2024, grouped by Azure service.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• API Management
• Azure Bastion
• Azure Load Balancer
• Azure Monitor
• Compute

API Management

• Audit logging in Developer portal (GA) : Audits user actions in the developer portal. Logs can be sent to a storage account, event hub or Log Analytics workspace (common pattern with diagnostic logs in Azure).

Azure Bastion

• Premium SKU (Public Preview) : Adds session recording and private-only deployment to the Standard SKU feature set. Private-only deployment is probably the major new feature here at the moment, though more features are apparently planned for Premium.

Azure Load Balancer

• Health Event Logs (Public Preview) : I can think of several instances when this would have been useful :-) Health event logging through Azure Monitor to help troubleshoot ALB issues. Supported for Standard (regional and global) and Gateway load balancers. A good augmentation to the availability metrics to get more detail - can be queried through Log Analytics and stored/parsed for historical data. UK South only for the preview.
• Admin State (Public Preview) : Override a Load Balancer’s health probe behaviour for each individual backend pool instance without making changes to network security rules or closing ports on a VM. ‘Maintenance mode’ for ALBs (or for the backends) essentially - no need now to modify NSGs or VM config to block connections when maintaining the backends. Only works when a health probe is configured. Documentation and blog post give more details on how it works. Preview available in all regions.

Azure Monitor

• Log Analytics Simple Mode (Public Preview) : Point-and-click analysis of logs without having to know KQL - very useful! KQL mode still available for full-featured querying and analysis. Part of the ’new’ Log Analytics experience.
• Kubernetes Metadata and Logs Filtering in Azure Monitor - Container Insights (Public Preview) : Enhances the ContainerLogsV2 schema with additional Kubernetes metadata. The Logs Filtering feature provides filtering capabilities for both workload and platform (i.e. system namespaces) logs coming out of containers. Visualise results with a Grafana dashboard.
  • Blog post
  • Documentation

Compute

• VM Hibernation (GA) : Hibernation allows saving on compute costs, but persists the VM’s in-memory state so apps etc. resume where they were left off (just like a physical machine hibernating). Available in all public regions.
  • Documentation
  • Blog post

Summary of Azure snippets for the week commencing 27th May 2024, grouped by Azure service.

GA = Generally Available
Public/Private Preview = as stated :-)

Azure services with highlighted updates this week:

• API Center
• Azure Kubernetes Service
• Azure Resource Manager
• Azure Site Recovery
• Azure SQL

API Center

• Azure API Center Extension for VS Code (GA) : Build, discover, try, and consume APIs in your API center

Azure Kubernetes Service

• Advanced Container Networking Services for AKS (Public Preview) : A new suite of services bringing advanced network monitoring and diagnostics to AKS clusters. Currently includes only Advanced Network Observability as its inaugural and foundational feature - more are planned.
  • Advanced Network Observability is based on Hubble (itself based on Cilium, but both Cilium (with Kubernetes 1.29) and non-Cilium AKS data planes are supported). It uses Grafana and Prometheus for visualisation (Azure-managed or bring your own), and Retina on non-Cilium nodes (presumably as the eBPF ‘bridge’). It also supports all Azure CNI variants including kubenet.
• Open Service Mesh deprecation : I noticed when looking through the AKS LTS docs that Open Service Mesh was noted as being deprecated. Looks like the CNCF are retiring it and Istio is currently the only option for an AKS-supported service mesh.

Azure Resource Manager

• Deployment Stacks (GA) : Deployment stacks are an Azure resource type which provide a means of managing a collection of Azure resources as a single unit. They are designed to work primarily with Bicep, and are essentially a replacement for Blueprints (which never made it out of preview).

Azure Site Recovery

• Reporting Capabilities for Azure Site Recovery (Preview) : Full-featured and customisable reports based on Azure Monitor logs. Available via Business Continuity Center, Recovery Services Vault and Backup Center
  • Blog post
  • Documentation
• Monitoring improvements for ASR : An improved alerting solution for Azure Site Recovery, including default alerts via Azure Monitor. Brings ASR alerting into the Azure Monitor alerts space for a more consistent experience.
  • Blog post
  • Documentation

Azure SQL

• Availability portal metric (Public Preview) : Monitor SLA-compliant availability of Azure SQL databases in the Azure portal. Supported for DTU and vCore-based DBs at all service tiers, and for single DBs and elastic pools.
• Update policy for Managed Instances (GA) : Choose the speed of updates for new SQL engine features for your managed instance:
  • Always up to date (engine features deployed as soon as they are released in Azure, without waiting for the next major release of SQL Server) or SQL Server 2022 (follows the mainstream servicing lifecycle of SQL Server 2022, with no new SQL engine features deployed until SQL Server vNext is released).
  • The former brings new functionality faster but keeps the database format changing (so e.g. restores or replication to other (‘on-premises’) SQL Server instances might break); latter keeps the SQL engine at 2022 (you still get Azure SQL platform updates) and maintains the database compatibility level, but no new features until SQL vNext.
  • Can change from SQL 2022 policy to Always up to date, but cannot go the other way as DB format can’t be downgraded.