Week of June 20, 2024: Azure Updates
Public Preview: Upgrade Policies for Virtual Machine Scale Sets with Flexible Orchestration
Status: In Preview
The upgrade policy of a Virtual Machine Scale Set determines how virtual machines can be brought up to date with the latest scale set model. Before today, upgrade policies were available for Virtual Machine Scale Sets with Uniform Orchestration. Now the same upgrade policies available for Uniform Orchestration are available for Virtual Machine Scale Sets with Flexible Orchestration.
The upgrade policies available for Virtual Machine Scale Sets are Automatic, Manual and Rolling. Additionally, if using a Rolling upgrade policy, you can choose to enable MaxSurge to create new instances with the updated scale set model to replace virtual machines using the old model.
Automatic upgrade policy
With an automatic upgrade policy, the scale set makes no guarantees about the order of virtual machines being brought down. The scale set might take down all virtual machines at the same time to perform upgrades.
Automatic upgrade policy is best suited for DevTest scenarios where you aren’t concerned about the uptime of your instances while making changes to configurations and settings.
Manual upgrade policy
With a manual upgrade policy, you choose when to update the scale set instances. Nothing happens automatically to the existing virtual machines when changes occur to the scale set model. New instances that are added to the scale set, utilize the most update to date models available.
Manual upgrade policy is best suited for workloads where you require more control over when and how instances are updated.
Rolling Upgrade Policy + MaxSurge
With a rolling upgrade policy, the scale set performs updates in batches. You also get more control over the upgrades with settings like batch size, max healthy percentage, prioritizing unhealthy instances and enabling upgrades across availability zones. Additionally, you can enable MaxSurge which will create new virtual machines to replace virtual machines running in the old model. Using MaxSurge ensures your scale set does not see any reduced capacity during an upgrade.
Rolling upgrade policy is best suited for production workloads that require a set number of instances always be available. Rolling upgrades is the safest way to upgrade instances to the latest model without compromising availability and uptime.
Try the upgrade policies for Virtual Machine Scale sets today.
Products:
Virtual Machine Scale Sets
Virtual Machines
________________________________________________________________________________________________________________________________
Generally Available: az command invoke in AKS
Status: Now Available
AKS run command allows users to remotely invoke commands in an AKS cluster through the AKS API. For example, this feature introduces a new API that supports executing just-in-time commands from a remote laptop for a private cluster. This can greatly assist with quick just-in-time access to a private cluster when the client is not on the cluster private network, while still retaining and enforcing full RBAC controls and private API server.
Example:
az aks command invoke “kubectl get nodes”
Products:
AKS
________________________________________________________________________________________________________________________________
Generally Available: OS Security Patch channel for Linux in AKS
Status: Now Available
OS security patch channel for Linux, part of NodeOSUpgrade feature, is now generally available.
OS security patches are AKS-tested, fully managed, and applied with safe deployment practices. AKS regularly updates the node’s virtual hard disk (VHD) with patches from the image maintainer labeled “security only.”
This channel is part of nodeosupgrade feature, honors maintenance windows and limits disruption by applying live patching wherever necessary.
Products:
AKS
________________________________________________________________________________________________________________________________
Available: Announcing kube-egress-gateway for Kubernetes
Status: Now Available
kube-egress-gateway is an open-source project that offers a scalable and cost-efficient solution for configuring fixed source IPs for Kubernetes pod egress traffic on Azure. The kube-egress-gateway components run within Kubernetes clusters—whether managed (Azure Kubernetes Service, AKS) or unmanaged—and use one or more dedicated Kubernetes nodes as pod egress gateways, routing pod outbound traffic through a WireGuard tunnel.
Compared to existing methods, such as creating dedicated Kubernetes nodes with a NAT gateway or assigning instance-level public IP addresses and scheduling only specific pods on these nodes, kube-egress-gateway is more cost-efficient. It allows pods requiring different egress IPs to share the same gateway and be scheduled on any regular worker node.
Products:
AKS
________________________________________________________________________________________________________________________________
Public Preview: Azure Container Apps available in Azure Government Cloud Virginia
Status: In Preview
Azure Container Apps, a managed serverless container service, is now available in Azure Government Cloud. Azure Container Apps offers an ideal platform for application developers who want to run apps and microservices in containers without managing infrastructure. Azure Container Apps is built on a foundation of powerful open-source technology including Kubernetes, KEDA, Dapr, and Envoy.
To learn more about Azure Container Apps, please see the getting started guide on Microsoft Learn.
Products:
Azure Container Apps
________________________________________________________________________________________________________________________________
Public Preview: Cluster operation status for AKS
Status: In Preview
Cluster operation status for AKS is now in public preview.
With this feature, you can get a snapshot of progress for your long standing operations such as upgrade, scale, create and more.
Products:
AKS
________________________________________________________________________________________________________________________________
Public Preview: Geo-Replication for Azure Service Bus Premium
Status: In Preview
We are excited to announce the public preview of the new Geo-Replication feature for Azure Service Bus in the premium tier. This feature ensures that the metadata and data of a namespace are continuously replicated from a primary region to a secondary region. Moreover, this feature allows promoting a secondary region at any time. The Geo-Replication feature is the latest option to insulate Azure Service Bus applications against outages and disasters.
The Geo-Replication feature implements metadata and data replication in a primary-secondary replication model. It works with a single namespace, and at a given time there’s only one primary region, which serves both producers and consumers. There is a single hostname used to connect to the namespace, which always points to the current primary region.
After promoting a secondary region, the hostname points to the new primary region, and the old primary region is demoted to secondary region. After the new secondary has been re-initialized, it is possible to promote this region again to primary at any moment.
Products:
Azure Service Bus
________________________________________________________________________________________________________________________________
Generally Available: Azure SQL updates for late June 2024
Status: Now Available
In late June 2024, the following updates and enhancements were made to Azure SQL:
Prepare for planned maintenance events on your Azure SQL Managed Instance resources by enabling advance notifications.
Enable zone redundancy for Azure SQL Database Hyperscale’s named replicas to enhance protection against extensive failures, such as datacenter disasters, without altering application logic.
Products:
Azure SQL DB
Azure SQL MI
________________________________________________________________________________________________________________________________
Generally Available: IOPS scaling for Azure Database for PostgreSQL – Flexible Server
Status: Now Available
We are excited to announce the general availability of IOPS scaling for Azure Database for PostgreSQL – Flexible Server. This feature empowers you to dynamically scale your IOPS based on your workload needs. Ensure optimal performance during high-demand operations like migrations or data loads and scale down to save costs when demand decreases. With IOPS scaling, you can fine-tune your database’s performance and manage costs more effectively without over-provisioning resources. Experience seamless and efficient database management with the flexibility to adjust IOPS as required. Start using IOPS scaling today to enhance your database’s performance and efficiency. Visit the Azure portal to get started. Learn more.
Products:
Azure DB for PostgreSQL
________________________________________________________________________________________________________________________________
Generally Available: New Azure Advisor recommendations for Azure Database for PostgreSQL – Flexible Server
Status: Now Available
New Azure Advisor recommendations have been created for Azure Database for PostgreSQL – Flexible Server and existing recommendations have been improved to provide more actionable guidance.
Azure Advisor is a cloud assistant that analyzes your configuration and usage telemetry to make personalized recommendations to help improve performance, reliability, security, and cost effectiveness. You can find these recommendations in the Advisor dashboard section of the Azure Portal.
New Azure Database for PostgreSQL – Flexible Server recommendations include checks for long running and orphaned prepared transactions, crossing the transaction wraparound limit, and exceeding the recommended bloat ratio.
Products:
Azure DB for PostgreSQL
________________________________________________________________________________________________________________________________
Public Preview: Extension version sync for Azure Database for PostgreSQL – Flexible Server
Status: In Preview
We are excited to announce the public preview of extension version sync for Azure Database for PostgreSQL – Flexible Server. This feature allows you to seamlessly update your PostgreSQL extensions to the latest versions with a simple command, ensuring your system remains secure and up to date.
By using `ALTER EXTENSION <extension-name> UPDATE`, you can automatically upgrade to the most stable and secure versions available, enhancing both security and operational stability with minimal effort. This streamlined process prevents unauthorized changes and potential vulnerabilities, making it easier for you to manage your database extensions efficiently.
Products:
Azure DB for PostgreSQL
________________________________________________________________________________________________________________________________
Public Preview: Online migration in migration service Azure Database for PostgreSQL
Status: In Preview
We’re excited to announce the launch of our latest migration service in Azure Database for PostgreSQL feature: online migration, now available in public preview. This feature empowers you to migrate your PostgreSQL databases to Azure seamlessly and with minimal downtime. You’ll benefit from a streamlined migration process that ensures your data is transferred securely and efficiently, allowing you to take advantage of Azure’s scalability, performance, and security features without interrupting your business operations.
By leveraging this new feature, you can confidently move your workloads to a more robust and reliable cloud environment, positioning your business for future growth. Start your migration journey today and experience the advantages of Azure Database for PostgreSQL with our migration service.
Products:
Azure DB for PostgreSQL
________________________________________________________________________________________________________________________________
Public Preview: Redis 7.2 on Azure Cache for Redis Enterprise
Status: In Preview
Enterprise and Enterprise Flash tier caches now support Redis 7.2 in preview. This latest version of Redis offers over a dozen new commands and performance enhancements over Redis 6.0, the previous version offered on Azure Cache for Redis. New features include expanded geospatial functionality, sharded pub/sub, and support for the RESP3 protocol.
Products:
Azure Cache for Redis
________________________________________________________________________________________________________________________________
Public Preview: Windows Server 2025 now available
Status: In Preview
Windows Server 2025 delivers advanced security, new Azure hybrid features, a high-performance platform for your existing apps and AI workloads, and a modernized Windows Server experience. With this new release you will see investments in:
A rich set of security innovations including new capabilities in Active Directory, Server Message Block (SMB) improvements including SMB over QUIC, and security updates with fewer reboots.
Improved hybrid capabilities like Software-defined network (SDN) multisite features allowing native L2 and L3 connectivity for workloads in multiple locations, flexible hybrid and multicloud management tools, and easier onboarding to Azure Arc.
New features for AI, performance, and scale such as GPU partitioning across virtual machines, vastly improved Hyper-V performance and scalability, and easy upgrades through Windows Update to name a few.
Products:
Windows Server
________________________________________________________________________________________________________________________________
Generally Available: Azure Log Alerts support for Azure Data Explorer
Status: Now Available
Azure Monitor Alerts allow you to monitor your Azure and application telemetry to quickly identify issues affecting your service. More specifically, Azure Monitor log alert rules allow you to set periodic queries on your log telemetry to identify potential issues and get notifications or trigger actions.
Until now, log alert rules have supported running queries on Log Analytics and Application Insights data. We are now introducing support for running queries also on Azure Data Explorer (ADX) tables, and even joining data between those data sources in a single query.
In addition, as part of this newly added support, log alert rules now support managed identities for Azure resources – allowing you to see and control the exact permissions of your log alert rule.
Learn More:
Create a new log alert rule accessing ADX
Write a query accessing ADX data from a Log Analytics using the adx pattern
Managed identities for Azure resources
Products:
Azure Alerts
________________________________________________________________________________________________________________________________
Generally Available: Spain Central region added to Azure HDInsight
Status: Now Available
HDInsight is now generally available in Spain Central. Azure HDInsight is a managed, full-spectrum, open-source analytics service in the cloud for enterprises. You can use open-source frameworks such as Hadoop, Apache Spark, Apache Hive, LLAP, Apache Kafka, and more.
________________________________________________________________________________________________________________________________
Public Preview: Force detach zone redundant data disks during zone outage
Status: In Preview
We are excited to announce the public preview support to force detach ZRS data disks from a VM residing on a zone impacted by failure. Customers will now be able to detach the ZRS data disks and attach them to another VM, decreasing the RTO.
Zone-redundant storage (ZRS) synchronously replicates your Azure managed disk across three Azure availability zones within the region providing 99.9999999999% (12 9’s) of durability over a given year. Zone redundant storage (ZRS) option for Azure managed disks is supported on Premium SSDs and Standard SSDs.
Reference
Products:
Azure Virtual Machines
Managed Disks
Microsoft Tech Community – Latest Blogs –Read More