Microsoft announced a number of new Azure features that would be coming online during the end of July and the start of August. This post will summarize the IaaS features that IT pros will be interested in.
New Azure Regions in the USA
Azure is continuing to grow, enabling Microsoft to meet the ever-growing direct and indirect market demand for their cloud services. Two new regions (a location with 1 or more Azure data centers) have been made generally available. West US 2 and West Central US were opened, bringing the number of generally available regions to 26 and the number of announced regions to 34. Both of the new regions are paired, meaning that one replicates to the other if you choose to enable replication, for example, geo-redundant storage.
Azure In-Place VM Migration
Did you know that Azure doesn’t have Live Migration. Yes; the world’s biggest and most advanced deployment of Hyper-V doesn’t have the one feature (introduced in Windows Server 2008 R2) that made Hyper-V acceptable to enterprises. That will stun many IT pros – we take Live Migration for granted when we are doing planned maintenance. I can pause a host, drain it of all machines, and do my work without causing any downtime to the services running in those migrated machines. But Azure is different; Azure sends us emails every now and then to let us know that host maintenance in our region is scheduled to start on Day X, end on Day Z, and any services not in an availability set and engineered at the software layer for high availability will suffer some downtime.
I had heard a year ago that Microsoft was working to solve this issue – Microsoft designed Azure for born-in-the-cloud services, but customers are moving legacy services to the cloud and are unhappy to experience downtime, even if it was brief.
The first step to ending the grief is in-place VM migration, which Microsoft describes as minimizing the downtime suffered by virtual machines because of a host reboot:
.. most virtual machines benefit from Azure in-place virtual machine migration that only pauses them for up to 30 seconds, while the local temporary disk and memory state are preserved.
Microsoft didn’t describe how this process works, but after some consideration, I don’t think that this is Quick Migration, where a virtual machine is put in a saved state and moved to another host. Note that the temporary disk is saved, and we think that this is stored locally on the host. It would be expensive to perform a migration of this disk across the network. Instead, I think Microsoft has mastered the “soft” or “quick” restart that they wanted to include in Windows Server 2016, but abandoned with Technical Preview 2.
It was also announced that Azure would improve in-place VM migration to eliminate downtime caused by most host updates before the end of 2016, with the eventual goal to eliminate all reboots. Maybe this will eventually lead to a change in the SLA that requires all virtual machines to be in an availability set.
VNet Peering (Preview)
If a customer wants to connect two virtual networks, maybe in different regions or one in ASM or one in ARM, then the only option that they have is to use a VNet-to-VNet VPN. This solution, while it works very well, is complicated and it requires one gateway per VNet, which increases costs and networking challenges.
Starting in August, a preview feature allows you to peer VNets within the same region. Peering allows two virtual networks route packets across the Azure backbone network, and effectively act as a single connected network, without using gateways. VNet peering works across subscriptions, and between ASM and ARM networks (but not between two ASM networks).
There are some interesting designs, especially because you can allow traffic to route from a gateway to other VNets via peering. So you could create a single VNet with VPN connection and peer it with other networks in the region to enable complete routing from on-premises to all VNets.
Azure Backup Alerting (Preview)
A big ask from existing and potential Azure Backup customers has been answered, sort of. Azure Backup, via the new Recovery Services Vault, now features email-based alerting.
Unfortunately, this feature is limited to the recovery services vault which have only existed in the newer Azure Portal for the last few months. Those customers that have been using backup vaults with the older Management Portal have not received this new feature. Hopefully Microsoft will bring a migration path from the older solution to the newer one in the near future.
Azure Virtual Machine Redeploy
Sometimes you just cannot connect to or use a virtual machine. That virtual machine might be important to you, so you cannot afford to scrap it. One solution can be to move the virtual machine. This causes enough of an environmental reset that the virtual machine returns back to normal. You can do this in Azure using the Redeploy virtual machine troubleshooting action.
A number of other services ended their preview status and became generally available:
- Azure Security Center: Get a unified view of the security health and status of your Azure deployments, powered by Azure Machine Learning and knowledge of everything that is happening in Azure.
- Microsoft Authenticator: Simplify mutli-factor authentication using an app for Windows, Android, and iOS.
- Azure Active Directory B2C: Launched in North America first, with other markets coming soon, you can authenticate consumers of your apps by trusting their social media accounts, instead of creating hundreds of thousands of Azure AD accounts.