by Contributed | May 25, 2021 | Technology
This article is contributed. See the original author and article here.
Every day in Azure, we spend time working with customers who are bringing mission critical enterprise workloads to Kubernetes with AKS. Their requirements drive our roadmap, ensuring that we are balancing the innovative capabilities of the cloud native ecosystem with the requirements of some of the world’s largest companies.
AKS for regulated industries
Many AKS customers are subject to the compliance requirements of a specific industry, such as finance, healthcare, or government services. Meeting those requirements can be onerous at the best of times, but it can be even more difficult to do in the context of Kubernetes, where patterns are nascent and flexibility is limited. To help address this challenge, we are announcing AKS for regulated industries, a collection of guidance, benchmarks, and best practices that makes it simpler for customers subject to those constraints to be successful on AKS. This includes a baseline cluster architecture for regulated industries, specific guidance for customers seeking Payment Card Industry (PCI) compliance, and an AKS-specific security benchmark published by the Center of Internet Security (CIS).
Enterprise security
In support of that initiative, we are also pleased to announce a series of new product capabilities that will help customers deliver mission critical workloads with Kubernetes on Azure. First, we are excited to become the first cloud provider to offer integrated Kubernetes agent nodes meeting the Federal Information Processing Standards (FIPS) compliance bar, now available in public preview. With a single CLI flag and at no extra charge, AKS customers can now obtain a version of Ubuntu 18.04 that includes the necessary components for their agent nodes to be FIPS compliant. Windows Server-based agent nodes will follow in just a couple of weeks. Speaking of agent nodes, we are also announcing today the general availability of host-based encryption for AKS agent nodes. This capability provides an additional layer of security as OS, temp, and data disks can now be automatically encrypted with either platform or customer-managed keys. Finally, we are pleased to announce the general availability of Azure role-based access control (RBAC) for Kubernetes. This capability allows customers to manage granular access to AKS and Arc-connected Kubernetes clusters at scale leveraging the same framework that they use for all other Azure resources.
Planned maintenance support for auto-upgrade
Of course, when it comes to meeting the needs of the enterprise, security is just one piece of the picture. Today, we are excited to announce several other capabilities designed meet the needs of our largest customers. We recently announced previews for cluster auto-upgrade, the ability to have AKS automatically trigger upgrade of your clusters, and planned maintenance, the ability to signal to the service when you would prefer to have potential impactful maintenance operations occur. Now, you can combine those two features with the integration of auto-upgrade with planned maintenance, ensuring that any potential disruptions from a cluster upgrade occur at a time that minimizes business impact.
Standardization & innovation
Finally, we know how important it is for customers to stay up-to-date with the latest innovation happening in the Kubernetes community. That’s why we’re proud to once again lead the way among cloud providers in offering the latest upstream releases in AKS, with the preview of Kubernetes 1.21. This release includes a number of significant improvements, including the graduation of CronJobs and immutable secrets/configmaps to stable. Please give it a try and let us know if you have any trouble by logging an issue on GitHub.
This year’s //build conference marks an exciting milestone in the Kubernetes on Azure journey. No longer are customers simply looking for the core capabilities required to make their initial applications run in a cloud native environment. Now they are looking for the guidance and advanced features required to meet the high bar set by their most crucial workloads. Azure is committed to meeting those needs by building a platform that is enterprise-grade, by design. And with the announcement of application services for Kubernetes clusters, we are making it easier than ever for developers to build on top of the platform.
by Contributed | May 25, 2021 | Technology
This article is contributed. See the original author and article here.
Today, businesses require big data streaming platforms and event ingestion services that can process millions of events per second to build dynamic data pipelines and immediately respond to business challenges. Azure Event Hubs, a fully managed, real-time data ingestion service, is designed to serve demanding big data streaming and event ingestion needs.
Azure Event Hubs Premium
Today, we are announcing the public preview of Azure Event Hubs Premium, a new product SKU that is tailor-made for high-end event streaming scenarios which require elastic, superior performance with predictable latency.
Azure Event Hubs premium comes with reserved compute, memory, and storage resources, which increases the performance and minimize cross-tenant interference in a managed multi-tenant PaaS environment. Event Hubs premium introduces a brand-new log storage engine that drastically improves the data ingress performance and substantially reduce the end-to-end latency. On top of all the capabilities and protocol support of the Event Hubs Standard offering, Event Hubs Premium offers, and far more generous quota allocations.
Why Premium?
Here are some of the key compelling benefits of Event Hubs Premium SKU.
Superior performance with the new two-tier storage engine
Event Hubs premium uses a new, two-tier, native-code log engine that provides far more predictable and much lower send and end-to-end latencies than the prior generation, without any durability compromises. This enables you to ingest and processes large volumes of events and data with high throughput, low latency, and high reliability (events are triple replicated across Azure availability zones).
Better isolation and predictability
With Event Hubs premium you get reserved compute, memory, and storage resources for each tenant to achieve more predictable latency and far reduced cross-tenant interference risk in a multi-tenant PaaS environment.
Scalability and Cost Savings
As Event Hubs Premium is a multitenant offering, it can dynamically scale more flexibly and very quickly. Capacity of Event Hubs Premium tier is allocated in Processing Units which correspond to a share of isolated resources (CPU, Memory, and Storage) in the underlying infrastructure. Therefore, there are no throttling limits are applied for your data ingestion scenarios and you stream events up to the maximum level that the allocated processing units can handle (which can depend on multiple factors such as number of producers and consumers, payload size, partition count, and many more).
Events Hubs premium can bring you cost savings for certain use cases where you don’t need the power of a single tenant dedicated Event Hubs cluster, but you need to handle data streaming workloads that are beyond the limits of the standard tier.
Benefits compared to Standard and Dedicated SKUs
Event Hubs Premium SKU is suitable for streaming use cases that require more throughput, isolation, and predictability than Standard SKU, while you don’t need a dedicated single tenant cluster which is intended for most demanding streaming needs at a higher price point.
If your data streaming use case needs very high number of throughput units of the standard SKU, then EventHub premium may offer better performance, minimal cross-tenant interference, more generous quota allocations and additional features for the same cost.
If the use case does not need the power of a dedicated single tenant cluster, compared to the Dedicated SKU, Event Hubs Premium can provide benefits such as dynamic scaling and the same reliability support (premium namespaces support AZs without the need to allocate extra capacity.)
Get Started Today
To try out and learn more about Azure Event Hubs Premium check out the below links.
by Contributed | May 25, 2021 | Technology
This article is contributed. See the original author and article here.
Whether you’re new or seasoned to cloud, development, and SQL, building and architecting applications in the cloud has become a required skill for many roles. Today, we’re excited to announce a new learning path to help developers of all skill levels learn how to create applications quickly and effectively with Azure. The new learning path is Build serverless, full stack applications in Azure.
In this learning path, you’ll learn how to create, build, and deploy modern full stack applications in Azure leveraging the language of your choice (Python, Node.js, or .NET) and with a Vue.js frontend. Topics covered include modern database capabilities, CI/CD and DevOps, backend API development, REST, and more. Using a real-world scenario of trying to catch the bus, you will learn how to build a solution that integrates Azure SQL Database, Azure Functions, Azure Static Web Apps, Logic Apps, Visual Studio Code and GitHub Actions.
This learning path is a great place for faculty to pull content for their application development classes. We’ve chatted with several schools and universities and confirmed that something like this would be useful for students and fit in their curriculum. Since the learning path was developed in three languages, it’s also useful for students and faculty trying to learn other languages. We’ve translated the code directly and structured it using development best practices, so hopefully it is useful.
In addition to this new learning path which allows you to get hands on for FREE in Microsoft Learn’s Azure sandbox, Davide Mauri and myself, who built the learning path, will be presenting one of the modules as part of Microsoft Build Learn Live TODAY at 3:30PM PT. Be sure to register and attend! Of course, if you’re reading this after the live session, the recording will also be available through the Microsoft Build website.
If you aren’t interested in completing all of the modules, but want to dive into a specific topic, the modules are standalone, and you can learn at your own pace. Here are the modules:
- Architect modern applications using Azure SQL Database
- Deploy serverless APIs with Azure Functions, Logic Apps, and Azure SQL Database
- Build full stack applications with Azure Static Web Apps and Azure SQL Database
- Architect full-stack applications and automate deployments with GitHub
If you want more content like this, I recommend checking out Azure SQL Fundamentals and subscribing to Data Exposed where we have mini-series like Azure SQL for beginners, Migrating to SQL, and more! If you have other questions or feedback, please reach out to me on Twitter @AnalyticAnna.
by Contributed | May 25, 2021 | Technology
This article is contributed. See the original author and article here.
Today, we are releasing an update (“hotfix”) to our latest generally available version of Windows Admin Center! Windows Admin Center version 2103.2 is now generally available. Thank you to our customers, partners, and fans for helping us to continue to improve and make Windows Admin Center better! We’re working constantly to ensure users of our product have the best user experience.
This version of Windows Admin Center includes key bug fixes and feature updates to the Azure sign in process, support for Azure China, support for seamless over-the-air updates for Azure Stack HCI as well as additional updates to the Events and Remote Desktop tool experience.
Download Windows Admin Center v2103.2 today
or navigate to gear icon (Settings) on the top right corner and go to Updates to install the update from within Windows Admin Center.
Platform updates
Windows Admin Center now supports signing into the Azure China cloud
The request for Windows Admin Center to expand their Azure support matrix to sovereign clouds has been a long-standing ask, especially as we continue to introduce additional hybrid capabilities to Windows Admin Center. In this release, when you register your gateway to Azure, you will be prompted to select the cloud you’d like to register in. The two options in this dropdown are Azure Global and Azure China, with Azure Global selected by default. After registering your gateway with your selected cloud, Windows Admin Center will assume that further Azure operations, like Azure sign-in, will be done through the cloud your gateway is registered in.
Some of the Azure services included in Windows Admin Center are not currently supported in Azure China. For more detailed information on the regional support for each Azure service, visit the Microsoft Azure website.
Support of seamless over-the-air updates for Azure Stack HCI clusters
Today, we are introducing an all-new way of updating Azure Stack HCI clusters in Windows Admin Center. This experience will enable you to update clusters to the preview build of Azure Stack HCI 21H2 in a simple intuitive manner. The updates tool in Windows Admin Center is enhanced to allow Azure Stack HCI clusters to get over-the-air cumulative updates.
The update experience has built-in prechecks that would provide you with the required validations before the update run is triggered. This cross-stack validation informs you, as the IT admin, of any setup issues ahead of time that can cause failure of the update.
Windows Admin Center invokes the cluster-aware-updates (CAU) rolling-upgrade plugin to orchestrate the updates across the clusters. The update process status is polled in at regular time intervals and relayed back to Windows Admin Center. The Azure Stack HCI cumulative update releasing in June is only for non-production/test environments.
Support to join preview channel for Azure Stack HCI clusters
Only clusters that join the preview channel for Azure Stack HCI will receive over-the-air updates. In order to obtain the preview version of Azure Stack HCI, clusters need to join the preview channel either through Windows Admin Center or PowerShell. Click on Settings in cluster manager and navigate to Join the preview channel. The Azure Stack HCI cumulative updates will be available starting June 2021.
Windows Admin Center supports Azure Kubernetes Service (AKS) on Azure Stack HCI
In this release, Windows Admin Center makes Azure Kubernetes Service (AKS) on HCI deployment natively available.
In just a few moments, Windows Admin Center allows you to deploy an AKS-HCI management cluster. This is a simple 7-step wizard that does system checks, allows you to set the appropriate network configuration and Azure registration required to successfully setup the management cluster.
You may also create a Kubernetes workload cluster through the AKS management cluster dashboard by clicking Add cluster. This starts a wizard that takes inputs for the workload cluster creation and creates the Kubernetes cluster. You now have a successfully deployed Kubernetes workload cluster to run your container applications.
Bug fixes
“Access Denied” fixed
We understand several users were met with an “Access denied” error upon starting Windows Admin Center and were unable to use the Windows Admin Center v2103 as a result. We have updated the logic of our automatic extension updates feature to fix this issue.
PowerShell commands fixed
In the 2103 release, several users were unable to utilize PowerShell to manage their Windows Admin Center settings and connections. In this release, you should be able to effectively use these commands to configure your Windows Admin Center gateway.
Certificate error fixed
In the 2103 release, some users were having difficulties navigating and were presented with an SSL certificate error message. In this release, we have added a fix for this issue and this SSL certificate error message should not occur.
Other updates
- Option to “Install now” for automatic updates (in Windows Admin Center update settings)
- Improvements to the Azure sign-in process and bugfixes
- Updates to notification styling
- Accessibility improvements and bug fixes
Core management tools
Re-imagined Events tool
When we released the new look of the Events tool in our v2103 release, we did so with the caveat that not all the existing Events tool functionality was available in this new experience. In this release, we work towards rectifying that with the following improvements:
- The Details pane is now available in the new experience.
- We’ve fixed loading issues that occurred when changing event attributes while viewing events in stacked bar format.
- We’ve tweaked the dropdown menus slightly, so the displayed information remains accurate, even when you modify attributes of an event.
Remote desktop tool updates
We’ve made a few changes to the Remote desktop tool in this release based on feedback we’ve received through UserVoice.
Windows Admin Center uses TLS ciphers in the Remote Desktop tool when connecting to a client machine. Historically, many of the ciphers offered by Windows Admin Center in this tool were cipher block chain (CBC) ciphers. In this release, we’ve upgraded the remote desktop web client library, and it now includes a wider selection of supported ciphers for you to choose from when you’re setting up RDP on your Windows Admin Center gateway. You should now be able to select ciphers from several suites, with options for both CBC and Galois/Counter mode (GCM).
Additionally, several users had reported through UserVoice that the language of their keyboard in the Remote Desktop tool did not match the language that had been selected. This was a large fix and it is currently only available to users who have access to our Windows Admin Center Insiders extension feed. To add the Insiders extension feed, navigate to the Feeds tab in Extension manager and add https://aka.ms/wac-insiders-feed to the feed list. Then, look for the updated “Remote Desktop” extension.
The Windows Time Service extension is now in preview!
The Windows Time service extension uses the Windows Time service (W32Time) to synchronize the date and time for all computers running in Active Directory Domain Services (AD DS). Time synchronization is critical for the proper operation of many Windows services and line-of-business (LOB) applications. The Windows Time service uses the Network Time Protocol (NTP) to synchronize computer clocks on the network. NTP ensures that an accurate clock value, or timestamp, can be assigned to network validation and resource access requests.
This extension is currently only available to users who have access to our Windows Admin Center Insiders extension feed. To add the Insiders extension feed, navigate to the Feeds tab in Extension manager and add https://aka.ms/wac-insiders-feed to the feed list.
Containers extension
Over the past year, we’ve been hard at work improving the Containers Extension. These improvements include better management of your container images either locally or in a container registry – including Azure Container Registry (ACR), a new wizard to create new container images based on existing applications, running your container images locally or on Azure Container Instance and much more.
Today, we’re happy to announce the capabilities in the Containers extension that will help you deploy workloads on Azure Kubernetes Service (AKS) and AKS on Azure Stack HCI (AKS-HCI).
A new option to create Workload Definitions allows you to create new YAML files based on existing container images on ACR. With this option, you can provide details on your application and Windows Admin Center provides you with a deployment file ready for your AKS clusters. It also ensures your AKS nodes can securely retrieve the authentication for your ACR registries. Not only that, you can target AKS or AKS-HCI with these Workload Definitions and check if these were deployed correctly.
This extension is available publicly through our Windows Admin Center extension feed. Download it today by navigating to the gear icon on the top right corner and clicking on Extensions.
Other changes
- Azure hybrid center bug fixes – We want your experience using Windows Admin Center and Azure to be clean and seamless. In this release, we made several bug fixes to enhance the look of the tool.
- Azure Arc bug fixes – In this release, we improved the Azure Arc user experience by fixing several bugs. Users should no longer face issues with the links in the Azure Arc tool and the disconnect experience.
Partner ecosystem
Windows Admin Center continues to value the collaboration efforts we have with our partners, and these past few months have been a very active period! Since our 2103 release in March, five of our partners have released new or updated versions of their extensions. If you’re interested in developing a Windows Admin Center extension, visit our documentation to get started.
The HPE Azure Stack HCI Cluster Deployment and Update Snap-in is now available. The HPE Deployment snap-in reports the firmware and software inventory and status generated by HPE Smart Update Manager (SUM), then initiates installation of the selected components, followed by showing the completion status. The HPE Update snap-in reports the firmware and software inventory and status generated by HPE Smart Update Manager (SUM). The selected components will get updated on the cluster from Cluster-Aware-Updating (CAU) orchestration.
The cluster deployment snap-in will appear in the Azure Stack HCI cluster create wizard, and the update snap-in will appear in the update wizard in the Updates tool when connected to a cluster.
Fujitsu Software Infrastructure Manager (ISM) is now available. By installing ISM, multiple and various types of information and communications technology (ICT) devices can be managed in an integrated way. With this software, you can monitor the status of all the ICT devices in a data center or a machine room. You can also execute batch firmware updates for multiple devices and configure servers automatically. It can reduce costs of operation management and increase the operation quality.
Other partner extension updates
- DataON MUST Pro v2.1.0 – This version of DataON MUST Pro includes slight improvements to the inventory page.
- Fujitsu ServerViewR RAID v1.2.1 – The overview page has been updated to include a refresh button.
- Fujitsu ServerViewR Health v2.0.1 – There are several improvements in this release, including the addition of a refresh button to the overview page and new Windows Admin Center notifications for network error messages. Additionally, you can now perform health monitoring without ServerView agents.
- HPE Server and Azure Stack HCI v1.3.0 – The Inventory tab of the Server extension now reports SSD drive life expectancy and surfaces a warning message upon crossing a threshold. The Overview tab of the Azure Stack HCI extension has been updated with improved cluster classification and storage information reporting.
- Lenovo XClarity Integrator v3.1.23 – The newest release of this extension includes several bugfixes.
- QCT Management Suite v2.3.0 – Updates to this extension include Redfish support, a redesigned overview page, optimization for update experiences, and LLDP support.
Download today!
We hope you enjoy this latest update of Windows Admin Center, the various new functionality in preview, and all the extensions now available. Learn more and download today!
As always, thanks for your ongoing support, adoption, and feedback. Your contributions through user feedback continue to be very important and valuable to us, helping us prioritize and sequence our investments.
<3,
Windows Admin Center Team (@servermgmt)
Recent Comments