Azure recently introduced an advanced, more efficient Load Balancer platform. This platform adds a whole new set of abilities for customer workloads using the new Standard Load Balancer. One of the key additions the new Load Balancer platform brings, is a simplified, more predictable and efficient outbound port allocation algorithm.
While already integrated with Standard Load Balancer, we are now bringing this advantage to the rest of Azure.
Load Balancer and Source NAT
Azure deployments use one or more of three scenarios for outbound connectivity, depending on the customer’s deployment model and the resources utilized and configured. Azure uses Source Network Address Translation (SNAT) to enable these scenarios. When multiple private IP addresses or roles share the same public IP (public IP address assign to Load Balancer or automatically assigned public IP address for standalone VMs), Azure uses port masquerading SNAT (PAT) to translate private IP addresses to public IP addresses using the ephemeral ports of the public IP address. PAT does not apply when Instance Level Public IP addresses (ILPIP) are assigned.
For the cases where multiple instances share a public IP address, each instance behind an Azure Load Balancer VIP is pre-allocated a fixed number of ephemeral ports
The Graphical Execution Plan feature within SQL Server Management Studio (SSMS) is now supported for SQL Data Warehouse (SQL DW)! With a click of a button, you can create a graphical representation of a distributed query plan for SQL DW.
Before this enhancement, query troubleshooting for SQL DW was often a tedious process, which required you to run the EXPLAIN command. SQL DW customers can now seamlessly and visually debug query plans to identify performance bottlenecks directly within the SSMS window. This experience extends the query troubleshooting experience by displaying costly data movement operations which are the most common reasons for slow distributed query plans. Below is a simple example of troubleshooting a distributed query plan with SQL DW leveraging the Graphical Execution Plan.
The view below displays the estimated execution plan for a query. As we can see, this is an incompatible join which occurs when there is a join between two tables distributed on different columns. An incompatible join will create a ShuffleMove operation, where temp tables will be created on every distribution to satisfy the join locally before streaming the results back to the user. The ShuffleMove has become a performance bottleneck for this query:
We are pleased to announce that Azure Active Directory (Azure AD) is integrated with Spring Security to secure your Java web applications. With only few lines of configurations, you can wire up enterprise grade authentication and authorization for your Spring Boot project.
With Spring Boot Starter for Azure AD, Java developers now can get started quickly to build the authentication workflow for a web application that uses Azure AD and OAuth 2.0 to secure its back end. It also enables developers to create a role based authorization workflow for a Web API secured by Azure AD with the power of the Spring Security.
Take the To-do App, which Erich Gamma showed on SpringOne 2017, as an example. The sample is composed of two layers: Angular JS client and Spring Boot RESTful web service. It illustrates the flow to login and retrieves user’s information using AAD Graph API.
Authorization Flow Chart
The authorization flow is composed of 3 phrases:
Login with credentials and get validated through Azure AD. Retrieve token and membership information from Azure AD Graph API. Evaluate the membership for role-based authorization.
Register a new application in Azure AD
To get started, first register a new
This blog post was authored by the Microsoft Build Team.
On May 7–9, brilliant developers and industry game-changers will meet at Microsoft Build in Seattle, Washington. Creators of all kinds will gather to spark ideas, get inspired, and build what’s next. Save the date to register tomorrow for your ringside seat.
Spend three days exploring AI, mixed reality, cloud, data, and quantum. Here’s a preview of what you can expect:
Celebrate your community of tech pioneers with a keynote address by Satya Nadella, CEO of Microsoft, and sessions led by leading developers behind solutions that are changing the world. Choose your own adventure with meetups, deep dives, and more. You can sample a bit of everything or focus on the area that most intrigues you. The schedule is yours to build. Get ready to code with demos and labs on emerging tech and push your edge toward mastery. There’s a wealth of learning opportunities that are just your flavor. Mingle with your tribe, bouncing ideas off product engineers, hanging out with new connections, or sharing strategies over one of Seattle’s famous brews.
Innovative software is transforming the world in remarkable ways—and you can be at the epicenter of it all
The patterns & practices (p&p) group of the Azure Customer Advisory Team (Azure CAT), has published a new reference architecture for deploying and running a Jenkins server on Azure with Ubuntu 16.04 LTS. Jenkins is a powerful open source tool for building DevOps solutions. This reference architecture helps identify the best practices for setting up a Jenkins server on the Azure platform and helps you make the most of Azure services for supporting your engineer requirements.
It provides prescriptive guidance for the following topics:
Architecture, including plugins for the deployment Scalability Availability Manageability Security
This reference architecture is based on the Microsoft published Jenkins master in the Azure Marketplace. This installs a Microsoft image for Jenkins on Azure along with several Azure plugins:
Azure AD Plugin enables you to set up a single sign-on (SSO) experience. Azure VM Agent Plugin allows you to scale the pipeline with Jenkins agents in Azure virtual machines. Windows Azure Storage Plugin provides storage for build assets that are shared in a pipeline. Azure Credentials Plugin works with the Azure Key Vault service.
Providing a rich GUI for Azure Data Lake Storage resources management has been a top customer ask for a long time, we are thrilled to announce the public preview for supporting Azure Data Lake Storage (ADLS) in the Azure Storage Explorer (ASE). With the release of ADLS resources in ASE, you can freely navigate ADLS resources, you can upload and download folders and files, you can copy and paste files across folders or ADLS accounts and you can easily perform CRUD operations for your folders and files. Azure Storage Explorer not only offers a traditional desktop explorer GUI for dragging, uploading, downloading, copying and moving your ADLS folders and files, but also provides a unified developer experiences of displaying file properties, viewing folder statistics and adding quick access. With this extension you are now able to browse ADLS resources along-side existing experiences for Azure Blobs, tables, files, queues and Cosmos DB in ASE.
Key customer benefits Offers a one-stop shop to manage Azure Storage Resources including ADLS Enables direct connect through Azure AD Authentication Provides traditional explorer experiences for file movement, file/folder upload and download with great scalability Delivers better accessibility for file navigation and data management capability with reliable
We are very happy to announce the general availability of geo-replication support for Azure Redis Cache. Redis Cache is Microsoft Azure’s Cache-as-a-Service offering, based on the popular open source Redis in-memory key-value store. With geo-replication support, Redis Cache joins a growing list of Azure services that enable developers and IT pros to build disaster recovery plans. This ensures the availability of mission-critical applications running on our cloud, even in the unlikely event of a widespread regional failure. In fact, customers can already design disaster resilient solutions on Azure, using Virtual Machines with Azure Site Recovery, Traffic Manager, and data services such as Cosmos DB, SQL Database, and now Redis Cache.
While announcing the general availability of geo-replication for Redis Cache, we would also like to take the opportunity to express our gratitude to everyone who has participated in the public preview. Your feedback has been invaluable to us and helped validate our implementation. Thank you!
Setting up geo-replication in Redis Cache
Geo-replication is a feature of the premium tier of Azure Redis Cache. You need a pair of premium cache instances before you can use geo-replication. If you already have a premium cache, you just need to add another one
Today we are happy to announce performance upgrades to all paid service tiers in Azure Search. For the exact same price, these upgraded Azure Search services have roughly double the compute power of the previous hardware configuration that backed Azure Search. Additionally, services in the Standard tier began using SSD storage under the hood, compared to HDD storage used previously.
What does this mean for Azure Search?
With these service upgrades, we removed the document count limits from the Basic and Standard pricing tiers. This means that only storage limits are enforced in new Azure Search services. Depending on a scenario’s workload, these upgraded services may also benefit from faster indexing and querying performance at the same exact price points.
The Basic tier now supports an increase in the number of indexes from 5 to 15. Also in the Basic tier, Azure Search can now support up to 15 data sources and indexers per service. For the Standard 3 High Density pricing tier (great for multitenant scenarios), we were able to remove the 200 million document per partition limit, only enforcing per-index limits.
Unlimited document counts
These upgrades allow Azure Search to no longer enforce document count limits on Basic
Last month we announced a preview release of subscription level budgets for enterprise customers, that was only the first step. Today we’re announcing the release of additional features that support the scoping of more granular budgets with filters as well as support for usage and cost budgets. We’ve heard from our customers that multiple teams share a subscription and that resource groups serve as cost boundaries. Today’s updates will support resource group and resource level budgets in addition to the subscription level budgets. The budgets API is now generally available and we welcome your feedback.
The preview release of budgets only supported cost based budgets. In this release we are also adding support for usage budgets. Additionally, support for filters enables you to define the scope at which a budget applies.
Here are a few common scenarios that the budgets API addresses:
A budget for the subscription with no constraints. A resource group budget with no constraints. A budget for multiple resource groups within a subscription. A budget for multiple resources within a resource group or a subscription. Budgets based on usage on a subscription or resource group.
This enables most common scenarios where resource groups or specific resources
As customers grow their deployed application in Azure, we are seeing increased interest in DevOps space for configuration management. In the rapidly evolving cloud space, bringing the on-premises expertise to fluently work in cloud brings increased efficiency. With our strong and growing partnership with Redhat, I am extremely excited to announce some key improvements with developer experience of Ansible on Azure.
Ansible is now available, pre-installed and ready to use for every Azure user in the Azure Cloud Shell. We want to make it really easy for anyone to get started with Ansible. The Azure Cloud Shell is a browser-based command-line experience that enables Ansible commands to be executed directly in the portal. This shell can run on any machine and any browser. It even runs on your phone!
With this enhancement you can use Ansible right in the Azure Portal. There is no need to install python dependencies, there is no additional configuration and no additional authentication! It just works!
We also have released an Ansible extension for Visual Studio Code that allows for faster development and testing of Ansible playbooks. You can use this extension to