Category Archives : Supportability

14

Aug

Improving Azure Virtual Machines resiliency with Project Tardigrade

“Our goal is to empower organizations to run their workloads reliably on Azure. With this as our guiding principle, we are continuously investing in evolving the Azure platform to become fault resilient, not only to boost business productivity but also to provide a seamless customer experience. Last month I published a blog post highlighting several initiatives underway to keep improving in this space, as part of our commitment to provide a trusted set of cloud services. Today I wanted to expand on the mention of Project Tardigrade – a platform resiliency initiative that improves high availability of our services even during the rare cases of spontaneous platform failures. The post that follows was written by Pujitha Desiraju and Anupama Vedapuri from our compute platform fundamentals team, who are leading these efforts.” Mark Russinovich, CTO, Azure

This post was co-authored by Jim Cavalaris, Principal Software Engineer, Azure Compute. 

 

Codenamed Project Tardigrade, this effort draws its inspiration from the eight-legged microscopic creature, the tardigrade also known as the water bear. Virtually impossible to kill, tardigrades can be exposed to extreme conditions, but somehow still manage to wiggle their way to survival. This is exactly what we envision our servers to emulate

Share

07

Aug

High Availability Add-On updates for Red Hat Enterprise Linux on Azure

High availability is crucial to mission-critical production environments. The Red Hat Enterprise Linux High Availability Add-On provides reliability and availability to critical production services that use it. Today, we’re sharing performance improvements and image updates around the High Availability Add-On for Red Hat Enterprise Linux (RHEL) on Azure.

Pacemaker

Pacemaker is a robust and powerful open-source resource manager used in highly available compute clusters. It is a key part of the High Availability Add-On for RHEL.

Pacemaker has been updated with performance improvements in the Azure Fencing Agent to significantly decrease Azure failover time, which greatly reduces customer downtime. This update is available to all RHEL 7.4+ users using either the Pay-As-You-Go images or Bring-Your-Own-Subscription images from the Azure Marketplace.

New pay-as-you-go RHEL images with the High Availability Add-On

We now have RHEL Pay-As-You-Go (PAYG) images with the High Availability Add-On available in the Azure Marketplace. These RHEL images have additional access to the High Availability Add-On repositories. Pricing details for these images are available in the pricing calculator.

The following RHEL HA PAYG images are now available in the Marketplace for all Azure regions, including US Government Cloud:

RHEL 7.4 with HA RHEL 7.5 with HA RHEL 7.6 with

Share

29

May

Isolate app integrations for stability, scalability, and speed with an integration service environment

Innovation at scale is a common challenge facing large organizations. A key contributor to the challenge is the complexity in coordinating the sheer number of apps and environments.

Integration tools, such as Azure Logic Apps, give you the flexibility to scale and innovate as fast as you want, on-premises or in the cloud. This is a key capability you need to have in place when migrating to the cloud, or even if you’re cloud native. Often, integration has been relegated as something to do after the fact. In the modern enterprise, however, application integration is something that has to be done in conjunction with application development and innovation.

An integration service environment is the ideal solution for organizations concerned about noisy neighbor issues, data isolation, or who need more flexibility and configurability than the core Logic Apps service offers.

Building upon the existing set of capabilities, we are releasing a number of new, exciting changes that make integration service environments even better, such as:

Faster deployment times by halving the previous provisioning time Higher throughput limits for an individual Logic App and connectors An individual Logic App can now run for up to a year (365 days)

Integration

Share

15

May

Microsoft Azure portal May 2019 update

https://azure.microsoft.com/blog/microsoft-azure-portal-may-2019-update/

Share

31

Jul

Azure management groups now in general availability

I am very excited to announce today general availability of Azure management groups to all our customers. Management groups allow you to organize your subscriptions and apply governance controls, such as Azure Policy and Role-Based Access Controls (RBAC), to the management groups. All subscriptions within a management group automatically inherit the controls applied to the management group. No matter if you have an Enterprise Agreement, Certified Solution Partner, Pay-As-You-Go, or any other type of subscription, this service gives all Azure customers enterprise-grade management at a large scale for no additional cost.

With the GA launch of this service, we introduce new functionality to Azure that allows customers to group subscriptions together so that you can apply a policy or RBAC role to multiple subscriptions, and their resources, with one assignment. Management groups not only allow you to group subscriptions but also allows you to group other management groups to form a hierarchy. The following diagram shows an example of creating a hierarchy for governance using management groups.

By creating a hierarchy like this you can apply a policy, for example, VM locations limited to US West Region on the group “Infrastructure Team management group” to enable internal compliance and

Share

03

Jul

IP filtering for Event Hubs and Service Bus

For scenarios in which Azure Event Hubs or Azure Service Bus is only accessible from certain well-known sites, the IP Filter feature enables you to configure rules for accepting or rejecting traffic originated from specify IP addresses, for instance the addresses that come under corporate NAT gateway. The Azure team is happy to announce the public preview of IP Filtering for Service Bus Premium and Event Hubs Standard and Dedicated price plans.

This feature allows users to control which IPs are accessing their resources. Some characteristics of this feature:

Rules allow you to specify accept and reject actions on IP masks. The rules work with IPv4 addresses. Rules are applied to the namespace level. You can have multiple rules and they are applied in order. The first rule that matches the IP address determines the accept or reject action. Requests from IPs that are rejected receive an unauthorized response.

Today these features are available in the Azure portal as shown in the screenshot. You can find them at the Event Hubs or Service Bus namespace level or via an ARM template.

The below ARM template shows how you can use this feature. This template takes the following parameters:

ipFilterRuleName

Share

03

Jul

IP filtering for Event Hubs and Service Bus

For scenarios in which Azure Event Hubs or Azure Service Bus is only accessible from certain well-known sites, the IP Filter feature enables you to configure rules for accepting or rejecting traffic originated from specify IP addresses, for instance the addresses that come under corporate NAT gateway. The Azure team is happy to announce the public preview of IP Filtering for Service Bus Premium and Event Hubs Standard and Dedicated price plans.

This feature allows users to control which IPs are accessing their resources. Some characteristics of this feature:

Rules allow you to specify accept and reject actions on IP masks. The rules work with IPv4 addresses. Rules are applied to the namespace level. You can have multiple rules and they are applied in order. The first rule that matches the IP address determines the accept or reject action. Requests from IPs that are rejected receive an unauthorized response.

Today these features are available in the Azure portal as shown in the screenshot. You can find them at the Event Hubs or Service Bus namespace level or via an ARM template.

The below ARM template shows how you can use this feature. This template takes the following parameters:

ipFilterRuleName

Share

27

Mar

Soft delete for Azure Storage Blobs now in public preview

Today we are excited to announce the public preview of soft delete for Azure Storage Blobs! The feature is available in all regions, both public and private.

When turned on, soft delete enables you to save and recover your data where blobs or blob snapshots are deleted. This protection extends to blob data that is erased as the result of an overwrite.

How does it work?

When soft data is deleted, it transitions to a soft deleted state instead of being permanently erased. When soft delete is on and you overwrite data, a soft deleted snapshot is generated to save the state of the overwritten data. Soft deleted objects are invisible unless explicitly listed. You can configure the amount of time soft deleted data is recoverable before it is permanently expired.

Soft deleted data is grey, while active data is blue. More recently written data appears beneath older data. When B0 is overwritten with B1, a soft deleted snapshot of B0 is generated.​ When the blob is deleted, the root (B1) also moves into a soft deleted state.

Soft delete is backwards compatible; you don’t have to make changes to your applications to take advantage of the protections this

Share

30

Jan

New in Stream Analytics: General availability of sub-streams, query compatibility, and more

Today, we are excited to announce the general availability of several features in Azure Stream Analytics. These features are designed to help address a variety of scenarios for both enterprise and non-enterprise customers alike. These include:

Sub-streams support: A variety of streaming applications that customers build using Azure Stream Analytics such as IoT, connected car and automotive telematics, smart elevators, etc requires processing of telemetry streams from each asset or source by itself – all in the same job without merging the timeline from events belonging to different devices or sources. This is because their clocks may be drastically out of sync. The new sub-streams support in Stream Analytics will offer this powerful new capability with very simple language constructs. A new keyword OVER is being introduced to extend the TIMESTAMP BY clause for this purpose. More details can be found at the TIMESTAMP documentation page.

Process data from different senders (toll stations) without applying time policies across different senders. The input data is partitioned based on TollId.

Egress to Azure functions: Azure Functions is a serverless compute service in Azure that helps users run their custom code triggered by events occurring in Azure or third-party services. This ability

Share