Monthly Azure news – August 2020

As promised, this month we’re also bringing you some fresh news from the Azure world. In this post you will read about: Azure Functions, PowerShell cmdlets, Kubernetes, and much more, so don’t hesitate to check the post.

1. Azure Cosmos DB Management with PowerShell cmdlets is in public preview

It is now in preview – users can manage Azure Cosmos DB resources using a set of PowerShell cmdlets, available in the Az.CosmosDB Powershell module. The Az.CosmosDB module can be used with Windows PowerShell 5.1 as well as cross-platform PowerShell Core 6 or 7.

The Az.CosmosDB PowerShell module includes cmdlets to manage Azure Cosmos DB account resources, including the new autoscale throughput as well as per-API resources. These include databases and keyspaces, graphs and tables, and child resources including containers, collections, graphs, and tables. Additional cmdlets are available to manage other Azure Cosmos DB resources including indexes, keys, locations, conflict resolution, and unique key policies, account regions, and throughput.

2. Audit Logs of Azure Monitor logs queries now available

With Azure Monitor Logs it is possible to collect data across their entire ecosystem including application and OS level telemetry, security logs, network logs, diagnostic logs from Azure resources and custom logs. All this data can be queried with the powerful KQL query language to manage insights across patterns, correlations, and more. The Azure Monitor Logs team is announcing a public preview for one of their most requested features, the ability to audit Azure Monitor Logs queries. Some of the advantages include: through the Azure Diagnostics mechanism, one can collect telemetry about who ran a query, when the query was run, what tool was used to run the query, the query text, and performance stats around the query execution. This telemetry, as with any other Azure Diagnostics-based telemetry, can be sent to an Azure Storage Blob, Azure Event Hub, or into Azure Monitor Logs.

3. Kubernetes resource view is in public preview

Azure portal now provides a Kubernetes resource view, currently in public preview, that improves the developer experience and simplifies dev/test scenarios.

With the new Kubernetes resource view, developers can use point and click navigation to see live, in-depth details of the workloads they have access to. The public preview includes multiple resource types (including deployments, pods, and replica sets) and supports the following key capabilities:

See workloads running on your cluster, including the ability to filter resources by namespace
Find the node an application is running on and their pod IP address
See pods in the replica set, ready status of each pod, and images associated with each
Drill down to individual deployments to see live status and specification details
Execute on the fly changes to YAML to validate dev/test scenarios
With Azure Monitor insights enabled, users can view deployment hierarchy, insights such as CPU usage and memory usage in the Kubernetes resources view, and seamlessly transition to Azure monitor for more in-depth insights.

Kubernetes resource view will be the replacement for the discontinued Kubernetes Dashboard which will get deprecated soon.

4. Introduction Open Service Mesh

A new open-source project has been introduced, namely Open Service Mesh (OSM). OSM is a lightweight and extensible service mesh that runs on Kubernetes. OSM makes possible managing, securing, and observing service-to-service communication in very dynamic and fast-changing microservice environments. The main aim of the OSM is to manage open governance and enable easy community collaborations. The proposal to start the donation of OSM to the Cloud Native Computing Foundation (CNCF) is submitted.

The intention is to make OSM work smoothly for Kubernetes users by supporting common use cases like:

traffic shifting for common deployment scenarios
securing service-to-service communication with automatic mTLS
enforcing fine-grained access control policies for services
observing metrics for debugging and monitoring of services
integrating with native or external certificate management solutions
onboarding applications onto the mesh with automatic sidecar injection.

5. Azure Functions: PowerShell 7 support is now generally available

Azure Functions support for PowerShell 7 is now generally available. This enables developing and deploying Azure Functions Apps for production scenarios using the latest version of PowerShell.

As the PowerShell 6 is about to expire, customers are encouraged to upgrade their PowerShell 6 Function Apps to PowerShell 7 to receive continuing support for PowerShell. Azure Functions will remove the option for new PowerShell 6 Apps while maintaining existing apps in the service so customers can upgrade.

Follow this guide to upgrade existing PowerShell 6 Function Apps to PowerShell 7. Also following the link you can learn more about what PowerShell 7 offers.

6. General Availability: Azure Kubernetes Service node image upgrade

Azure announced the general availability of a node image upgrade capability in Azure Kubernetes Service that enables users to update node-level components such as the Container Runtime or OS updates without going through a full Kubernetes upgrade. Now users can initiate a targeted upgrade to agent nodes for a given node pool to pull the latest available node updates and patches without requiring a full cluster upgrade.

7. Public preview: CSI storage driver support in Azure Kubernetes Service

The Container Storage Interface (CSI) is a standard for exposing arbitrary block and file storage systems to containerized workloads on Kubernetes. By adopting and using CSI, Azure Kubernetes Service (AKS) can write, deploy, and iterate plugins exposing new or improving existing storage systems in Kubernetes without having to touch the core Kubernetes code and waiting for its release cycles.

The public preview of CSI storage driver support on AKS, which allows users to natively leverage has been announced:

Azure Files: Azure Files offers a fully managed, serverless file share that can be mounted concurrently by cloud or on-premises deployments of Windows, Linux, and MacOS. Azure Files makes it easy to lift and shift applications to the cloud that expect a file share to store files or user data.
Azure Disks: Azure Disk Storage offers high-performance, highly durable block storage for your mission- and business-critical workloads. Azure Disks allow you to achieve sub-millisecond latency with high performance for throughput and transaction-intensive workloads.

Kubernetes will be transitioning to CSI storage drivers instead of in-tree drivers with Kubernetes v1.21.

8. Public preview: Ephemeral OS disk support in AKS

The public preview of ephemeral OS disk for AKS agent nodes has been announced. With ephemeral OS disk, you see lower read/write latency on the Agent Nodes OS disk, since the disk is locally attached. One will also see faster cluster operations like scale or upgrade due to faster re-imaging and boot times. During preview, one will be able to run node pools with ephemeral OS alongside node pools with network-attached OS disks.

9. Public preview: Azure Resource Health support in AKS

AKS now supports Azure Resource Health in public preview. One can now easily diagnose, troubleshoot, and get support for service problems that affect its AKS resources. Azure Resource Health reports about the current and past health of your resources and gives one a personalized dashboard of the health of your clusters.

As an example, through Azure Resource Health, you will be able to see times that your AKS resources were unavailable due to any problems encountered as well as under any maintenance operation.

10. Kubernetes 1.19 is released

Kubernetes 1.19 has been released and introduces more than 30 enhancements. Some of the most exciting ones are:

an increase in Kubernetes support window to one year
warning system for use of deprecated of APIs
transition from Beta to enable faster stability reach
generic ephemeral inline volumes
kubeadm: customization with patches.

We are looking forward to use Kubernetes 1.19 with AKS soon. For all the details check the link.

11. Azure Blob – Soft Delete for Containers is in public preview

With the Soft delete for containers that expand upon Azure Blob Storage makes already existing soft delete for blobs, account delete blocking, and immutable blobs even better upgrading our data protection and restore capabilities. When container soft delete is enabled for a storage account, any deleted container and their contents are saved in Azure Storage for the period that the user specifies. During the retention period, it is possible to restore previously deleted containers and any blobs within them. Container soft delete is available in several regions. Learn more here.

12. Azure Policy Compliance Scan Action for GitHub Workflows is in public preview

The new GitHub action will make it easier to trigger on-demand Azure policy compliance scan on subscriptions, resource groups, or resources and automate the next steps in GitHub workflow based on the compliance state of the resources. This action also displays the non-compliant resources along with the reason for non-compliance so that developers/engineers can get early feedback on the organizational policies and can proactively rectify them. For more details check the link.

13. PowerShell support in Durable Functions is in public preview

Durable Functions, which is an extension to Azure Functions, now lets you define stateful serverless workflows and now supports PowerShell. Common scenarios made possible by Durable Functions include orchestrating the management of complex Azure Resource deployments involving sequential and parallel steps. Long-running workflows are supported, and Durable Functions provides built-in HTTP endpoints for monitoring their progress. To get started with PowerShell Durable Functions, try the Quickstart guide.

14. Serverless offer for Azure Cosmos DB is now in preview

This offer provides a lower entry price for NoSQL users and is based on consumption; it bills only for the request units used by database operations with no capacity management required. This offer meets the needs of small-to-medium workloads that don’t require steady throughput, receive requests sporadically or in short bursts, and have moderate performance requirements. Serverless is currently supported on the Azure Cosmos DB Core (SQL) API, while support for the APIs for MongoDB, Gremlin (graph), Table, and Cassandra is coming soon.

15. New IP address ranges with Service Tags for Azure DevOps Services

Service Tags will be supported by Azure DevOps Services by the end of CY2020. When a Service Tag is set up for Azure DevOps Services, customers can easily allow access by adding the tag name azuredevops to their NSGs or firewalls either through the portal or programmatically. This will help to reduce administrative effort and also enable higher security.

16. Azure Cost Management changes

In August a lot of improvements for the Azure Billing were released. They include:

Advanced scheduling options for exports
A better recommendation base don historical usage data for reservations and purchases
Quick fixes to apply recommendations of the Advisor under the “All recommendations” tab

Also there are several upcoming billing changes with details here.

17. General Availability of Health Checks for Azure App Service

Long in preview the health check for Azure App Services is now generally available.

Once you specify a path on your site, App Service will ping it every two minutes. If the path responds with a status code outside of 200 to 299 (or does not respond at all) for 5 pings, then the instance is determined to be unhealthy, and it is removed from the load balancer rotation. This stops the load balancer from routing requests to the unhealthy instances. When the instance is unhealthy and removed from the load balancer, the service continues to ping it. If it begins responding with successful response codes (200 to 299), the instance is returned to the load balancer. If it continues to respond unsuccessfully, App Service will restart the underlying VM in an effort to return the instance to a healthy status. Details can be found here.

18. Data Lake Storage Gen2 ACL recursive update in public preview

It is now possible to take access control lists and apply them recursively to child folders after creation. This brings the advantage that permission management on existing Data Lakes will get much easier. This public preview is available globally in all Azure regions, through PowerShell, .NET SDK, and Python SDK.

19. Log Analytics REST APIs are now generally available

A new Log Analytics API version is now generally available. Customer managed keys and bring your own storage are now supported.

20. General availability of the immersive Reader (Azure Cognitive Service)

Developers can embed inclusive capabilities into their apps by using Immersive Reader, an Azure Cognitive Service, to enhance reading and comprehension of text for users of any age and learning ability.

Editor’s note

Besides our monthly Azure News, we would like to make you aware of a Bug with the newest Terraform version 0.13.1 in combination with the Azure Resource Manager provider. Find all details here: