Monthly Azure news May 2022
We are glad to share the latest, exciting news from the Cloud Native world as well as Microsoft Build 2022. Have a look at some of the most interesting updates in the following list we compiled for you. We hope you will enjoy the read.
- Public preview: Preview environments for Azure Static Web Apps
- New Azure WAF enhancements are available
- Azure Container Apps: officially released
- Azure Container Apps: Log streaming and console connection
- Azure DNS Private Resolver got to the public preview
- Azure SDK updates
- NGINX Plus in a public preview
- New features for Azure SQL database
- Public Preview: API for Mongo DB provides built-in role-based access control (RBAC)
- Email APIs for Azure Communication Services in a public preview now
- Public preview: connecting to Azure Storage is possible without a secret in the connection string
- Azure Monitor container insights – several benefits in public preview
- Public release for GraphQL support in Azure API Management
- Azure Kubernetes Service – public previews
- AKS Cluster extensions generally available
- AKS network handling enhancements generally available
- GA: AKS alias minor version
- Recap: Microsoft Build 2022
Public preview: Preview environments for Azure Static Web Apps
Before this public preview, there was only one deployment environment available for Static Web Apps production. From now on multiple preview deployment environments are supported for the Azure Static Web Apps. These deployments can be used to spin-up deployments for Pull Requests (PRs), Branches as well as Named environments.
New Azure WAF enhancements are available
A lot of new features for the Azure WAF have been released shortly. These enhancements mainly target security, scalability, deployment, and management requirements.
Updated rulesets that enable to cover more vulnerabilities, bot protection, next generation WAF engine (less latencies, more requests per second with the same compute power, protection against DoS attacks), and progressive management and monitoring support belong to the highlights of this release.
Please refer to the article to get more information.
Azure Container Apps: officially released
Azure Container Apps, finally GA, is a fully managed serverless container service. It is optimized for general-purpose containers, powered by Kubernetes by abstracting its complexity. Deployment happens without the need to manage a complex infrastructure.
More details are available here.
Azure Container Apps: Log streaming and console connection
Logging output in real time is very helpful while developing and running an application. While seeing an error in the output, it is a good way to go to check the problem immediately and maybe adjust something inside the container. For both purposes – logging in real time and changing settings inside of the container – there are two features available now as a public preview: log streaming and console connect.
Azure DNS Private Resolver got to the public preview
This new service takes the place of VM-based DNS servers like DNS Resolvers for communication with Azure DNS private zones from, for example, an on-premises environment or Private Link scenarios. For detailed information please read this documentation.
Azure SDK updates
NGINX Plus in a public preview
Until now using NGINX Plus in Azure was a bit challenging but starting this month once one of the most popular web servers all over the globe got to the public preview as a cloud native SaaS offering.
New features for Azure SQL database
To speed up the development process, simplify it, and reduce release cycles there are several new features (currently in a public preview):
- JSON enhancements
- and a new local development experience
Public Preview: API for Mongo DB provides built-in role-based access control (RBAC)
RBAC lets the requester legitimate data retrieval with a subtle, role-based authorization model. These database roles are within the database and are managed using the Azure CLI, Azure PowerShell, or ARM (role management in Azure Portal isn’t supported yet). Using the new RBAC feature and Azure Cosmos DB diagnostic logs it is now possible to audit user actions.
Email APIs for Azure Communication Services in a public preview now
For applications that use Azure Communication Services, there is a new feature available – sending mails. It supports sending email from an application to a huge number of receivers (Application to Person use case), tracking progress, custom domains, and much more. For more information, please refer to this site.
Public preview: connecting to Azure Storage is possible without a secret in the connection string
Due to the announcement, it will be possible to use the Managed Identity of the Function app for connections to Azure Storage, so that the need to send secrets in the connection string gets obsolete.
Azure Monitor container insights – several benefits in public preview
Querying logs gets more efficient and time-saving if using the new ContainerLogv2 schema. ContainerLogv2 is available for all log data using Azure Monitor Container Insights. Check this link for a detailed overview.
Public release for GraphQL support in Azure API Management
Besides REST APIs Azure API Management now also officially supports GraphQL. All advantages of API Management are also available for the GraphQL APIs. In addition to that also GraphQL-own features can be added to the Azure API Management. Learn how to import.
Azure Kubernetes Service – public previews
Azure Kubernetes Service got a long list of new features available in public preview. A summary:
- Starting this month AKS supports Private Link Service in form of annotations in the manifest file. It means a Private Link Service to the LoadBalancer can be created automatically by AKS. Learn more.
- With the new Container Storage Interface (CSI), an extensible API, you can now disable and enable any of the CSI drivers (disk, files) supported by AKS.
- The open-source project Draft allows us to easily bring a non-containerized application to a Kubernetes cluster. For how to, check this article out.
- With the Web Application Routing Add-on secure accessing the applications running on Kubernetes gets simpler because of removing the complexity of Ingress controller, certificate, and DNS management. Find the detailed description here.
- KEDA is now available as AKS addon. KEDA is an event-driven autoscaler for Kubernetes containers.
- There is also good news regarding the node support in AKS – ARM64-based nodes is in public preview from this month on. The new virtual machines with Ampere Altra Arm-based processors target the needs of the customers who are forced to deploy and maintain a wide range of workloads around the globe and do it in the most efficient way. To read more about the goal of these VMs and their features please follow the link.
- The Azure Disk Container Storage Interface (CSI) driver is a driver used by AKS to handle the lifecycle of Azure disks. An improved version of the driver is available as a public preview starting this month. The Azure CSI driver v2 brings enhancements for scalability and reduces latency during pod failover process. Check this link to get more details.
- With the new Key Management System plugin (also in a public preview since May), it is now possible to connect to the Azure Key Vault and encrypt data in etcd using your own certificate. For more information on this and further now available options please refer to this site.
- It is possible to deploy an Azure Kubernetes Service without CNI and bring your own Container Network Interface.
AKS Cluster extensions generally available
Azure Kubernetes Server Cluster extensions are now generally available. Cluster extensions provide an Azure Resource Manager driven experience for installation and lifecycle management of services like Azure Machine Learning, GitOps and Dapr.
The Azure Kubernetes Service Dapr extension places a fully supported version of Dapr inside the AKS cluster so that the time needed for manual downloading, installing, and maintaining the Dapr can be saved.
Using the cluster extension the Azure Machine Learning operator can be deployed and managed on AKS. The operator configures and connects AKS clusters to Azure Machine Learning workspaces in order to train and manage machine learning models.
GitOps with Flux v2 can be added to AKS and Azure Arc-enabled Kubernetes to control hybrid and multi-cloud environments. With the extension synchronization between the Git repository sources and the cluster is possible to ensure the cluster is in the required state.
AKS network handling enhancements generally available
The two enhancements are:
- having a unique subnet per node pool
- ability to enable the dynamic node IP allocation
To target the needs of customers Azure Kubernetes Service now supports the assignment of a unique subnet to a node pool within a cluster. It allows the usage of multiple subnets in the same vNet. For further information and info on limitations please refer to this site.
The other enhancement is the support of dynamic IP allocation which leads to better IP utilization and also allows large clusters.
GA: AKS alias minor version
Finally, a generally available feature that simplifies your Azure Kubernetes Service setup by providing the exact patch version while creating the cluster is optional now. It is enough to define the minor version like 1.21 instead of 1.21.1. Providing only the minor version will install the latest GA patch of the given minor version.
Recap: Microsoft Build 2022
Microsoft Build 2022 took place earlier this month as a global virtual event. We had the honor to join the Build Spotlight event in Berlin with some of our team members. Also, Martin and Nico delivered a talk on „polyglot Microservices development with Dapr and Azure Container Apps“ (german only).
Don’t miss to replay all of the talks delivered in Berlin (german only) as well as virtually.