If you’ve just come back from Mars via a craft with no processors, then (a) welcome home and (b) there was some news about something called Spectre and Meltdown.
Microsoft quietly let the news out before the holidays that Azure services would be scheduled to reboot starting on January 9th. At the start of the month, some news started to leak that there was a big security flaw in Intel processors. On January 3rd, Intel and Google (who found the flaw) confirmed the security flaw in the Intel processors and ARM & AMD too.
Microsoft quickly sent out emails to let people know the reboots were brought forward and they started on January 3rd.
Since then, Microsoft has issued guidance for mitigating the “speculative execution side-channel vulnerability”, or Meltdown, on Azure virtual machines. Microsoft did patch its Hyper-V hosts in Azure. This should not impact the performance of most virtual machines. However, anyone with machines with larger networking loads might see a reduction in performance. If so, Microsoft recommends:
… turning on Azure Accelerated Networking (Windows, Linux), which is a free capability available to all Azure customers.
Sadly, you cannot “turn on” Accelerated Networking. You will have to redeploy the virtual machine and NIC with the existing disks.
I feel OK about the whole thing. Intel has confirmed all is well.
A new site, running on Azure App Services, has appeared with a very handy listing/comparison of all the Azure virtual machine series and sizes.
ASR got a couple of nice improvements this month:
I wonder how many people either never do backups of their Azure virtual machines, or forget to enable it afterward (once the only option). Enabling Azure Backup is now an option while creating a new virtual machine in the Azure Portal. There are no excuses anymore!
The Overview of Recovery Services vault, shared with ASR, has also improved the status information for Azure Backup, providing you with a quick view of utilization and health.
If you use Bitlocker Encryption Key (BEK) to secure the disks of your Azure virtual machines, then I have good news: Azure Backup now supports protecting those machines! With this news, I don’t have to worry about The Donald reading my emails! Sorry … but that was just too easy.
If you are buying Azure through Credit Card (you’re crazy!), Open, or Enterprise Agreement, then you must purchase support for Azure separately. Support is built-in when acquiring Azure through the Cloud Solution Provider (CSP) Direct and Indirect channels.
Microsoft announced some improvements to its middle-tier Standard tier support plan:
More bang for your buck!
Action Groups are a feature that is getting more important for generating alerts in Azure Monitor. An Action Group allows you to create a set of notifications/actions that can be triggered by an alert. One of the notification types is SMS texting, which was restricted to just the USA (The Curse of Zune). I complained to the product group about this in a conversation and was told to go back and look at the blade in Azure Monitor. A bunch more countries have been added and are now supported for SMS alerting between the time I had last checked the Azure Portal and the time I complained. Sometimes, it’s nice being wrong!
Some feedback has turned into changes – nothing new here in Azure! NSGs now:
It was announced on January 3rd that Microsoft acquired a cloud storage company called Avere. I’m guessing that Microsoft bought this company to acquire some IP to improve existing hybrid cloud storage solutions, instead of adding another hardware appliance (versus StorSimple) or hybrid cloud storage solution (Azure File Sync). Avere appears to help customers, lots of mentions of animation and media companies in the press release. Verticals such as Finance and Oil/Gas are also mentioned and we know that those are two verticals Microsoft is targeting with its Intelligent Cloud/Intelligent Edge push.
Here are some other announcements from the world of Azure IaaS and management:
Here are my Azure posts from the month of January:
Stanislav Zhelyazkov, MVP, is well known in the System Center world and has specialized in OMS/Log Analytics over the last few years. He wrote a post recently to share some tips and tricks on getting started with Azure Security Center.
I’ve been a user of Hyper-V since the beta in Windows Server 2008 and I became a Hyper-V MVP many moons ago. As such, I got to know Ben Armstrong, the public face of Hyper-V for many years, through his helpful posts on Hyper-V and in-person. Ben was best known as “The Virtual PC Guy”. That was his Microsoft blog’s name and his Twitter handle based on his history in virtualization, which started before Microsoft acquired Connectix (the foundation of Virtual PC, Virtual Server, and eventually Hyper-V) in 2003. Ben has been incredibly helpful to all Hyper-V admins, directly or indirectly over the years and he’s bailed my tail out on more occasions than either of us care to remember. If you read my posts or follow me on Twitter, then there’s a good chance that Ben has rescued you at some point too.
What Ben does in Microsoft has changed, so he’s not as involved with the things he used to blog about. That’s handled by his team now. From now on, Ben is “American Boffin”, as he explains on his new personal blog. For us Hyper-V veterans, it’s the end of an era but we are comforted in knowing that interesting tech posts are still being shared.