Everything You Need to Know About Azure Infrastructure – November 2019 Edition
Microsoft Ignite 2019 has passed, and as one would expect, there were many Azure announcements. I’m not going to do my usual and list every announcement in this article – I would still be writing this article in 2020! Instead, check out the “book of news” to learn about all (actually, many) of the announcements that were made that week. In this post, I’ll highlight a few things and what was announced since Ignite.
Day 1 of Ignite started with lots of shiny new toys, including Azure Arc. Arc is a new hybrid management solution, promising to bring the management power of Azure to on-premises deployments. Many were dazzled by the lights and the potential of this announcement. Me, not so much. I’ve become a bit of a cynic about certain things. I’ve been that person who has deployed a preview on day 1, learned everything I could about it, put it into to production, dealt with the massive feature gaps, and then wondered where that product went 18 months later.
What is Arc? Azure can do a lot of things inside of Azure, including:
- Manage policy via Azure Resource Manager (ARM)
- Deploy updates
- Manage Azure Kubernetes Service (AKS) at scale
- Deploy data (Azure SQL) services
Arc, in public preview with ARM policy today, aims to bring these services to on-premises compute environments.
The problem with all that is:
- Azure Policy is in a never-ending preview and is quite buggy
- Azure Update Management doesn’t scale well in Azure, let alone on-premises.
- Kubernetes … sure … but on-premises?
- And the same goes for deploying SQL
I get it, many of us are in a hybrid world, but is the on-prem world not shrinking? And to be quite frank, I would never replace System Center Configuration Manager (or whatever it’s called after Ignite) with Azure Update Management. Heck, I’d prefer WSUS to Azure Update Management!
In my opinion, Azure Arc is mud on a wall. It’s been thrown to see what sticks and what doesn’t. It will be great fodder at conferences and user groups, but rarely adopted in production.
This phrase became my drinking game phrase. I went to a lot of Azure networking sessions because I knew that this was a big year for the teams behind that technology. If you attended the many sessions on networking and security, you’ll have been bombarded by this phrase and how to implement network security for infrastructure and platform/data services using existing features such as Network Security Groups, Route Tables, Azure Firewall, Web Application Firewall, Azure Frontdoor, and the new Secure Virtual Hub, Azure Firewall Manager, and Private Link.
The days of deploying flat & open networks like you’ve been doing on-premises are over. The cloud makes it easy to micro-segment and that combined with CI/CD pipelines allows you to lock down, govern, and automate your production environments in a way to prevent, limit, or contain advanced persistent threats.
The big point that Microsoft wanted to make was that this can be done for infrastructure workloads today, a little bit for platform services today, but next year, we will see big changes to extend the coverage for platform & data services and that the technologies will be easier to implement at scale.
Azure Norway is Open for Business … Sort Of
Norway is a market that I know fairly well; my employer is Norwegian, and all my customers are Norwegian. Some of my customers have been waiting for the two new regions to open for over a year! Norway is an interesting economy. For a relatively small country, it is quite wealthy and self-sufficient thanks to the oil industry (which the state uses to finance the security of the country) and large indigenous companies. These factors combined with a thirst to compete means that Microsoft has a pretty hungry cloud consumer in Norway.
Two regions opened for business November – Norway East in Oslo (the capital and home to many large enterprises) and Norway West in Stavanger (on the southwest coast and the home of the oil industry).
The regions are open for business, but one must apply to get access. I’ve been declined access as have many of my colleagues. However, some of my customers have been accepted, so I think Microsoft is prioritizing known large enterprises to drive local consumption.
The design of the regions is similar to that seen in other European local region pairs, such as the recently launched regions in Germany. Norway East is considered the production region and Norway West is the DR region. In fact, access to Norway West is not being allowed today; the rumor is that one oil or telecom company has been given exclusive access to Norway West until it is large enough to handle more customers.
Feature availability is very limited. When the regions opened, there were very few services available in Norway East – but some of the critical pieces were added last week. But even with that, many features for developing cloud-based services aren’t there yet, and some won’t even be there until H2 2020! That would make me consider where I am placing services – both North Europe and West Europe offer many more capabilities and offer the same legal protections, as well as higher SLAs with availability zones.
Other Announcements from Microsoft (Since Ignite)
Here are other Azure IaaS headlines from the past month:
- Save more on Azure usage—Announcing reservations for six more services
- Introducing Azure Cost Management for partners
- Change feed support now available in preview for Azure Blob Storage
- Azure Backup support for SQL Server 2019 and restore as files
And Now for Something Different
Windows Server is dead, and Linux is the successor! That’s what some would have you believe – wait, is it 1998 all over again and am I back sitting in an office pod with a weird penguin-hugger from Berkley, California?
Azure is confusing for those who work with it, let alone those who don’t but cover the world of computing. They hear news like “over 50% of Azure is Linux” and they really think that half (and that figure has been going up by 10% every year) of all of Azure is running Linux. That statement needs to be corrected.
- Over half of customer workloads are running Linux. That includes Linux virtual machines, but I strongly suspect it is mostly Linux containers where the tiny OS footprint makes it much quicker to deploy than a Windows Server-based container.
- Some parts of Azure’s network are based on Linux.
- Azure is built on Windows Server Hyper-V.
Let me state that again, just to be clear. Azure … is … built … on … Windows Server … Hyper-V. All those millions and millions of hosts, in those hundreds of data centers, in those 54 globally located regions are built on Windows Server. Azure is probably Microsoft’s single biggest Windows Server customer. And businesses continue to pay a large amount of money every year to run Windows Server on-premises and in Azure.
Windows Server is not dead. Far from it. It might be boring to cover because very little changes between releases anymore, but it still has a huge customer base and it does gradually improve to support Azure and extreme on-premises workloads, such as Azure Stack HCI (Storage Spaces Direct).
More in Microsoft Azure
Microsoft's New Azure Fluid Relay Service Lets Developers Build Collaborative Apps
Aug 5, 2022 | Rabia Noureen
Securing IoT with Azure Sphere
Jul 25, 2022 | John Lunn
Oracle Teams Up with Microsoft to Launch New Database Service for Azure
Jul 21, 2022 | Rabia Noureen
Microsoft Releases Update Management Center in Public Preview
Jul 20, 2022 | Rabia Noureen
How to Select Hardware for Azure Stack HCI
Jul 5, 2022 | Flo Fox
How to Install Azure Stack HCI Single-Node Clusters
Jun 3, 2022 | Flo Fox
Most popular on petri