Azure & .Net Digest #5 Various AKS updates, .NET 9 features, Azure Linux 3.0, Coming soon: Microsoft Ignite 2024

Recent updates to Azure have brought many new features and improvements to various services. Whether you're interested in optimizing application performance, improving networking features, or the latest AI integrations, there's something for everyone. This time, the review is full of exciting news, especially regarding Azure Kubernetes Service (AKS). Let's take a look at the main updates this week.

If you have news that you would like to suggest or discuss, please join our Telegram channel at https://t.me/azureuacommunity .

App Insights and code optimization

●      Automatic code recommendations : Azure App Insights now offers automatic code optimization recommendations using an advanced artificial intelligence model. This model analyzes performance traces and suggests improvements to improve application performance.

●      Integration with GitHub Co-Pilot : An extension for GitHub Co-Pilot is now available to help you implement these productivity recommendations.

Premium SSD V2 and Ultra Disk improvements

●      Expanded Region Availability : Premium SSD V2 is now available in additional regions such as Germany (Midwest), Israel (Central), and Spain (Central).

●      Dynamic Sizing Support : Drives can now grow in size while in use, allowing storage to grow as needed without stopping operations.

NetApp Files with no-downtime network upgrade feature

●      Enhanced networking features in NetApp Files provide higher IP restrictions, support for security groups, and more. Now you can go from basic to standard network functions without downtime.

Synchronization of API Management with API Center

●      New Sync Feature : API Management now syncs with API Center in real-time, providing centralized API discovery and documentation.

Azure AI update

1. Data zones for improved data sovereignty

●      Data Zones : Azure AI now offers EU and US data zones, giving users more control over data sovereignty.

●      Improved Latency SLA : Improved the Latency Service Level Agreement (SLA) for Provisioned Throughput Units (PTUs).

2. GitHub Co-Pilot for Azure

Co-Pilot is now integrated with Azure, allowing you to deploy and manage resources directly from Visual Studio Code with Azure-specific advice.

3. Improvement of cost management

●      Updated cost management tools help track Azure OpenAI usage, allowing you to control budgets, optimize costs, and get detailed documentation of cost-saving strategies.

Security update

Updated security options for Entra

●      MFA and Legacy Authentication : Organizations that do not use Conditional Access (P1 or higher) can enable enhanced default security settings that require multi-factor authentication (MFA) and block legacy authentication methods for increased security.

●      Mandatory MFA Enrollment : Users must set up MFA during the first login, which improves security from the first minutes of operation.

New features and functions

Continuous Access Evaluation

This feature helps minimize the amount of time users retain access to resources (such as Microsoft Office) in the following cases:

●      Access tokens are revoked.

●      The user's risk level has increased.

●      The user's location has changed.

This ensures prompt response to potential security risks.

Advanced embedding in PowerToys

I also explored the Advanced Paste feature in PowerToys . It's a useful tool that improves productivity with advanced clipboard capabilities.

Updating computing resources

AKS parameter SECcomp Default

●      What is it? Part of the Secure Computing (SECcomp) model in Linux that limits the system calls (syscalls) that their containers can make to the kernel.

●      Advantages:

○      Limits potential malicious code in containers.

○      Reduces the risk of impact on the core.

●      How it works: By default, system calls are not limited. Setting the runtime default parameter limits unnecessary calls.

Azure Linux 3.0

Microsoft's own container-optimized Linux operating system is now supported in AKS 1.31 .

●      Main characteristics:

○      Reduced attack plane.

○      Full control over the supply chain.

○      High reliability and safety.

AKS Outbound Static Gateway (in preview)

Control the IP addresses of outbound traffic with public IP prefixes. This makes it easier to restrict access by IP addresses for external services.

Update Fleet Manager

Fleet Manager for AKS has been improved:

●      Step by step updates.

●      Integration with Azure Traffic Manager to balance DNS requests.

Various AKS updates

●      Ignore PDBs when deleting a node pool (GA) : Ability to bypass pod violation budgets (PDBs) when deleting a node pool.

●      Scaling Improvements: Selection of specific VMs to delete when scaling a node pool.

●      Advanced Container Network Services (ACNS) : Now GA, offering pod-level metrics, DNS analytics, and domain name filtering.

●      Isolated Network Clusters (in preview) : Simplify maintenance by handling updates to AKS components over the control plane network.

Network updates

Azure Front Door: WebSocket Support (preview)

Azure Front Door now supports WebSocket for real-time long-running TCP connections.

●      Ideal for:

○      Chat applications.

○      Live broadcast.

○      Gaming services.

●      Note: Once WebSocket is installed, the WAF (Web Application Firewall) no longer inspects traffic.

●      App Service Multiplan Subnet : The multiplan subnet service feature is now available in general access (GA), allowing multiple service plans to share a single subnet and optimize IP space usage.

●      Web Application Firewall Update : Version 1.1 of Web Application Firewall is now available, with updated bot rules to identify and block risky IP addresses using Microsoft Threat Intelligence.

Repository update

●      Starting in November 2025 , Azure Storage will require TLS 1.2 , deprecating support for TLS 1.0 and 1.1.

Updating databases

Databricks Serverless discounts continue

Promotional discounts on serverless compute extended until January 31, 2025 :

●      50% discount on computing tasks and pipelines.

●      30% discount on serverless notebooks.

Various updates

Chaos Studio in General Availability (GA)

Now available in the Canada Central region .

●      Test the robustness of systems by introducing failures such as:

○      Simulate 100% CPU usage.

○      Lost connection to Key Vault.

●      New feature: Using managed identities to crash AKS without storing secrets.

Decommissioning Azure Health Data Services

The service will be withdrawn from Qatar Central by October 2025 due to low demand. Move workloads to other regions where the service remains active.

Coming soon: Microsoft Ignite 2024

Next week is Ignite! Many announcements and updates are expected. Register online for free to follow the events.

Net update

The November 2024 .NET Updates include several key enhancements and security improvements across versions. here are the main points:

Key improvements

Security improvements

●      Security Bypass Vulnerability : This update resolves a vulnerability in the .NET Framework (versions 4.8 and 4.8.1) that could allow a security feature to be bypassed when using SecUtility.RandomByte

●      Information Disclosure Vulnerability : An information disclosure vulnerability related to performance counters is fixed for .NET Framework versions 4.6.2 through 4.8.1

Quality and Reliability Improvement

●      ASP.NET Improvements : The update addresses a build-time issue in Visual Studio for ASP.NET projects, including a bug related to " System.Web.UI.Util ".

●      Common Language Runtime (CLR) Fix : Fixed several issues including:

○      Preventing infinite loops in the rare case that a thread first enters the CLR.

○      Fix for incorrect interface call devirtualization during Just-In-Time (JIT) optimization.

○      Resolved out-of-memory exceptions during task-bound garbage collection.

.NET 9 features

●      Compilation Ahead (AOT) : The update extends the capabilities of AOT compilation by creating smaller, optimized binaries by compiling managed code directly to native code.

●      Unified SDK Experience : The release introduces a unified software development kit (SDK) across platforms that simplifies the development process.

●      Improvements in ASP.NET Core : Improvements have been made to simplify and accelerate web development, making it more efficient for developers, installation and Accessibility

●      Users can now install updates using the Windows Package Manager CLI ( winget ), making it easier to manage .NET installations

These updates reflect Microsoft's continued commitment to improving security, performance, and the developer experience in the .NET ecosystem.

Conclusion

These latest updates improve performance, security, and cost-effectiveness in Azure by simplifying the deployment, management, and optimization processes of applications. Whether it's code optimization, network flexibility, or advanced integrations with AI, Azure continues to evolve with user needs.

Stay tuned for new updates and enjoy the power of the latest Azure developments!

Colleagues, if you want to help with the digest, have comments or suggestions, please contact our Telegram channel - https://t.me/azureuacommunity .