Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article lists the features and improvements that are available in hyperconverged deployments of Azure Local (formerly Azure Stack HCI) 23xx releases.
Note
Azure Local 23xx releases are not in a supported state. For more information, see Azure Local release information.
Features and improvements in 2311.5
This release primarily fixes bugs. See the Fixed issues list to understand the bug fixes.
Features and improvements in 2311.4
This release primarily fixes bugs. See the Fixed issues list to understand the bug fixes.
Features and improvements in 2311.3
A new Azure built-in role called Azure Resource Bridge Deployment Role is available to improve the security posture for Azure Local. If you provisioned a cluster before January 2024, assign the Azure Resource Bridge Deployment User role to the Arc Resource Bridge service principal.
The role follows the principle of least privilege. Assign it to the Arc Resource Bridge service principal, clustername.arb, before you update the cluster.
Remove the previously assigned permissions to take advantage of the constraint permission. Follow the steps to Assign an Azure RBAC role via the portal. Search for and assign the Azure Resource Bridge Deployment role to the member: <deployment-cluster-name>-cl.arb.
This release also includes an update health check that confirms the assignment of the new role before applying the update.
Features and improvements in 2311.2 GA
This section lists the new features and improvements in the 2311.2 General Availability (GA) release for Azure Local.
Important
Production workloads are only supported on the Azure Local systems running the generally available 2311.2 release. To run the GA version, start with a new 2311 deployment and then update to 2311.2.
In this generally available release of Azure Local, all the features that were available with the 2311 preview releases are also now generally available. In addition, the following improvements and enhancements are available:
Deployment changes
With this release:
- Deployment supports existing storage accounts.
- The Rerun deployment option becomes available in the cluster Overview page for a failed deployment.
- You can customize network settings such as storage traffic priority, cluster traffic priority, storage traffic bandwidth reservation, jumbo frames, and RDMA protocol.
- You must explicitly start validation via the Start validation button.
For more information, see Deploy via Azure portal.
Add server and repair server changes
- Bug fixes in the Add server and Repair server scenarios. For more information, see the Fixed issues in 2311.2.
Azure Local VM management changes
In this release:
- You can manage guests through Azure CLI. For more information, see Enable guest management.
- Proxy support is added for Azure Local VMs. For more information, see Set up proxy for Azure Local VMs.
- You can select the storage path during the Azure Local VM image creation via the Azure portal. For more information, see Create an Azure Local VM image from Azure Marketplace via the Azure portal.
Migration of Hyper-V VMs to Azure Local (preview)
You can now migrate Hyper-V VMs to Azure Local using Azure Migrate. This feature is currently in preview. For more information, see Migration of Hyper-V VMs using Azure Migrate to Azure Local (preview).
Monitoring changes
In the Azure portal, you can now monitor platform metrics of your cluster by navigating to the Monitoring tab on your cluster's Overview page. This tab offers a quick way to view graphs for different platform metrics. You can select any graph to open it in Metrics Explorer for a more in-depth analysis. For more information, see Monitor Azure Local through the Monitoring tab.
Security via Microsoft Defender for Cloud (preview)
You can now use Microsoft Defender for Cloud to help improve the security posture of your Azure Local environment and protect against existing and evolving threats. This feature is currently in preview. For more information, see Microsoft Defender on Cloud for Azure Local (Preview).
Supported workloads
Starting with this release, the following workloads are generally available on Azure Local:
Azure Kubernetes Service (AKS) on Azure Local. For more information, see Create Kubernetes clusters.
In addition, AKS on HCI has a new CLI extension and Azure portal experience, Support for logical networks, Support for taints and labels, Support for upgrade via Azure CLI, Support for Nvidia A2 and more. For details, see What's new in AKS on Azure Local?.
Azure Virtual Desktops (AVD) on Azure Local. For more information, see Deploy AVD on Azure Local.
Features and improvements in 2311
This section lists the new features and improvements in the 2311 release of Azure Local. Additionally, this section includes features and improvements that were originally released for 2310 starting with cloud-based deployment.
Cloud-based deployment
For machines running Azure Local, release 2311.2, you can perform new deployments via the cloud. You can deploy an Azure Local instance in one of the two ways - via the Azure portal or via an Azure Resource Manager deployment template.
For more information, see Deploy Azure Local instance using the Azure portal and Deploy Azure Local via the Azure Resource Manager deployment template.
Cloud-based updates
This new release has the infrastructure to consolidate all the relevant updates for the OS, software agents, Azure Arc infrastructure, and OEM drivers and firmware into a unified monthly update package. This comprehensive update package is identified and applied from the cloud through the Azure Update Manager tool. Alternatively, you can apply the updates using the PowerShell.
For more information, see Update your Azure Local instance via the Azure Update Manager and Update your Azure Local via the PowerShell.
Cloud-based monitoring
Respond to health alerts
This release integrates the Azure Monitor alerts with Azure Stack HCI so that any health alerts generated within your on-premises Azure Stack HCI system are automatically forwarded to Azure Monitor alerts. You can link these alerts with your automated incident management systems, ensuring timely and efficient response.
For more information, see Respond to Azure Stack HCI health alerts using Azure Monitor alerts.
Monitor metrics
This release also integrates the Azure Monitor metrics with Azure Stack HCI so that you can monitor the health of your Azure Stack HCI system via the metrics collected for compute, storage, and network resources. This integration enables you to store cluster data in a dedicated time-series database that you can use to analyze data from your Azure Stack HCI system.
For more information, see Monitor Azure Stack HCI with Azure Monitor metrics.
Enhanced monitoring capabilities with Insights
By using Insights for Azure Stack HCI, you can monitor and analyze performance, savings, and usage insights about key Azure Stack HCI features, such as ReFS deduplication and compression. To use these enhanced monitoring capabilities, ensure that your cluster is deployed, registered, and connected to Azure, and enrolled in monitoring. For more information, see Monitor Azure Stack HCI features with Insights.
Azure Local VM management
Starting with this release, the following Azure Local VM management capabilities are available:
- Simplified Azure Arc resource bridge deployment. The Azure Arc resource bridge is now deployed as part of the Azure Local deployment. For more information, see Deploy Azure Local instance using the Azure portal.
- New RBAC roles for Azure Local VMs. This release introduces new RBAC roles for Azure Local VMs. For more information, see Manage RBAC roles for Azure Local VMs.
- New Azure consistent CLI. Starting with this preview release, a new consistent command line experience is available to create VM and VM resources such as VM images, storage paths, logical networks, and network interfaces. For more information, see Create Azure Local VMs on Azure Local.
- Support for static IPs. This release adds support for static IPs. For more information, see Create static logical networks on Azure Local.
- Support for storage paths. While default storage paths are created during the deployment, you can also specify custom storage paths for your Azure Local VMs. For more information, see Create storage paths on Azure Local.
- Support for Azure VM extensions on Azure Local VMs. Starting with this preview release, you can also enable and manage the Azure VM extensions that are supported on Azure Arc, on Azure Local VMs. For more information, see Manage VM extensions for Azure Local VMs.
- Trusted launch for Azure Local VMs. Azure Trusted Launch protects VMs against boot kits, rootkits, and kernel-level malware. Starting with this preview release, some of those Trusted Launch capabilities are available for Azure Local VMs. For more information, see Trusted launch for Azure Local VMs.
AKS on Azure Local
Starting with this release, you can run Azure Kubernetes Service (AKS) workloads on your Azure Local system. AKS on Azure Local uses Azure Arc to create new Kubernetes clusters on Azure Local directly from Azure. For more information, see What's new in AKS on Azure Local?
The following Azure Kubernetes cluster deployment and management capabilities are available:
- Simplified infrastructure deployment on Azure Local. In this release, the infrastructure components of Azure Kubernetes on Azure Local including the Azure Arc resource bridge, custom location, and the Azure Kubernetes Extension for the Azure Kubernetes operator, are all deployed as part of the Azure Local deployment. For more information, see Deploy Azure Local instance using the Azure portal (preview).
- Integrated infrastructure upgrade on Azure Local. The whole lifecycle management of Azure Kubernetes infrastructure follows the same approach as the other components on Azure Local. For more information, see Infrastructure component updates for AKS on Azure Local (preview).
- New Azure consistent CLI. Starting with this preview release, a new consistent command line experience is available to create and manage Kubernetes clusters.
- Cloud-based management. You can now create and manage Kubernetes clusters on Azure Local by using familiar tools such as Azure portal and Azure CLI. For more information, see Create Kubernetes clusters using Azure CLI.
- Support for upgrading a Kubernetes cluster using Azure CLI. You can use Azure CLI to upgrade the Kubernetes cluster to a newer version and apply the OS version updates. For more information, see Upgrade an Azure Kubernetes Service (AKS) cluster (preview).
- Support for Azure Container Registry to deploy container images. In this release, you can deploy container images from a private container registry by using Azure Container Registry to your Kubernetes clusters running on Azure Local. For more information, see Deploy from private container registry to on-premises Kubernetes using Azure Container Registry and Azure Kubernetes.
- Support for managing and scaling the node pools. For more information, see Manage multiple node pools in Azure Kubernetes.
- Support for Linux and Windows Server containers. For more information, see Create Windows Server containers.
Security capabilities
The new installations with this release of Azure Local start with a secure-by-default strategy. The new version has a tailored security baseline coupled with a security drift control mechanism and a set of well-known security features enabled by default. This release provides:
- A tailored security baseline with over 300 security settings configured and enforced with a security drift control mechanism. For more information, see Security baseline settings for Azure Local.
- Out-of-box protection for data and network with SMB signing and BitLocker encryption for OS and Cluster Shared Volumes. For more information, see BitLocker encryption for Azure Local.
- Reduced attack surface as Windows Defender Application Control is enabled by default and limits the applications and the code that you can run on the core platform. For more information, see Windows Defender Application Control for Azure Local.
Support for web proxy
This release supports configuring a web proxy for your Azure Local system. Perform this optional configuration if your network uses a proxy server for internet access. For more information, see Configure web proxy for Azure Local.
Removal of GMSA accounts
In this release, the Group Managed Service Accounts (gMSA) created during the Active Directory preparation are removed. For more information, see Prepare Active Directory.
Capacity management
In this release, you can add and remove machines, or repair machines from your Azure Local system via the PowerShell.
For more information, see Add server and Repair server.
ReFS deduplication and compression
This release introduces the Resilient File System (ReFS) deduplication and compression feature designed specifically for active workloads, such as Azure Virtual Desktop (AVD) on Azure Local. Enable this feature using Windows Admin Center or PowerShell to optimize storage usage and reduce cost.
For more information, see Optimize storage with ReFS deduplication and compression in Azure Local.