Exciting news from Microsoft Ignite 2023: the Azure Stack HCI version 23H2 is now available in public preview! This latest iteration of Azure Stack HCI represents a significant leap in cloud-managed hyperconverged infrastructure, seamlessly integrating adaptive cloud principles. Azure Stack HCI streamlines operations from hardware to applications, leveraging Azure Resource Manager and Azure’s core management services. This integration effectively bridges the gap between disparate teams, fostering a unified approach. The new version supports both new container-based applications and existing virtual machines through Azure Kubernetes Service. Additionally, every workload benefits from Azure Arc, simplifying the adoption of cloud-based configuration, security, and observability across all resources.
Watch the demo to see the latest features:
Leverage Cloud Capabilities for Scalability
In sectors such as retail, manufacturing, and healthcare, physical operations often span numerous edge locations. With the rise of digital transformation, more computing power is being integrated into locations like stores, factories, or clinics. Managing the surge of new technologies across thousands of sites can be daunting and costly. Edge infrastructure that is rapidly deployable and centrally managed, equipped with AI-powered tools capable of scaling to thousands of resources, offers a significant competitive edge. Azure Stack HCI version 23H2 revolutionizes core lifecycle operations like deployment, patching, configuration, and monitoring by executing them entirely through the cloud, minimizing the need for on-site tools and staff.
Deployment via Cloud
Azure Stack HCI version 23H2 simplifies large-scale deployment. When new devices arrive at an edge location, and if they already have the OS preinstalled, on-site staff need only to connect them and establish the initial network link to Azure Arc. Subsequently, the rest of the infrastructure, including cluster, storage, and network configuration, is set up via the cloud. This minimizes the on-site time and expertise required. The Azure portal allows for the creation of an Azure Stack HCI cluster or scaling using an Azure Resource Manager (ARM) template, which can be reused with unique parameters for each location. This infrastructure-as-code method ensures consistent configuration of Azure Stack HCI at scale. Starting with version 23H2, all Azure Stack HCI clusters are cloud-deployed.
Update Management in the Cloud
Updates are also streamlined. Azure Stack HCI version 23H2 introduces a new Lifecycle Manager that compiles all relevant updates into a single monthly package, encompassing the OS, agents, services, and even hardware drivers and firmware for participating solutions. Lifecycle Manager guarantees that your cluster runs a software combination validated by Microsoft and its partners, reducing update-related risks or incompatibilities. Update management for Azure Stack HCI clusters is integrated with Azure Update Manager, offering a unified tool for all your machines across cloud and edge. Updates can be checked and applied to one or multiple clusters easily through the Azure portal. Updates are implemented with cluster-aware updating, ensuring sequential application to each host without downtime for apps or users. From version 23H2 onwards, all Azure Stack HCI clusters receive updates from the cloud.
Monitoring via Cloud
Azure Monitor provides comprehensive observability for apps and infrastructure across both cloud and edge. This now includes log, metric, and alert coverage for Azure Stack HCI version 23H2. There are over 60 standard metrics available for Azure Stack HCI, including processor and memory usage, storage performance, network bandwidth, and more. Health issues in Azure Stack HCI, such as a failed disk or misconfigured network port, are flagged as new platform alerts, which can be customized for notifications or actions. Azure Monitor Insights, powered by Data Collection Rules and Workbooks, offers pre-built views for monitoring specific features and scenarios, like storage deduplication and compression.
For more details, refer to the documentation on the latest features in 23H2 (preview).
Centralized Management Across Workloads
Azure Stack HCI version 23H2 simplifies the management of diverse applications, whether they’re container-based, VM-based, in the cloud, or at the edge. By integrating Azure Arc, it offers a unified approach to managing all workloads efficiently. This integration includes essential components like the Arc Resource Bridge and Custom Location, enabling immediate provisioning of Arc-enabled VMs, Azure Kubernetes Service clusters, and Azure Virtual Desktop session hosts right after deployment.
Virtual Machines on Azure Stack HCI
Azure Stack HCI version 23H2 is adept at handling critical workloads through virtual machines. It offers general-purpose VMs with a range of sizing and configuration options to suit various application needs. Users have the flexibility to use their own Linux or Windows custom images or choose from a variety available in the Azure Marketplace. Azure Arc facilitates the definition of storage paths and logical networks, supporting both static IP assignment and DHCP. Every new VM created via the Azure portal, CLI, or an ARM template is automatically equipped with the Connected Machine Agent. This agent enables guest management, including VM extensions like Microsoft Defender, Azure Monitor, and Custom Script. This ensures consistent management of all machines, both in the cloud and at the edge. Users can either create new VMs or opt to preview the new integration with Azure Migrate for transferring VMs from VMware or Hyper-V to Azure Stack HCI. Azure Arc-enabled VM management is set to reach general availability with version 23H2.
Azure Kubernetes Service
The trend towards containerized applications is growing, and Azure Stack HCI version 23H2 caters to this with the Azure Kubernetes Service. This managed Kubernetes solution operates locally at the edge, automatically set up as part of the Azure Stack HCI deployment. It includes everything needed to start deploying container-based workloads, such as Linux and Windows container host images, along with storage and networking drivers. The Azure Kubernetes Service shares its control plane with general-purpose VMs in the Azure Arc Resource Bridge and utilizes the same storage paths and logical networks. Each new Kubernetes cluster set up through the Azure portal, CLI, or an ARM template comes pre-configured with Azure Arc Kubernetes agents, enabling extensions like Microsoft Defender, Azure Monitor, and GitOps for streamlined application deployment and CI/CD processes.
Azure Virtual Desktop for Azure Stack HCI (Preview)
Azure Stack HCI version 23H2 also introduces the capability to deploy virtualized desktops and apps with Azure Virtual Desktop. This service, featuring a cloud-hosted control plane managed by Microsoft, offers the familiarity and compatibility of Windows 11 and Windows 10, along with multi-session capabilities for enhanced density and cost-effectiveness. Azure Virtual Desktop for Azure Stack HCI allows for the placement of desktops and apps closer to users at the edge, reducing latency and optionally incorporating GPU acceleration for more intensive applications. The updated public preview in version 23H2 includes host pool provisioning directly from the Azure portal, simplified guest OS activation, and updated Marketplace images with preinstalled Microsoft 365 apps. Details regarding general availability timing and pricing will be announced shortly.
For more information, visit the Azure Virtual Desktop blog to learn about the latest updates.
Simplified Advanced Security with Azure Stack HCI
The evolving cyber threat landscape demands advanced security measures, especially with the increase of apps and infrastructure at the edge. Azure Stack HCI version 23H2 addresses this need by offering robust security features, easy integration with Microsoft Defender for Cloud, and the option for Trusted launch protection for virtual machines.
Default Security Enhancements
Azure Stack HCI version 23H2 clusters come with enhanced security settings. Based on the Secured Core Server foundation, it automatically applies over 300 Microsoft-recommended settings across various components, fully aligning with the Azure security baseline. This robust setup ensures a secure deployment, even for those not specialized in security, and continuously corrects any deviations from these settings. Additionally, it includes automatic application control to guard against malware and ransomware.
Integration with Microsoft Defender for Cloud
Microsoft Defender for Cloud extends its unified security management to Azure Stack HCI, offering comprehensive protection and recommendations for your infrastructure. It highlights critical security aspects like Secure Boot configuration and storage volume encryption, all accessible through its portal. This integration simplifies auditing and remediation of security postures across numerous edge locations. A preview of this integration is available for sign-up.
Trusted Launch for VMs
Trusted launch, previously exclusive to Azure cloud, is now available for Azure Stack HCI, enhancing VM security against firmware and bootloader attacks. This feature, accessible when provisioning Arc-enabled VMs, includes a virtual TPM for secure key and certificate management and enables Secure Boot by default. It supports essential functions like automatic failover and live migration, maintaining security across cluster nodes.
For more details on the Trusted launch for Azure Arc VMs, visit the Security, Compliance, and Identity blog.
Getting Started
- Preview the 23H2 Version: You can start exploring Azure Stack HCI version 23H2 through its preview. Follow the deployment guide and use the Azure portal to begin, compatible with both real and virtual hardware.
- Use 22H2 for Production: Version 23H2 is not yet recommended for production. Continue using version 22H2 for now, and explore hardware options that suit your needs and budget.
Azure Stack HCI version 23H2 is slated for general availability in early 2024, with updates on availability and procedures to be announced. Initially, it will be available for new deployments, with updates for existing Azure Stack HCI version 22H2 users to follow. Stay tuned for more information on this upcoming release.