Microsoft has added some exciting new features in the latest release of Azure Stack HCI. Now GA, the 23H2 update focuses on enhancing security, expanding hybrid virtual machine (VM) management, and better integration of Azure Stack HCI with Azure Arc, using the Azure Arc resource bridge. Here are the top five new features in Azure Stack HCI 23H2.
1. Enhanced Security out of the Box
With Azure Stack HCI 23H2, Microsoft has rolled out a secure-by-default strategy in which over 300 essential security features are preconfigured and enabled out of the box. The release also includes a security baseline and security drift control mechanism. This protection includes data and networking with SMB signing and BitLocker encryption for OS and Cluster Shared Volumes. Windows Defender Application Control is also enabled by default.
2. Seamless Azure Arc Integration with Azure Arc Resource Bridge
Azure Arc is now integrated with the Azure Stack HCI OS. Utilizing the Azure Arc resource bridge, a lightweight Kubernetes VM that connects Azure Stack HCI to Azure Cloud, you can use Azure Arc through the Azure Portal to seamlessly manage your complete cloud-to-edge infrastructure. The resource bridge supports self-servicing and management from Azure for virtualized Windows and Linux VMs hosted in an on-premises environment on Azure Stack HCI as well as legacy and VMware environments. It hosts other components such as custom locations, cluster extensions, and other Azure Arc agents to deliver the level of functionality with the private cloud infrastructures it supports. This complex system is composed of three layers: The base layer that represents the resource bridge and the Arc agents; The platform layer that includes the custom location and cluster extension; and the solution layer (VMs) for each service supported by Arc resource bridge.
3. Expanded Azure Arc VM and AKS on Azure Stack HCI Management
You can manage Azure Stack HCI VMs with role-based access control (RBAC) and Azure command line interface (CLI) found in other Azure services and create and manage Arc VM resources such as VM images, disks, and network interfaces. You can view and access the Azure Arc resource bridge and Custom Location associated with the Azure Stack HCI cluster and provision and manage Arc VM through the Azure portal. It also supports static IP, storage paths, and Azure VM extensions on Arc VMs on Azure Stack HCI.
You can also directly manage AKS on Azure Stack HCI through Azure Arc to create new Kubernetes clusters, using the same familiar Azure tools such as Azure portal, Azure CLI, and Azure Resource Manager.
4. Lifecycle Management with Azure Update Manager
More feature-rich and easier to use than PowerShell or Cluster Aware Updating (CAU) with Azure Stack HCI, Azure Update Manager is an Azure service that allows you to apply, view, and manage updates for each of your Azure Stack HCI cluster nodes across edge deployments or your entire infrastructure within the Azure Portal. You can use the Azure Update Manager summary grid to view the update status and readiness for each cluster, update multiple clusters at the same time, view the status of updates while they’re in progress, and view the results and history of updates once complete. This eliminates all the extra steps and complexities and centralizes updates, making lifecycle management a breeze.
5. Deploying from Azure and Cloud-Based Monitoring with Azure
Manually setting each installation up can be tedious, but Microsoft has made it much easier using the Azure Arc resource bridge, enabling you to deploy and manage Azure Stack HCI 23H2 through the Azure Portal. More feature-rich and streamlined than using Windows Admin Center or PowerShell, you can now deploy Azure Stack HCI through the Azure Portal via three deployment methods: New Configuration, Template spec and Quick Start template. Azure Arc enables you to create templates that help you quickly install, configure, and deploy multiple clusters across your infrastructure. You can also deploy from Azure Resource Manager (ARM) using ARM Deployment and the corresponding Parameters file. This is a big time-saver and ideal for orgs with edge deployments and multi-cluster data centers.
Azure Monitor has also improved, including more logs, alerts, and over sixty standard metrics specifically for Azure Stack HCI 23H2.