What’s New in Azure Stack HCI, version 22H2

Applies to: Azure Stack HCI, versions 22H2 and 21H2; Windows Server 2022

This article explains key differences between Azure Stack HCI and Windows Server and provides guidance about when to use each. Both products are actively supported and maintained by Microsoft. Many organizations choose to deploy both as they are intended for different and complementary purposes.

When to use Azure Stack HCI

Azure Stack HCI is Microsoft’s premier hyperconverged infrastructure platform for running VMs or virtual desktops on-premises with connections to Azure hybrid services. Azure Stack HCI can help to modernize and secure your datacenters and branch offices and achieve industry-best performance with low latency and data sovereignty.[/vc_column_text][vc_column_text]This article lists the various features and improvements that are available in Azure Stack HCI, version 22H2. This article also describes the Azure Stack HCI, Supplemental Package that can be deployed in conjunction with Azure Stack HCI, version 22H2 OS.

Azure Stack HCI, version 22H2 is the latest version of the operating system available for the Azure Stack HCI solution and focuses on Network ATC v2 improvements, storage replication compression, Hyper-V live migration, and more. Additionally, a preview version of Azure Stack HCI, Supplemental Package, is now available that can be deployed on servers running version 22H2 OS.

You can also join the Azure Stack HCI preview channel to test out features for future versions of the Azure Stack HCI operating system. For more information, see Join the Azure Stack HCI preview channel.

The following sections briefly describe the various features and enhancements in Azure Stack HCI, Supplemental Package and in Azure Stack HCI, version 22H2.

Important: This feature is currently in PREVIEW. See the Supplemental Terms of Use for Microsoft Azure Previews for legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.

Azure Stack HCI, Supplemental Package (preview)

Azure Stack HCI, Supplemental Package is now available to be deployed on servers running Azure Stack HCI, version 22H2 OS. This package contains a brand new deployment tool that allows for an interactive deployment, new security capabilities, an Azure Stack HCI Environment Checker tool that will validate connectivity, hardware, identity and networking prior to deployment, and a unified log collection experience.

New deployment tool (preview)

For servers running Azure Stack HCI, version 22H2 OS, you can perform new deployments using the Azure Stack HCI, Supplemental Package (preview). You can deploy an Azure Stack HCI cluster via a brand new deployment tool in one of the three ways – interactively, using an existing configuration file, or via PowerShell.

Important: When you try out this new deployment tool, make sure that you do not run production workloads on systems deployed with the Supplemental Package while it’s in preview even with the core operating system Azure Stack HCI 22H2 being generally available. Microsoft Customer Support will supply support services while in preview, but service level agreements available at GA do not apply.

You can download the Supplemental Package here:

Azure Stack HCI Supplemental Package componentDownload URLDescription
BootstrapCloudDeploymentTool.ps1DownloadScript to extract content and launch the deployment tool. When this script is run with the -ExtractOnly parameter, it will extract the zip file but not launch the deployment tool.
CloudDeployment.zipDownloadAzure Stack HCI, version 22H2 content, such as images and agents.
Verify-CloudDeployment.ps1DownloadHash used to validate the integrity of zip file.

To learn more about the new deployment methods, see Deployment overview.

New security capabilities (preview)

The new installations with Azure Stack HCI, Supplemental Package release start with a secure-by-default strategy. The new version has a tailored security baseline coupled with a security drift control mechanism and a set of well-known security features enabled by default.

To summarize, this release provides:

  • A tailored security baseline with over 200 security settings configured and enforced with a security drift control mechanism that ensures the cluster always starts and remains in a known good security state.

The security baseline enables you to closely meet the Center for Internet Security (CIS) Benchmark, Defense Information Systems Agency Security Technical Implementation Guides (DISA STIG), Common Criteria, and Federal Information Processing Standards (FIPS) requirements for the OS and Azure Compute Security baselines.

For more information, see Security baseline settings for Azure Stack HCI.

  • Improved security posture achieved through a stronger set of protocols and cipher suites enabled by default.
  • Secured-Core Server that achieves higher protection by advancing a combination of hardware, firmware, and driver capabilities. For more information, see What is Secured-core server?
  • Out-of-box protection for data and network with SMB signing and BitLocker encryption for OS and Cluster Shared Volumes. For more information, see BitLocker encryption for Azure Stack HCI.
  • Reduced attack surface as Windows Defender Application Control is enabled by default and limits the applications and the code that you can run on the core platform. For more information, see Windows Defender Application Control for Azure Stack HCI.

 

New Azure Stack HCI Environment Checker tool (preview)

Azure Stack HCI Environment Checker is a standalone, PowerShell tool that you can use prior to even ordering hardware to validate connectivity readiness.

For new deployments using the supplemental package, the environment checker automatically validates internet connectivity, hardware, identity and networking on all the nodes of your Azure Stack HCI cluster. The tool also returns a Pass/Fail status for each test, and saves a log file and a detailed report file.

To get started, you can download this free tool . For more information, see Assess your environment for deployment readiness.

Azure Stack HCI, version 22H2

The following sections briefly describe the various features and enhancements in Azure Stack HCI, version 22H2.

Network ATC v2 improvements

In this release, the Network ATC has several new features and improvements:

  • Network symmetry. Network ATC automatically checks for and validates network symmetry across all adapters (on each node) in the same intent – specifically the make, model, speed, and configuration of your selected adapters.
  • Storage automatic IP assignment. Network ATC automatically identifies available IPs in our default subnets and assigns those addresses to your storage adapters.
  • Scope detection. Network ATC automatically detects if you’re configuring a cluster node, so no need to add the -ClusterNameor -ComputerName parameter in your commands.
  • Contextual cluster network naming. Network ATC understands how you’ll use cluster networks and names them more appropriately.
  • Live Migration optimization. Network ATC intelligently manages:
    • Maximum simultaneous live migrations– Network ATC ensures that the maximum recommended value is configured and maintained across all cluster nodes.
    • Best live migration network– Network ATC determines the best network for live migration and automatically configures your system.
    • Best live migration transport– Network ATC selects the best algorithm for SMB, compression, and TCP given your network configuration.
    • Maximum SMB (RDMA) bandwidth– If SMB (RDMA) is used, Network ATC determines the maximum bandwidth reserved for live migration to ensure that there’s enough bandwidth for Storage Spaces Direct.
  • Proxy configuration. Network ATC can configure all server nodes with the same proxy information as needed for your environment. This action provides one-time configuration for all current and future server nodes.
  • Stretched cluster support. Network ATC configures all storage adapters used by Storage Replica in stretched cluster environments. However, since such adapters need to route across subnets, Network ATC can’t assign any IP addresses to them, so you’ll still need to assign these addresses yourselves.
  • Post-deployment VLAN modification. You can use the new Set-NetIntentcmdlet in Network ATC to modify VLAN settings just as you would if you were using the Add-NetIntent No need to remove and then add the intents again when changing VLANs.

For more information, see the blog on Network ATC v2 improvements.

 

Storage Replica compression

This release includes the Storage Replica compression feature for data transferred between the source and destination servers. This new functionality compresses the replication data from the source system, which is transferred over the network, decompressed, and then saved on the destination. The compression results in fewer network packets to transfer the same amount of data, allowing for higher throughput and lower network utilization, which in turn results in lower costs for metered networks.

There are no changes to the way you create replica groups and partnerships. The only change is a new parameter that can be used with the existing Storage Replica cmdlets.

You specify compression when the group and the partnership are created. Use the following cmdlets to specify compression: