Hi everyone, welcome to this week's

Azure update. It's the 10th of April.

Pretty small number of updates this

week, but as usual you can jump to

whichever one you care about the most.

Just one new video this week. It's been

a crazy week and this took a lot of

research and investigation. And it's

really about optimizing Cosmos DB.

Cosmos DB is amazingly powerful,

but there are specific types of skew and

configuration, there's data modeling, so

there's a lot of considerations

to make sure you're optimizing

what you pick as the service, and then

how you pick things like partition keys

and if I want global secondary indexes.

And so I go into all of that detail so

you can make sure you get the most

optimal Cosmos DB environment.

So on to what's new on the computer

side.

So the AKS CNI overlay

for expanding the IP address space has

gone GA.

So the whole point of CNI overlay is it

uses a separate side range from that of

the node. So the node is joined to a

certain subnet, it uses those IP spaces,

and then the pods use a separate IP

space, so it saves from that underlying

node IP space you're using for your

VNet.

Now each node gets assigned a /24

from the side range that's assigned to

the pods. So what I can now do is expand

that pod side address range. I cannot

shrink it. I cannot try and add a

non-contiguous

space to it or add a brand new range,

but I can take the existing range and

expand it. I.e. I could change that pod

side range from a /18 to a /16.

This is only supported for IPv4 side

ranges and Linux nodes only today.

On the Azure function side,

it now has MCP resource triggers in GA.

So the whole goal here is I can host an

MCP server on an Azure function. So

obviously MCP is fantastic for it. It's

a standard way to talk. It's a standard

way for an AI application to basically

ask the MCP server, "Hey look, what are

your capabilities?" The MCP server

reflects back its capabilities, and then

there's a standard way to

translate that and convey that to the

large language model so it can then use

it.

So Azure functions could already expose

tools.

So hey, I want to perform a certain

action, but now it can expose resources,

think about knowledge as well.

So it could now expose static or dynamic

content. So I would now add a resource

trigger for the Azure function so it

respond to the re- source request from

the app.

So my Azure function-based MCP server

can now be more complete in its

functionality offering both tools and

resources, i.e. knowledge.

So for AKS, I can now disable the HTTP

proxy in GA. So the whole goal of HTTP

proxy is, "Hey look, I have outbound

traffic. I need to flow through a

required set of infrastructure, maybe

inspection, maybe it's just limited who

can talk to the internet or whatever

else." I can now disable the HTTP proxy

for an existing cluster. Now, it will

result in a re-image of the nodes,

so you'd want to make sure you're using

things like disruption budgets to ensure

the disruption to the bots pods pods

is controlled, so you're safeguarding

any kind of critical workload.

Still talking about AKS, so there's been

some observability improvements in GA

and specifically thinking about

namespace and workload views of the

data,

well this now can also utilize data from

an Azure monitor workspace. So that's

where it gets data powered by

Prometheus, which has that deep

understanding of Kubernetes.

So now when I'm looking at node,

namespace, workload, pod resource

utilization,

it's going to surface all of that data

in those various views, which is going

to give me a better understanding of

resource utilization, but also then

better enable me to troubleshoot, look

at trends.

Uh the Azure Red Hat OpenShift

clusters and the nodes now support using

skews that are powered by Nvidia H100

and H200 GPUs. So basically what this

now lets me do is, "Hey, I can use those

VM skews with GPUs." So thinking of the

workloads I could run in those clusters,

well anything that uses a GPU, AI

workloads, high performance computing,

anything where those GPU-accelerated

containers would be useful.

On the networking side,

so the Azure Network Watcher now has a

rule impact analysis in preview.

So I hey, I'm going to make some

security admin rules

and I'm going to change them

before they get applied to the

environment, it will help me understand

what the implications are. So I'm going

to be able to look at what the impact

will be of any proposed rule change

before I go and apply it. Maybe I've got

a misconfiguration that will break

everything. So this will help me

understand that before I go ahead and

roll the thing out.

For the network um security perimeter

feature which allows

multiple pass services to be put within

the same perimeter, so then they can all

talk to each other, but also I can

singly configure inbound and outbound

connections to that group of services

within the perimeter,

well I can now include Azure Service Bus

as one of those services that can sit

within the network service perimeter.

Imagine for example I've got my network

um

perimeter with Azure Service Bus and

then Azure Key Vault.

So now it'll be really easy for that

Service Bus to go and talk to the Key

Vault to get the key it's using so I

want to use customer-managed key. So

there's a whole bunch of scenarios this

becomes really useful.

On the storage side,

so Azure Migrate now supports Azure

Files as part of its assessments in

preview. So it can look at your on-prem

SMB or NFS file shares and then evaluate

the suitability and the business case

for migrating them to Azure Files. Azure

Files supports both SMB and NFS over its

various offerings.

So this would also tell you, "Hey, which

skew of Azure Files you should use based

on resiliency requirements, performance

requirements, and obviously, hey, what

region does this need to live in?"

Database,

so there's a consolidation of

maintenance notifications for

PostgreSQL. So if I have multiple

different servers even distributed over

subscriptions within the same region, I

will receive a consolidated notification

of the maintenance for all of the

servers within the region. Previously,

it was a separate message per server, it

got kind of bloated. This really just

improves that usability of the

notifications.

And then PG Bouncer 1.25.1

support is now GA.

PG Bouncer is the connection pooling

capability.

So when I think about scaling the

connections to my server, it exposes

itself on a different port,

but if I have a lot of idle connections,

if I have lots of short-lived

connections, connection pooling makes it

far more scalable for those connections.

And the 1.25.1 update just has a bunch

of performance, uh stability, security,

and protocol improvements. And this will

just it's managed, it's going to go

ahead and hap- happen for you.

And then miscellaneous,

so three new models in public preview

for state-of-the-art

speech transcription

across 25 languages at 50% reduced GPU

compared to existing capabilities.

A high-fidelity speech generation model

can generate 60 seconds of speech in 1

second.

And then Maya Image 2,

which is a high-capability text-to-image

model. So these are out of Microsoft

focusing on very specific scenarios to

hey, light up a whole bunch of different

types of AI

and capabilities you may want. Now

Microsoft Foundry is constantly, I think

every day there's new models being

added, but the GLUE 4.2 is now

available. This is a

general-purpose large language model

that's obviously part of the GLUE 4

family, but it's designed for

reasoning-intensive

real-world problem solving. So I'm just

calling this out as an example of I

think there's nearly like 12,000 models

there, that's one of them.

And Foundry Local went GA.

So this is all about running models on

the local device. Now it's a super light

runtime, but it does all the work to

acquire the model, manage the model,

utilize hardware acceleration on the

local device, so GPUs, MPUs,

and then actually use the model for

inferencing and it uses the ONNX

uh runtime.

It's only about 20 meg gets added to

your app package and it's going to use a

curated model catalog. So it's not going

to expose every model in Foundry, but

they wouldn't run.

It focuses instead on optimized models

for specific use cases, applications

need where I want to run it locally. So

there's a big push today about sort of

hybrid capability where I can, let's use

the capability of the local device, and

then scale and offload certain things to

the cloud.

And

that was it. As always, I hope that was

useful. Till the next video, take care.

>> [snorts]