Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article lists the features and improvements that are available in hyperconverged deployments of Azure Local (formerly Azure Stack HCI). The latest version of Azure Local solution focuses on cloud-based deployment and updates, cloud-based monitoring, a new and simplified experience for Azure Local virtual machine (VM) management, security, and more.
Features and improvements in 2512
The December 2025 release of hyperconverged deployments of Azure Local is version 12.2512.1002.16. For more information, see Release information summary.
This release includes various reliability improvements and other bug fixes.
OS changes:
The 2504 release introduced a new operating system for Azure Local deployments. From 2512 onwards, all the new and existing deployments of Azure Local run the new OS version 26100.7462. You can download the 2512 OS image from the Azure portal.
- You also need a driver that's compatible with OS version 26100.7462 or Windows Server 2025. If a compatible driver isn't available, you can use the 2503 image.
If you purchased Integrated System or Premier solution hardware from the Azure Local Catalog through your preferred Microsoft hardware partner, the OS is preinstalled. Work with your Original Equipment Manufacturer (OEM) to get the OS image that's compatible with 12.2512.1002.16 and a driver that's compatible with OS version 26100.7462 or Windows Server 2025.
.NET updates: This build uses .NET version 8.0.22 for both .NET Runtime and ASP.NET Core. For more information, see Download .NET 8.0.
Simplified cluster registration during deployment: Starting with this release, Azure Local cluster deployments don't use a Service Principal Name (Microsoft Entra ID App) with a self signed certificate. Instead, the cluster uses system-assigned managed identity (SMI) to authenticate itself with Azure. For more information, see Validate and deploy the system via Azure portal.
Support for NVIDIA L-series GPU on AKS on Azure Local (preview): Starting with this release, NVIDIA L-series GPU is supported on Azure Kubernetes Service (AKS) enabled by Azure Arc on Azure Local. This preview feature allows you to run GPU-accelerated workloads on AKS clusters deployed on Azure Local using NVIDIA L-series GPUs.
For more information, see Azure Kubernetes Service (AKS) enabled by Azure Arc.
Documentation updates: The noteworthy changes include the following new articles or articles with major updates:
- SDN upgrade infrastructure guidance is released.
- Azure Stack HCI renaming banners added to the top of the feature overview articles were removed. This change was consistent with Azure portal updates that removed the renaming banners.
Features and improvements in 2511
The November 2025 release of hyperconverged deployments of Azure Local is version 12.2511.1002.502. For more information, see Release information summary.
This release includes the following features and improvements:
OS changes:
The 2504 release introduced a new operating system for Azure Local deployments. From 2511 onwards, all the new and existing deployments of Azure Local run the new OS version 26100.7171. You can download the 2511 OS image from the Azure portal.
- You also need a driver that's compatible with OS version 26100.7171 or Windows Server 2025. If a compatible driver isn't available, use the 2503 image.
If you purchased Integrated System or Premier solution hardware from the Azure Local Catalog through your preferred Microsoft hardware partner, the OS is preinstalled. Work with your Original Equipment Manufacturer (OEM) to get the OS image that's compatible with 12.2511.1002.502 and a driver that's compatible with OS version 26100.7171 or Windows Server 2025.
Build 12.2511.1002.502 improves the reliability of deploy and update admin actions. If you already deployed or updated to 12.2511.1002.5, no further action is needed. Both 12.2511.1002.5 and 12.2511.1002.502 are supported builds.
.NET updates: This build uses .NET version 8.0.22 for both .NET Runtime and ASP.NET Core. For more information, see Download .NET 8.0.
This release includes various reliability improvements and other bug fixes.
Features and improvements in 2510
There are two 2510 releases for October. Here are the details of each release:
| Solution version | OS version |
|---|---|
| 12.2510.1002.94 | 26100.6899 |
| 11.2510.1002.93 | 25398.1913 |
For more information, see Release information summary.
This release includes the following features and improvements:
OS changes:
The 2504 release introduced a new operating system for Azure Local deployments. For 2510, all the new deployments of Azure Local run the new OS version 26100.6899. You can download the 2510 OS image from the Azure portal.
You also need a driver that's compatible with OS version 26100.6899 or Windows Server 2025. If a compatible driver isn't available, you can use the 2503 image.
Existing deployments of Azure Local continue to use OS version 25398.1913. For more information, see Release information summary.
If you purchased Integrated System or Premier solution hardware from the Azure Local Catalog through your preferred Microsoft hardware partner, the OS is preinstalled. Work with your Original Equipment Manufacturer (OEM) to get the OS image that's compatible with 12.2510.1002.94 and a driver that's compatible with OS version 26100.6899 or Windows Server 2025.
.NET updates: This build uses .NET version 8.0.21 for both .NET Runtime and ASP.NET Core. For more information, see Download .NET 8.0.
Azure Local rack aware clustering (Preview): Azure Local now supports rack aware clustering. This Preview feature allows you to define local availability zones based on physical racks in your datacenter, enhancing the resilience of your cluster against rack-level failures. For more information, see Rack aware clustering.
Upgrade: Starting with this release, solution upgrade from 11.2510 to 12.2510 is available to everyone and no longer requires you to opt in.
- If you're already on 11.2510.1002.87, you can apply the OS upgrade to 12.2510.1002.94.
- If you aren't on 11.2510.1002.87, you can update to 11.2510.1002.93 first before applying the upgrade to 12.2510.1002.94.
Azure Local VM updates:
Software Defined Networking (SDN): SDN enabled by Azure Arc on Azure Local is now generally available. This feature allows you to create and manage network security groups (NSGs) and network security rules for your Azure Local VMs, providing enhanced network security and segmentation capabilities.
For more information, see Software Defined Networking (SDN) enabled by Azure Arc.
Trusted Virtual Machine (Trusted VM) guest attestation (Preview) - Azure Local 2510 release introduces guest attestation (also known as boot integrity verification) for Azure Local virtual machines with Trusted launch.
This Preview feature lets you verify that the virtual machine starts in a well known good state by checking the integrity of the entire boot chain. This helps detect any unexpected changes to the boot chain (firmware, OS boot loader, and drivers).
For more information, see Trusted VM guest attestation.
Azure Local deployment using local identity: This feature moved from Limited Preview to Preview. There were many changes made to the documentation for deploying Azure Local using local identity with Azure Key Vault, including:
- Revised instructions for updating Azure Key Vault in Azure Local environments.
- Added a new section on tool compatibility in Azure Local environments configured with Azure Key Vault.
- Added a new FAQ section to address common questions. For more information, see Deploy Azure Local using local identity with Azure Key Vault.
VMware migration to Azure Local - This feature is now generally available. You can migrate your VMware VMs to Azure Local using Azure Migrate. For more information, see Migrate VMware VMs to Azure Local.
OEM image support for registration - OEM images are now supported for registration of Azure Local machines for both proxy and without proxy scenarios. For more information, see Register with Arc gateway and Register without Arc gateway.
Features and improvements in 2509
There are two 2509 releases for September. Here are the details of each release:
| Solution version | OS version |
|---|---|
| 12.2509.1001.22 | 26100.6584 |
| 11.2509.1001.21 | 25398.1849 |
For more information, see Release information summary.
This release includes the following features and improvements:
OS changes:
The 2504 release introduced a new operating system for Azure Local deployments. For 2509, all the new deployments of Azure Local run the new OS version 26100.5074. You can download the 2509 OS image from the Azure portal.
You also need a driver that's compatible with OS version 26100.5074 or Windows Server 2025. If a compatible driver isn't available, you can use the 2503 image.
Existing deployments of Azure Local continue to use OS version 25398.1840. For more information, see Release information summary.
If you purchased Integrated System or Premier solution hardware from the Azure Local Catalog through your preferred Microsoft hardware partner, the OS is preinstalled. Work with your Original Equipment Manufacturer (OEM) to get the OS image that's compatible with 12.2509 and a driver that's compatible with OS version 26100.5074 or Windows Server 2025.
.NET updates: This build uses .NET version 8.0.20 for both .NET Runtime and ASP.NET Core. For more information, see Download .NET 8.0.
Update and upgrade changes: Starting with this release, you can opt in to update the solution version 11.25xx (running OS 25398.xxx) to solution version 12.25xx (running OS 26100.xxxx). For more information, see Opt in update to Azure Local solution versions 12.25x.
Azure Local VM updates:
- Enhanced storage path deletion workflow - Starting with this release, you can view all the dependent resources linked to a storage path before deletion. Azure portal lets you delete both the storage path and its dependent resources in a single, streamlined action, making cleanup faster and more intuitive.
- Live update memory of an Azure Local VM - You can now live update (VM remains running) the memory of a VM. A restart might be required only if the guest OS doesn't support live memory updates.
AKS enabled by Azure Arc changes
- The default OS disk size for the AKS VM is increased from 100 GB to 200 GB. A larger OS disk size offers flexibility on the size of the containerized workloads.
- Starting with this release, the download of Windows VHD images is disabled by default.
Azure Local deployment using local identity include zone name for both external and internal DNS servers.
Documentation updates: The noteworthy changes include the following new articles or articles with major updates:
Upgrade and update docs changes include new articles and major updates to existing articles:
- Opt in update to Azure Local solution versions 12.25x is released.
- Upgrade OS for stretch clusters via PowerShell is released.
- Install solution upgrade on Azure Local using Azure Resource Manager template is released.
- ARM template parameters reference is added.
- Update best practices is released.
Azure Local VM doc changes include:
- Disaster recovery for Azure Local VMs: A new node in TOC Implementing disaster recovery is created consisting of four new articles and one updated article. These articles include Disaster recovery overview, Infrastructure resiliency, Virtual machine resiliency overview, Use Azure Site Recovery, and Workloads resiliency.
- VM images: For Azure Local VMs, two new articles are released including Prepare Ubuntu Azure Marketplace image and Prepare RHEL Azure Marketplace image.
A troubleshooting section is added for issues in Add-server and Repair-server articles.
Features and improvements in 2508
There are two 2508 releases for August. Here are the details of each release:
| Solution version | OS version |
|---|---|
| 12.2508.1001.52 | 26100.4946 |
| 11.2508.1001.51 | 25398.1791 |
For more information, see Release information summary.
This release includes the following features and improvements:
OS changes:
In the 2504 release, Microsoft introduced a new operating system for Azure Local deployments. For 2508, all the new deployments of Azure Local run the new OS version 26100.4946. You can download the 2508 OS image from the Azure portal.
You also need to get the driver compatible with OS version 26100.XXXX or Windows Server 2025. If a compatible driver isn't available, you can use the 2503 image.
Existing deployments of Azure Local continue to use OS version 25398.1791. For more information, see Release information summary.
If you purchased Integrated System or Premier solution hardware from the Azure Local Catalog through your preferred Microsoft hardware partner, the OS is preinstalled. Work with your Original Equipment Manufacturer (OEM) to get the OS image compatible with 12.2508 and driver compatible with OS version 26100.XXXX or Windows Server 2025.
.NET updates: This build uses .NET version 8.0.18 for both .NET Runtime and ASP.NET Core. For more information, see Download .NET 8.0.
Trusted Virtual Machine (Trusted VM) guest attestation: Azure Local 2508 release introduces guest attestation (also known as boot integrity verification) for Azure Local virtual machines with Trusted launch. This feature lets you verify that the virtual machine starts in a well known good state by checking the integrity of the entire boot chain. This process helps detect any unexpected changes to the boot chain (firmware, OS boot loader, and drivers) and take action if it's compromised. For more information, see Trusted VM guest attestation.
Deployment and upgrade changes:
- Starting with this release, Azure Resource Manager (ARM) deployment templates are available for previous releases.
- With this release, preexisting cluster (Brownfield) upgrade scenarios no longer require Service Principal Name (SPN) creation and moved to managed-system identity (MSI).
- This release includes connectivity validators that ensure that external connectivity is available for Arc registration.
Azure Local VM updates:
- Edit DNS servers on logical networks via Azure CLI: Starting with this release, you can modify DNS servers associated with the logical networks for Azure Local virtual machines. For more information, see Manage DNS server configuration on logical networks.
- Save and Pause Azure Local VMs: The ability to save and pause an Azure Local VM is available on the Azure portal. For more information, see Save and Pause Azure Local VMs.
- Limit enforcement: Azure portal now enforces:
- The correct memory and vCPU limits.
- The correct disk size limits.
Disconnected operations (preview): Azure Local now supports disconnected operations, letting you work in environments with limited or no internet connectivity. Build, deploy, and manage virtual machines (VMs) and containerized applications with select Azure Arc-enabled services from a local control plane. You get the familiar Azure portal and Azure Command-Line Interface (CLI) experience.
For more information, see About Disconnected operations (preview).
Documentation updates: These changes include:
- Azure Arc gateway documentation updates: Improved guidance on registering with and without Azure Arc gateway and with and without proxy in an easy to use layout. For more information, see Register with Azure Arc gateway and Register with Azure Arc.
- Upgrade documentation updates: Clarified steps for upgrading from previous versions of Azure Local and an easy to use layout. For more information, see Upgrade OS for Azure Local.
- Azure Local security book: This book was previously available as a pdf and is now available as web content on Learn. For more information, see Azure Local security book.
Features and improvements in 2507
There are two 2507 releases for July. Here are the details of each release:
| Solution version | OS version |
|---|---|
| 12.2507.1001.10 | 26100.4652 |
| 11.2507.1001.9 | 25398.1732 |
For more information, see Release information summary.
This release includes the following features and improvements:
OS changes:
In the 2504 release, Microsoft introduced a new operating system for Azure Local deployments. For 2507, all the new deployments of Azure Local run the new OS version 26100.4652. You can download the 2507 OS image from the Azure portal.
You also need to get the driver compatible with OS version 26100.4652 or Windows Server 2025. If a compatible driver isn't available, you can use the 2503 image.
Existing deployments of Azure Local continue to use OS version 25398.1732. For more information, see Release information summary.
If you purchased Integrated System or Premier solution hardware from the Azure Local Catalog through your preferred Microsoft hardware partner, the OS comes preinstalled. Work with your Original Equipment Manufacturer (OEM) to get the OS image compatible with 12.2507 and driver compatible with OS version 26100.4652 or Windows Server 2025.
.NET updates: This build uses .NET version 8.0.18 for both .NET Runtime and ASP.NET Core. For more information, see Download .NET 8.0.
Features and improvements in 2506
There are two 2506 releases for June. Here are the details of each release:
| Solution version | OS version |
|---|---|
| 12.2506.1001.29 | 26100.4349 |
| 11.2506.1001.28 | 25398.1665 |
For more information, see Release information summary.
This release includes the following features and improvements:
OS changes:
In the 2504 release, Microsoft introduced a new operating system for Azure Local deployments. For 2506, all the new deployments of Azure Local run the new OS version 26100.4349. You can download the 2506 OS image from the Azure portal.
You also need to get the driver compatible with OS version 26100.4349 or Windows Server 2025. If a compatible driver isn't available, you can use the 2503 image.
Existing deployments of Azure Local continue to use OS version 25398.1665. For more information, see Release information summary.
If you purchased Integrated System or Premier solution hardware from the Azure Local Catalog through your preferred Microsoft hardware partner, the OS is preinstalled. Work with your Original Equipment Manufacturer (OEM) to get the OS image compatible with 12.2506 and driver compatible with OS version 26100.4349 or Windows Server 2025.
.NET updates: This build uses .NET version 8.0.17 for both .NET Runtime and ASP.NET Core. For more information, see Download .NET 8.0.
Software-Defined Networking (SDN) enabled by Azure Arc (Preview): Azure Local now supports creating Networking Security Groups (NSGs), configuring Network Security Rules, and assigning them to logical networks and network interfaces. This support provides a consistent networking experience across your cloud and edge environment. For more information, see Software-Defined Networking (SDN) enabled by Azure Arc.
Deployment changes: To ensure consistent validation before you deploy Azure Local, deployment validators for Microsoft On-premises Cloud and Azure resource bridge are now a part of environment checker.
Overprovisioning alert: A warning is shown prior to starting an update if an Azure Local instance is overprovisioned. This alert indicates there's insufficient compute capacity (memory) to live migrate workloads during an update. You must acknowledge this alert before proceeding with an update, as VM workloads are paused due to the lack of available compute or memory capacity.
Security improvements:
New security baseline: The 2506 release introduces a security baseline with 407 evaluated rules, a 25% increase from the previous 324. Key improvements include:
- Over 90% alignment with CIS Azure Compute Windows Baseline and Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) benchmark.
- Enhanced Microsoft Defender Antivirus settings, including Potentially Unwanted Apps (PUA), network inspection, and attack surface reduction rules.
- Additional adjustments tailored for Azure Local.
This release also improves conflict resolution with existing security policies. Instead of disabling drift control system-wide, you can now fine-tune individual settings while maintaining drift control. For more information, see View and download security settings in Azure Local.
To comply with National Institute of Standards and Technology(NIST) 2 guidelines, the minimum required password length when deploying Azure Local is changed to 14 characters.
Archival of Azure Local, version 22H2 documentation: Azure Local, version 22H2 documentation is now archived and available in the Azure previous versions documentation for reference. The archived documentation isn't updated and isn't supported.
Azure Government cloud: The solution update isn't supported for Azure Local instances deployment in Azure Government cloud.
Features and improvements in 2505
There are two 2505 releases for May. Here are the details of each release:
| Solution version | OS version | Deployment |
|---|---|---|
| 12.2505.1001.23 | 26100.4061 | New deployments only. |
| 11.2505.1001.22 | 25398.1611 | Existing deployments only. |
For more information, see Release information summary.
This release includes the following features and improvements:
OS version changes:
In the last release (2504), you saw a new operating system for Azure Local deployments. For 2505, all the new deployments of Azure Local run new OS version 26100.4061. You can download the 2505 OS image from the Azure portal.
You also need to get the driver compatible with Azure Local 12.2505 or Windows Server 2025. If a compatible driver isn't available, you can use the 2503 image.
Existing deployments of Azure Local continue to use OS version 25398.1611. For more information, see Release information summary.
If you purchased Integrated System or Premier solution hardware from the Azure Local Catalog through your preferred Microsoft hardware partner, the OS is preinstalled. Work with your Original Equipment Manufacturer (OEM) to get the OS image compatible with 12.2505 and driver compatible with Azure Local 12.2505 or Windows Server 2025.
.NET updates: This build uses .NET version 8.0.16 for both .NET Runtime and ASP.NET Core. For more information, see Download .NET 8.0.
Update changes: This release includes reliability improvements to the update process. For more information, see Fixed issues in 2505.
Ability to upload logs: You can now upload a Support log package that includes all relevant logs to help Microsoft Support troubleshoot machine problems, directly from the Configurator app. For details, see Upload the Support log package.
Archival of Azure Local, version 22H2 documentation: The archival of Azure Local, version 22H2 documentation is currently in progress and will complete soon. Once archived, the articles are available in the Azure previous versions documentation for reference. The archived documentation isn't updated and isn't supported.
Features and improvements in 2504
Starting with the 2504 release, Microsoft uses a new versioning schema. There are two 2504 releases for April. Here are the details of each release:
| Solution version | OS version | Deployment |
|---|---|---|
| 12.2504.1001.20 | 26100.3775 | New deployments only. |
| 11.2504.1001.19 | 25398.1551 | Existing deployments only. |
For more information, see Release information summary.
This release includes the following features and improvements:
OS version changes:
- Starting with 2504, all new Azure Local deployments use a new operating system (OS) version 26100.3775. You can download the 2504 OS image from the Azure portal. You also need to get the driver compatible with Azure Local 12.2504 or Windows Server 2025. Existing deployments continue to use the OS version 25398.1551. For more information, see Release information summary.
- If you purchase Integrated System or Premier solution hardware from the Azure Local Catalog through your preferred Microsoft hardware partner, the OS is preinstalled. Work with your Original Equipment Manufacturer (OEM) to get the OS image compatible with 12.2504 and driver compatible with Azure Local 12.2504 or Windows Server 2025.
.NET update installations improvements:
- Increased reliability of .NET security update installations.
Registration and deployment changes:
- Starting with this release, you can download a specific version of Azure Local software instead of just the latest version. For each upcoming release, you can choose from up to last six supported versions. For more information, see Download Azure Local software.
- The error logging in the registration script is enhanced.
- Proxy bypass list is now mandatory if a proxy configuration is specified.
Security changes: The Dynamic Root of Trust for Measurement (DRTM) is enabled by default for all new 2504 deployments running OS version 26100.3775. For more information, see Security features for Azure Local.
Azure Local VM changes:
- Data disk expansion: With this release, you can expand the size of a data disk attached to an Azure Local VM. For more information, see Expand the size of a data disk attached to an Azure Local VM.
- Live VM migration with GPU partitioning (GPU-P): You can now live migrate VMs with GPU-P. These VMs must be on the latest NVIDIA virtual GPU v18 drivers to enable live migration with GPU-P. For more information, see Microsoft Azure Local - NVIDIA Docs.
- Documentation changes: An article describing a Comparison of the management capabilities of VMs on Azure was released recently.
Update improvements:
- Improved reliability when downloading updates.
- Added a health check to ensure failover cluster nodes are healthy before starting the update.
- Simplified the Azure portal experience for viewing the progress and history of update runs.
Add and repair node changes:
- For Microsoft images, download the OS image matching the solution version of your existing cluster. See the Release table for the correct version. For OEM images, contact your OEM.
OEM license changes:
- OEM license renamed: Azure Stack HCI OEM license is now known as OEM license for Azure Local. For more information, see OEM license overview and OEM license and billing FAQ.
- OEM license with Windows Server 2025 guest VMs: With the release of 2504, OEM license for Azure Local is available with Windows Server 2025 guest VMs. This license integrates essential services for your cloud infrastructure: Azure Local, and Windows Server Datacenter 2025 Guest rights.
Solution extension improvements:
- Improved error message to fix firewall blocking access to solution extension manifest endpoints.
- Improved reliability of copying solution extension content locally to each machine.
- Added specification of plug-in name in the solution extension.
Billing changes: For deployments running solution version 12.2504.1001.20 and later, the usage record originates from the Azure Local resource in Azure directly. For more information, see Billing and payment.
Archival of Azure Local, version 22H2 documentation: The documentation for version 22H2 is archived by May 31, 2025 and is available in the Azure previous versions documentation for reference. The archived documentation isn't updated and isn't supported.
Observability changes: You can now automatically collect, analyze, and debug Azure services crashes with the crash dump collection feature in Azure Local. For more information, see Crash dump collection.
Features and improvements in 2503
This release includes the following features and improvements:
Preview availability of Azure Government cloud - Azure Local is now available in the US Government regions in preview. Download the latest Azure Stack HCI OS image for Azure Government from OS image. For more information on where Azure Government is supported, see Azure Local supported regions.
The following preview features aren't supported for Azure Local in Azure Government cloud:
Registration and deployment changes
Extension installation: Extensions are no longer installed during the registration of Azure Local machines. Instead, the machine validation step during the Azure Local instance deployment installs the extensions. For more information, see Register with Azure Arc via console and Deploy via Azure portal.
Register via app: You can bootstrap your Azure Local machines by using the Configurator app. The local UI is now deprecated. For more information, see Register Azure Local machines using Configurator app.
- Composed image is now supported for Original Equipment Manufacturers (OEMs).
- Several security enhancements were made for the Bootstrap service.
- Service Principal Name (SPN) is deprecated for Arc registration.
Deployment of current version and previous versions: Starting with this release, you can deploy the current version of Azure Local by using the Azure portal. To deploy a previous version, use an Azure Resource Manager template that matches the version you want to deploy. For more information, see Deploy via ARM template.
Environment checker related changes
- Environment checker is now integrated for connectivity tests.
- Environment checker validates the composed image used for bootstrap.
- Environment checker validates PowerShell modules as per the validated solution recipe in the Pre-Update checks.
Updates and upgrade improvements
- The Solution Builder Extension update now supports both supported and nonsupported SKUs for a given model.
- A tag is added to indicate whether an update is the latest or is superseded.
- HTTP content is now downloaded by using a more resilient service (Download Service).
- OS content is packaged with the release, rather than determining applicable content on the device at runtime. This change minimizes failure points and supports Importing content.
- OS content is installed by using the CAU plug-ins that are shipped with OS.
- Azure Local rebranding changes were made for this update.
- OS update components for Azure Local are distributed as a static payload, so you can import and discover update packages with limited connectivity to Azure. For more information, see Import and discover updates with limited connectivity.
Azure Local VM changes: You can now connect to an Azure Local VM by using the SSH/RDP protocol without the need for line of sight (inside the host network). For more information, see Connect to an Azure Local VM using SSH.
Add and repair node changes: Starting with this release, you must use the OS image of the same solution version as the version running on the existing cluster. For more information on the OS image, see Add a node and Repair a node.
What's new for migration: Documentation for improvements and features for VM migration to Azure Local is now available. For more information, see What's new in migration.
Features and improvements in 2411.3
This release includes the following features and improvements:
- Quality updates - This build contains the latest quality updates and is based on the operating system version 25398.1425.
- Updated .NET version - This build has an updated .NET version 8.0.13.
- New Lifecycle Manager version - Lifecycle Manager version 30.2503.0.854 is released to deploy the 2411.3 build. This new version moves the content download from extension installation to a visible step in validation. This change reduces the overall content download size from a per machine to a one-time download.
For more information on improvements in this release, see the Fixed issues in 2411.3.
Features and improvements in 2411.2
This baseline release has the following features and improvements:
Azure Local VMs - The following improvements are made to VMs in this release:
- Azure Marketplace images: Three new Azure Marketplace images are available in addition to the existing images. For more information, see the List of Azure Marketplace images supported for VMs.
- Live migration: You can use on-premises tools to live migrate Azure Local VMs. For more information, see Live migration of Azure Local VMs.
4-node switchless support documentation - Documentation for 4-node switchless is now available. For more information, see 4-node switchless support.
For more information on improvements in this release, see the Fixed issues in 2411.2.
Features and improvements in 2411.1
This release includes the following features and improvements:
Azure Local VMs - Starting with this release, you can't delete attached resources (network interface, disk) while the associated Azure Local VM is being created. For more information, see Delete a network interface and Delete a data disk.
Updates - This release adds an update precheck to ensure that the solution extension content is copied correctly.
4-node switchless support - Starting with this release, 4-node switchless is supported for Azure Local.
For more information on improvements in this release, see the Fixed issues in 2411.1.
Features and improvements in 2411
This release includes the following features and improvements:
Renaming of Azure Stack HCI to Azure Local - Azure Stack HCI is now a part of Azure Local. Microsoft renamed Azure Stack HCI to Azure Local to communicate a single brand that unifies the entire distributed infrastructure portfolio.
For more information, see Renaming Azure Stack HCI to Azure Local.
Azure Local for Small Form Factor (Preview)- Beginning this release, Azure Local supports a new class of small devices with reduced hardware requirements. These low cost devices are suitable for edge scenarios across the industry horizontals. The devices must meet the Windows Server certification requirements and relaxed requirements from Software Defined Data Center (SDDC) and Windows Server Software-Defined (WSSD) program.
For more information about this Preview feature, see System requirements for Azure Local for small form factor (Preview).
Azure Local for disconnected operations (Preview) - Azure Local is now available for disconnected operations. Disconnected operations for Azure Local enable the deployment and management of Azure Local instances without a connection to the Azure public cloud.
This feature allows you to build, deploy, and manage virtual machines (VMs) and containerized applications using select Azure Arc-enabled services from a local control plane, providing a familiar Azure portal and CLI experience.
For more information about this Preview feature, see Azure Local for Disconnected Operations (Preview).
Deploy Azure Local with Local Identity (Preview) - Starting with this release, you can deploy Azure Local using Local identity with Azure Key Vault. By integrating with Key Vault and using certificate-based authentication, security posture is enhanced and operations continuity is ensured. This approach offers minimal edge infrastructure, a secure secret store, and simplified management by consolidating secrets in a single vault. Additionally, it streamlines deployment by eliminating dependencies on Active Directory systems and simplifying firewall configurations.
For more information about this Preview feature, see Deploy Azure Local with Local Identity and Azure Key Vault (Preview).
Azure Local VM changes: The following changes were made to Azure Local VM management:
Terraform templates for Azure Local VM - Starting with this release, you can create logical networks and Azure Local VMs using Terraform templates.
For more information, see Template to create logical networks and Template to create Azure Local VMs.
Add network interface on static logical network - After the Azure Local VMs are provisioned, you can now add a network interface on a static logical network. To add this network interface, you're required to configure the desired static IP from within the VM.
For more information, see Add a network interface on your Azure Local.
Download data disks - Beginning this release, you can download an Azure managed disk from Azure to your Azure Local instance. You use this disk to create an Azure Local VM image or attach the image to your VMs as needed.
For more information, see Download data disks from Azure to Azure Local.
Security improvements - Starting with this release, the security posture of Azure Local is enhanced with the following improvements:
Security posture following Azure Stack HCI, version 22H2 to Azure Local upgrade - Warnings and guardrails were added in the upgrade flow. Documentation was also updated to reflect the security posture of Azure Local after upgrading from version 22H2.
For more information, see Manage security after upgrading Azure Local from version 22H2.
Improved security baseline compliance - Starting with this release, the security settings on the Azure Local nodes are compared against the security baseline with full accuracy. On the right secured-core hardware, you achieve a 99% compliance score, which you can view in the Azure portal.
For more information, see View security baseline compliance in the Azure portal.
Error-Correcting Code (ECC) memory requirements - Beginning this release, the ECC memory requirements are enforced. If you can't meet the memory and ECC requirements, you can opt for a virtual deployment.
For more information, see System requirements for Azure Local.
AKS on Azure Local - This release has several new features and enhancements for AKS on Azure Local. For more information, see What's new in AKS on Azure Local.
Features and improvements in 2408.2
This release includes the following features and improvements:
Azure Local VM management improvements: Starting with this release, the following improvements are available in the Azure Local VM management experience:
- You can set a proxy configuration for Azure VMs on the portal.
- You can set a SQL Server configuration for Azure VMs on the portal.
- You can now create an image from an Azure VM's OS disk.
- You can now select the virtual switch of a logical network from a dropdown menu.
Features and improvements in 2408.1
This release includes the following features and improvements:
- Environment checker improvements: Starting in this release, the environment checker includes a new validator that checks all storage adapters in each of the nodes.
- Install module version numbers: Starting in this release, the install module version numbers change for Az.Accounts, Az.Resources, and Az.ConnectedMachine. For more information, see Register machines with Azure Arc.
- Azure Local VM Management: Starting in this release, you can attach or detach GPUs to an Azure Local VM via CLI for GPU-P (preview) and DDA (preview). For more information, see:
- Improved CLI error messages for deletion of VM network interfaces, data disks, and storage paths that are in use.
- Improved reliability when installing OpenSSH client during solution deployment.
Features and improvements in 2408
This baseline release has the following features and improvements:
Upgrade from Azure Stack HCI, version 22H2 to Azure Local
This release introduces the ability to upgrade your Azure Stack HCI from version 22H2 to Azure Local. The upgrade process supports clusters running version 22H2 with the latest updates and is a two-step process. While the OS upgrade is generally available, the solution upgrade has a phased rollout.
For more information, see Upgrade Azure Local from version 22H2.
Updates changes
This release contains the following changes for updates:
- Revised the names and descriptions of update steps.
- Introduced a health fault alert that raises when the system has available updates.
Azure Local VM management changes
This release contains the following changes for Azure Local VM management:
- Twelve new Azure Marketplace images are available. For more information, see Create Azure Local VM from Azure Marketplace images via Azure CLI.
- Creation of logical networks is blocked if you try to create overlapping IP pools.
- Logical network properties are properly updated. Previously, the logical network sometimes didn't have its properties (vLAN, IP Pools, and so on) filled.
- The vLAN field on a logical network defaults to 0 if you don't specify it.
- You can use either -image or -os-disk-name (but not both) to create a VM from a VHD. Previously, Azure CLI enforced -image as required for the
az stack-hci-vm createcommand.
For more information, see the Fixed issues list in 2408.
SBE changes
This release includes the following changes for SBE:
- Reduced deployment times: Starting in this release, SBE extension interfaces run more efficiently, so Azure Local deployment times are shorter.
- CAU plugin: Starting in this release, SBE extensions use an updated CAU plugin that enhances support for host OS driver updates, addressing problems with drivers that are newer than those in the SBE. This plugin update gives hardware vendors more flexibility for driver version updates in support cases. Microsoft recommends that you install host OS driver updates only through your hardware vendor's SBE.
- Improved error details: Starting in this release, hardware vendor SBE failures or exceptions include the SBE publisher, family, and version at the beginning of the exception string. Provide this information to your hardware vendor to streamline the failure analysis.
Features and improvements in 2405.3
This release is primarily a bug fix release. See the Fixed issues list to understand the bug fixes.
Features and improvements in 2405.2
This release primarily includes bug fixes with a few improvements.
Azure Local VM management improvements: Starting with this release, the following improvements are available for the Azure Local VM management experience:
- You can now view and delete VM network interfaces from the Azure portal.
- You can view Connected devices for logical networks. In the Azure portal, you can go to the logical network and then go to Settings > Connected devices to view the connected devices.
- Deletion of logical networks is blocked if connected devices are present. When you try to delete a logical network from the Azure portal that has connected devices, you see a warning message: Can't delete logical network because it's currently in use. Delete all the resources under Connected Devices setting before you delete the logical network.
- From this release onwards, a new URL needs to be added to the allow list for
stack-hci-vmAzure CLI installation. The URL changed fromhttps://hciarcvmsstorage.blob.core.windows.net/cli-extension/stack_hci_vm-{version}-py3-none-any.whltohttps://hciarcvmsstorage.z13.web.core.windows.net/cli-extensions/stack_hci_vm-{version}-py3-none-any.whl. For more information, see Azure Local firewall requirements.
Update health checks: Starting with this release, a new health check was added and the update service was improved. Additionally, the update service now supports the ability to view or start new updates when the service crashes on machines. Also, multiple health check issues related to Azure Update Manager and Solution Builder Extension Update were fixed.
For more information, see Fixed issues in 2405.2.
Azure Stack HCI OEM license: Starting with this release, Microsoft is introducing the Azure Stack HCI OEM license designed for Azure Local hardware including the Azure Local Premier Solutions, Integrated systems, and Validated Nodes. This license remains valid for the lifetime of the hardware, covers up to 16 cores, and includes three essential services for your cloud infrastructure.
For more information, see Azure Stack HCI OEM license overview and Azure Stack HCI OEM license and billing FAQ.
Features and improvements in 2405.1
This release primarily includes bug fixes with a few improvements.
- Custom storage IPs for add and repair server scenarios: Starting in this release, you can add machines or repair machines to the Azure Local instance by using custom IPs for the storage intent network adapters.
- Improved outbound connectivity check: Starting in this release, the environment checker includes improvements to the outbound connectivity requirement validation.
- Reliability improvements: This release includes reliability improvements for partner health checks implemented in their Solution Builder Extensions.
- Rotation of Arc Resource Bridge service principal credentials: Starting in this release, you can rotate the service principal credentials used by Azure Arc resource bridge.
- Multiple bug fixes related to Updates: This release includes multiple bug fixes related to Updates.
For more information on bug fixes, see the Fixed issues list.
Features and improvements in 2405
Here are the features and improvements in this release.
Deployment changes
Active Directory integration - This release fixes an issue related to the use of a large Active Directory that results in timeouts when adding users to the local administrator group.
New Azure Resource Manager (ARM) template - This release introduces a new ARM template for deployment that simplifies the resource creation dependencies. The new template creation also includes multiple fixes around the missing mandatory fields.
Secret rotation improvements - This release includes improvements to the secret rotation flow.
- The secret rotation PowerShell command
Set-AzureStackLCMUserPasswordnow supports a new parameter to skip the confirmation message. This parameter is useful when automating secret rotation. - Reliability improvements were made around the services not restarting in a timely manner.
- The secret rotation PowerShell command
Solution Builder Extension (SBE) improvements include:
- A new PowerShell command to update the Solution Builder Extension partner property values is provided at the time of deployment.
- Fixing an issue that prevents the update service to respond to requests after a Solution Builder Extension only update run.
Add server and Repair server fixes include:
- An issue that prevents a node from joining Active Directory during the add-server operation.
- Enabling deployment when a disjoint namespace is used.
Reliability enhancements include:
- Changes for Network ATC when setting up the host networking configuration with certain network adapter types.
- Changes when detecting the firmware versions for disk drives.
This release contains a fix for a deployment issue that is encountered when setting the diagnostic level in Azure and the device.
For more information, see the Fixed issues list in 2405.
Updates changes
This release contains the following changes for updates:
Starting with this release, updates use an adjusted naming schema. This schema makes it easier to identify feature updates and cumulative updates.
This release contains reliability improvements:
- For the update notifications for health check results that the device sends to Azure Update Manager. In certain instances, the message size was too large and results weren't shown in the Update Manager.
- For reporting the cluster update progress to the orchestrator.
This release has bug fixes for various problems, including:
- A file lock problem that could cause update failures for the trusted launch VM agent (IGVM).
- A problem that prevented the orchestrator agent from restarting during an update run.
- A rare condition where the update service took a long time to discover or start an update.
- A problem for Cluster-Aware Updating (CAU) interaction with the orchestrator when an update is in progress and CAU reports it.
For more information, see the Fixed issues list in 2405.
Environment checker changes
In this release, the environment checker includes several new checks:
- It ensures the inbox drivers on the physical network adapters aren't in use. You must install the provided OEM or manufacturer latest drivers before deployment.
- It ensures the link speed across physical network adapters on the same intent is identical.
- It ensures RDMA is operational on the storage network adapters before deployment.
- It validates the infrastructure IP addresses defined during deployment have outbound connectivity and can resolve the DNS.
- It ensures the DNS server value isn't empty on the management IP address.
- It makes sure that there's only one IP address on the management network adapter.
- It ensures that the minimum bandwidth required for RDMA storage adapters is at least 10 Gb.
- It checks that the uplink connectivity in any physical network adapters assigned to Network ATC intents is up.
- It improves the ability to handle adapters that don't expose the VLAN ID field correctly.
Observability changes
This release contains the following improvements to observability:
- When starting a log collection, a warning message now advises you to limit the log collection to 24 hours.
- Deployment logs are automatically collected by default.
- The newly added
Test-observabilityfeature validates whether the telemetry and diagnostic data can be successfully sent to Microsoft.
Azure Local VM management changes
- This release contains new documentation that provides guidance on VM image creation starting with a CentOS image or a Red Hat Enterprise Linux (RHEL) image. For more information, see:
Azure portal, extensions, and resource provider changes
Here are the changes related to the Azure portal, extensions, and resource providers:
- In this release, an issue was fixed that prevented showing a failed deployment in the Cluster overview when the deployment is canceled.
- The Retry button in Azure portal is renamed to Resume as the deployment continues from the step that it failed.
- The new clusters deployed in this release have resource locks enabled to protect against accidental deletion.
- This release changes the behavior to not delete the Arc-enabled server resources when the Azure Local resource is deleted.
Security changes
This release includes the following updates to the security documentation:
- The compliance score for Azure Local machine is 281 out of 288 rules even when all the hardware requirements for Secured-core are met. The View security baseline compliance in the Azure portal section now explains the noncompliant rules and the reasons for the current gap.
- The Security Baselines settings have been updated to 315 settings, including six removals and one addition. To view and download the complete list of security settings, see Security Baseline.
- Updated the Application Control section in the Security features for Azure Local article.
Azure Kubernetes Service on Azure Local
For a list of the changes and improvements in AKS on Azure Local, see What's new in Azure Kubernetes on Azure Local?.
Features and improvements in 2402.4
This release is primarily a bug fix release. See the Fixed issues list to understand the bug fixes.
Features and improvements in 2402.3
This release is primarily a bug fix release. See the Fixed issues list to understand the bug fixes.
Features and improvements in 2402.2
This release is primarily a bug fix release with a few enhancements. See the Fixed issues list to understand the bug fixes. Here's the list of enhancements:
- Region expansion - The following new regions are now supported on your Azure Local instance: Southeast Asia, India Central, Canada Central, Japan East, and South Central US. For more information, see Azure Local supported regions.
- Deployment changes - A permission check was added to the Azure portal deployment experience to check for sufficient permissions. For more information, see Deploy via Azure portal.
- Update changes - A notification banner was included in the update experience that informs you when the new updates are available. For more information, see Update your Azure Local instance via the Azure Update Manager.
Features and improvements in 2402.1
This release is primarily a bug fix release. See the Fixed issues list to understand the bug fixes.
Features and improvements in 2402
This section lists the new features and improvements in the 2402 release of Azure Local.
New built in security role
This release introduces a new Azure built-in role called Azure Resource Bridge Deployment Role, to harden the security posture for Azure Local. If you provisioned a cluster before January 2024, assign the Azure Resource Bridge Deployment User role to the Azure Resource Bridge principal.
The role applies the concept of least privilege and must be assigned to the service principal: clustername.arb before you update the cluster.
To take advantage of the constraint permissions, remove the permissions that you applied before. Follow the steps to Assign an Azure RBAC role via the portal. Search for and assign the Azure Resource Bridge Deployment role to the member: <deployment-cluster-name>-cl.arb.
An update health check is also included in this release that confirms that the new role is assigned before you apply the update.
Changes to Active Directory preparation
Starting with this release, the Active Directory preparation process is simplified. You can use your own existing process to create an Organizational Unit (OU), a user account with appropriate permissions, and block Group policy inheritance for the Group Policy Object (GPO). You can also use the Microsoft provided script to create the OU. For more information, see Prepare Active Directory.
Region expansion
Azure Local solution is now supported in Australia. For more information, see Azure Local supported regions.
New documentation for network considerations
We're also releasing new documentation that provides guidance on network considerations for the cloud deployment of Azure Local. For more information, see Network considerations for Azure Local.
Security changes
This release includes the following updates to the security documentation:
- Updates to the documentation for Manage system security with Microsoft Defender for Cloud (preview).
- Updates to the Security Baselines settings to 320 settings, including one removal, three additions, and one change about disabling Dynamic Root of Measurement (DRTM) for new deployments. To view and download the complete list of security settings, see Security Baseline.
- The Azure Local security book.
Features and improvements in 2311.5
This release is primarily a bug fix release. See the Fixed issues list to understand the bug fixes.
Features and improvements in 2311.4
This release is primarily a bug fix release. See the Fixed issues list to understand the bug fixes.
Features and improvements in 2311.3
A new Azure built-in role called Azure Resource Bridge Deployment Role is available to improve the security posture for Azure Local. If you provisioned a cluster before January 2024, assign the Azure Resource Bridge Deployment User role to the Arc Resource Bridge service principal.
The role follows the principle of least privilege. Assign it to the Arc Resource Bridge service principal, clustername.arb, before you update the cluster.
Remove the previously assigned permissions to take advantage of the constraint permission. Follow the steps to Assign an Azure RBAC role via the portal. Search for and assign the Azure Resource Bridge Deployment role to the member: <deployment-cluster-name>-cl.arb.
This release also includes an update health check that confirms the assignment of the new role before applying the update.
Features and improvements in 2311.2 GA
This section lists the new features and improvements in the 2311.2 General Availability (GA) release for Azure Local.
Important
Production workloads are only supported on the Azure Local systems running the generally available 2311.2 release. To run the GA version, start with a new 2311 deployment and then update to 2311.2.
In this generally available release of Azure Local, all the features that were available with the 2311 preview releases are also now generally available. In addition, the following improvements and enhancements are available:
Deployment changes
With this release:
- Deployment supports existing storage accounts.
- The Rerun deployment option becomes available in the cluster Overview page for a failed deployment.
- You can customize network settings such as storage traffic priority, cluster traffic priority, storage traffic bandwidth reservation, jumbo frames, and RDMA protocol.
- You must explicitly start validation via the Start validation button.
For more information, see Deploy via Azure portal.
Add server and repair server changes
- Bug fixes in the Add server and Repair server scenarios. For more information, see the Fixed issues in 2311.2.
Azure Local VM management changes
In this release:
- You can manage guests through Azure CLI. For more information, see Enable guest management.
- Proxy support is added for Azure Local VMs. For more information, see Set up proxy for Azure Local VMs.
- You can select the storage path during the Azure Local VM image creation via the Azure portal. For more information, see Create an Azure Local VM image from Azure Marketplace via the Azure portal.
Migration of Hyper-V VMs to Azure Local (preview)
You can now migrate Hyper-V VMs to Azure Local using Azure Migrate. This feature is currently in preview. For more information, see Migration of Hyper-V VMs using Azure Migrate to Azure Local (preview).
Monitoring changes
In the Azure portal, you can now monitor platform metrics of your cluster by navigating to the Monitoring tab on your cluster's Overview page. This tab offers a quick way to view graphs for different platform metrics. You can select any graph to open it in Metrics Explorer for a more in-depth analysis. For more information, see Monitor Azure Local through the Monitoring tab.
Security via Microsoft Defender for Cloud (preview)
You can now use Microsoft Defender for Cloud to help improve the security posture of your Azure Local environment and protect against existing and evolving threats. This feature is currently in preview. For more information, see Microsoft Defender on Cloud for Azure Local (Preview).
Supported workloads
Starting with this release, the following workloads are generally available on Azure Local:
Azure Kubernetes Service (AKS) on Azure Local. For more information, see Create Kubernetes clusters.
In addition, AKS on HCI has a new CLI extension and Azure portal experience, Support for logical networks, Support for taints and labels, Support for upgrade via Azure CLI, Support for Nvidia A2 and more. For details, see What's new in AKS on Azure Local?.
Azure Virtual Desktops (AVD) on Azure Local. For more information, see Deploy AVD on Azure Local.
Features and improvements in 2311
This section lists the new features and improvements in the 2311 release of Azure Local. Additionally, this section includes features and improvements that were originally released for 2310 starting with cloud-based deployment.
Cloud-based deployment
For machines running Azure Local, release 2311.2, you can perform new deployments via the cloud. You can deploy an Azure Local instance in one of the two ways - via the Azure portal or via an Azure Resource Manager deployment template.
For more information, see Deploy Azure Local instance using the Azure portal and Deploy Azure Local via the Azure Resource Manager deployment template.
Cloud-based updates
This new release has the infrastructure to consolidate all the relevant updates for the OS, software agents, Azure Arc infrastructure, and OEM drivers and firmware into a unified monthly update package. This comprehensive update package is identified and applied from the cloud through the Azure Update Manager tool. Alternatively, you can apply the updates using the PowerShell.
For more information, see Update your Azure Local instance via the Azure Update Manager and Update your Azure Local via the PowerShell.
Cloud-based monitoring
Respond to health alerts
This release integrates the Azure Monitor alerts with Azure Stack HCI so that any health alerts generated within your on-premises Azure Stack HCI system are automatically forwarded to Azure Monitor alerts. You can link these alerts with your automated incident management systems, ensuring timely and efficient response.
For more information, see Respond to Azure Stack HCI health alerts using Azure Monitor alerts.
Monitor metrics
This release also integrates the Azure Monitor metrics with Azure Stack HCI so that you can monitor the health of your Azure Stack HCI system via the metrics collected for compute, storage, and network resources. This integration enables you to store cluster data in a dedicated time-series database that you can use to analyze data from your Azure Stack HCI system.
For more information, see Monitor Azure Stack HCI with Azure Monitor metrics.
Enhanced monitoring capabilities with Insights
By using Insights for Azure Stack HCI, you can monitor and analyze performance, savings, and usage insights about key Azure Stack HCI features, such as ReFS deduplication and compression. To use these enhanced monitoring capabilities, ensure that your cluster is deployed, registered, and connected to Azure, and enrolled in monitoring. For more information, see Monitor Azure Stack HCI features with Insights.
Azure Local VM management
Starting with this release, the following Azure Local VM management capabilities are available:
- Simplified Azure Arc resource bridge deployment. The Azure Arc resource bridge is now deployed as part of the Azure Local deployment. For more information, see Deploy Azure Local instance using the Azure portal.
- New RBAC roles for Azure Local VMs. This release introduces new RBAC roles for Azure Local VMs. For more information, see Manage RBAC roles for Azure Local VMs.
- New Azure consistent CLI. Starting with this preview release, a new consistent command line experience is available to create VM and VM resources such as VM images, storage paths, logical networks, and network interfaces. For more information, see Create Azure Local VMs on Azure Local.
- Support for static IPs. This release adds support for static IPs. For more information, see Create static logical networks on Azure Local.
- Support for storage paths. While default storage paths are created during the deployment, you can also specify custom storage paths for your Azure Local VMs. For more information, see Create storage paths on Azure Local.
- Support for Azure VM extensions on Azure Local VMs. Starting with this preview release, you can also enable and manage the Azure VM extensions that are supported on Azure Arc, on Azure Local VMs. For more information, see Manage VM extensions for Azure Local VMs.
- Trusted launch for Azure Local VMs. Azure Trusted Launch protects VMs against boot kits, rootkits, and kernel-level malware. Starting with this preview release, some of those Trusted Launch capabilities are available for Azure Local VMs. For more information, see Trusted launch for Azure Local VMs.
AKS on Azure Local
Starting with this release, you can run Azure Kubernetes Service (AKS) workloads on your Azure Local system. AKS on Azure Local uses Azure Arc to create new Kubernetes clusters on Azure Local directly from Azure. For more information, see What's new in AKS on Azure Local?
The following Azure Kubernetes cluster deployment and management capabilities are available:
- Simplified infrastructure deployment on Azure Local. In this release, the infrastructure components of Azure Kubernetes on Azure Local including the Azure Arc resource bridge, custom location, and the Azure Kubernetes Extension for the Azure Kubernetes operator, are all deployed as part of the Azure Local deployment. For more information, see Deploy Azure Local instance using the Azure portal (preview).
- Integrated infrastructure upgrade on Azure Local. The whole lifecycle management of Azure Kubernetes infrastructure follows the same approach as the other components on Azure Local. For more information, see Infrastructure component updates for AKS on Azure Local (preview).
- New Azure consistent CLI. Starting with this preview release, a new consistent command line experience is available to create and manage Kubernetes clusters.
- Cloud-based management. You can now create and manage Kubernetes clusters on Azure Local by using familiar tools such as Azure portal and Azure CLI. For more information, see Create Kubernetes clusters using Azure CLI.
- Support for upgrading a Kubernetes cluster using Azure CLI. You can use Azure CLI to upgrade the Kubernetes cluster to a newer version and apply the OS version updates. For more information, see Upgrade an Azure Kubernetes Service (AKS) cluster (preview).
- Support for Azure Container Registry to deploy container images. In this release, you can deploy container images from a private container registry by using Azure Container Registry to your Kubernetes clusters running on Azure Local. For more information, see Deploy from private container registry to on-premises Kubernetes using Azure Container Registry and Azure Kubernetes.
- Support for managing and scaling the node pools. For more information, see Manage multiple node pools in Azure Kubernetes.
- Support for Linux and Windows Server containers. For more information, see Create Windows Server containers.
Security capabilities
The new installations with this release of Azure Local start with a secure-by-default strategy. The new version has a tailored security baseline coupled with a security drift control mechanism and a set of well-known security features enabled by default. This release provides:
- A tailored security baseline with over 300 security settings configured and enforced with a security drift control mechanism. For more information, see Security baseline settings for Azure Local.
- Out-of-box protection for data and network with SMB signing and BitLocker encryption for OS and Cluster Shared Volumes. For more information, see BitLocker encryption for Azure Local.
- Reduced attack surface as Windows Defender Application Control is enabled by default and limits the applications and the code that you can run on the core platform. For more information, see Windows Defender Application Control for Azure Local.
Support for web proxy
This release supports configuring a web proxy for your Azure Local system. Perform this optional configuration if your network uses a proxy server for internet access. For more information, see Configure web proxy for Azure Local.
Removal of GMSA accounts
In this release, the Group Managed Service Accounts (gMSA) created during the Active Directory preparation are removed. For more information, see Prepare Active Directory.
Capacity management
In this release, you can add and remove machines, or repair machines from your Azure Local system via the PowerShell.
For more information, see Add server and Repair server.
ReFS deduplication and compression
This release introduces the Resilient File System (ReFS) deduplication and compression feature designed specifically for active workloads, such as Azure Virtual Desktop (AVD) on Azure Local. Enable this feature using Windows Admin Center or PowerShell to optimize storage usage and reduce cost.
For more information, see Optimize storage with ReFS deduplication and compression in Azure Local.