Azure Stack Development Kit release notes

These release notes provide information about improvements, fixes, and known issues in Azure Stack Development Kit. If you're not sure which version you're running, you can use the portal to check.

Stay up-to-date with what's new in the ASDK by subscribing to the RSS feed.

Build 1.1805.1.47

Tip

Based on customer feedback, there is an update to the version schema in use for Microsoft Azure Stack. Starting with this update, 1805, the new schema better represents the current cloud version.

The version schema is now Version.YearYearMonthMonth.MinorVersion.BuildNumber where the second and third sets indicate the version and release. For example, 1805.1 represents the release to manufacturing (RTM) version of 1805.

New features

This build includes the following improvements and fixes for Azure Stack.

  • Azure Stack now includes a Syslog client as a preview feature. This client allows the forwarding of audit and security logs related to the Azure Stack infrastructure to a Syslog server or security information and event management (SIEM) software that is external to Azure Stack. Currently, the Syslog client only supports unauthenticated UDP connections over default port 514. The payload of each Syslog message is formatted in Common Event Format (CEF).

    To configure the Syslog client, use the Set-SyslogServer cmdlet exposed in the Privileged Endpoint.

    With this preview, you might see the following three alerts. When presented by Azure Stack, these alerts include descriptions and remediation guidance.

    • TITLE: Code Integrity Off
    • TITLE: Code Integrity in Audit Mode
    • TITLE: User Account Created

    While this feature is in preview, it should not be relied upon in production environments.

Fixed issues

  • We fixed the issue that blocked opening a new support request from the dropdown from within the admin portal. This option now works as intended.

  • Various fixes for performance, stability, security, and the operating system that is used by Azure Stack

Known issues

Portal

  • When you select Overview for a storage account in either the admin or user portals, the information from the Essentials pane does not display. The Essentials pane displays information about the account like its Resource group, Location, and Subscription ID. Other options for Overview are accessible, like Services and Monitoring, as well as options to Open in Explorer or to Delete storage account.

    To view the unavailable information, use the Get-azureRMstorageaccount PowerShell cmdlet.

  • When you select Tags for a storage account in either the admin or user portals, the information fails to load and does not display.

    To view the unavailable information, use the Get-AzureRmTag PowerShell cmdlet.

  • Do not use the new administrative subscription types of Metering subscription, and Consumption subscription. These new subscription types were introduced with version 1804 but are not yet ready for use. You should continue to use the Default Provider subscription type.

  • You might not have use of the horizontal scroll bar along the bottom of the admin and user portals. If you can’t access the horizontal scroll bar, use the breadcrumbs to navigate to a previous blade in the portal by selecting the name of the blade you want to view from the breadcrumb list found at the top left of the portal. Breadcrumb

  • Deleting user subscriptions results in orphaned resources. As a workaround, first delete user resources or the entire resource group, and then delete user subscriptions.

  • You cannot view permissions to your subscription using the Azure Stack portals. As a workaround, use PowerShell to verify permissions.

Health and monitoring

  • You might see alerts for the Health controller component that have the following details:

    Alert #1:

    • NAME: Infrastructure role unhealthy
    • SEVERITY: Warning
    • COMPONENT: Health controller
    • DESCRIPTION: The health controller Heartbeat Scanner is unavailable. This may affect health reports and metrics.

    Alert #2:

    • NAME: Infrastructure role unhealthy
    • SEVERITY: Warning
    • COMPONENT: Health controller
    • DESCRIPTION: The health controller Fault Scanner is unavailable. This may affect health reports and metrics.

    Both alerts #1 and #2 can be safely ignored and they'll close automatically over time.

    You might also see the following alert for Capacity. For this alert, the percentage of available memory identified in the description can vary:

    Alert #3:

    • NAME: Low memory capacity
    • SEVERITY: Critical
    • COMPONENT: Capacity
    • DESCRIPTION: The region has consumed more than 80.00% of available memory. Creating virtual machines with large amounts of memory may fail.

    In this version of Azure Stack, this alert can fire incorrectly. If tenant virtual machines continue to deploy successfully, you can safely ignore this alert.

    Alert #3 does not automatically close. If you close this alert Azure Stack will create the same alert within 15 minutes.

  • An Azure Stack operator, if you receive a low memory alert and tenant virtual machines fail to deploy with a Fabric VM creation error, it is possible that the Azure Stack stamp is out of available memory. Use the Azure Stack Capacity Planner to best understand the capacity available for your workloads.

Compute

  • When selecting a virtual machine size for a virtual machine deployment, some F-Series VM sizes are not visible as part of the size selector when you create a VM. The following VM sizes do not appear in the selector: F8s_v2, F16s_v2, F32s_v2, and F64s_v2.
    As a workaround, use one of the following methods to deploy a VM. In each method, you need to specify the VM size you want to use.

    • Azure Resource Manager template: When you use a template, set the vmSize in the template to equal the VM size you want to use. For example, the following entry is used to deploy a VM that uses the F32s_v2 size:

          "properties": {
          "hardwareProfile": {
                  "vmSize": "Standard_F32s_v2"
          },
      
    • Azure CLI: You can use the az vm create command and specify the VM size as a parameter, similar to --size "Standard_F32s_v2".

    • PowerShell: With PowerShell you can use New-AzureRMVMConfig with the parameter that specifies the VM size, similar to -VMSize "Standard_F32s_v2".

  • Scaling settings for virtual machine scale sets are not available in the portal. As a workaround, you can use Azure PowerShell. Because of PowerShell version differences, you must use the -Name parameter instead of -VMScaleSetName.

  • When you create virtual machines on the Azure Stack user portal, the portal displays an incorrect number of data disks that can attach a D series VM. All supported D series VMs can accommodate as many data disks as the Azure configuration.

  • When a VM image fails to be created, a failed item that you cannot delete might be added to the VM images compute blade.

    As a workaround, create a new VM image with a dummy VHD that can be created through Hyper-V (New-VHD -Path C:\dummy.vhd -Fixed -SizeBytes 1 GB). This process should fix the problem that prevents deleting the failed item. Then, 15 minutes after creating the dummy image, you can successfully delete it.

    You can then try to redownload the VM image that previously failed.

  • If provisioning an extension on a VM deployment takes too long, users should let the provisioning time-out instead of trying to stop the process to deallocate or delete the VM.

  • Linux VM diagnostics is not supported in Azure Stack. When you deploy a Linux VM with VM diagnostics enabled, the deployment fails. The deployment also fails if you enable the Linux VM basic metrics through diagnostic settings.

Networking

  • You cannot create user-defined routes in either the admin or user portal. As a workaround, use Azure PowerShell.

  • Under Networking, if you click Create VPN Gateway to set up a VPN connection, Policy Based is listed as a VPN type. Do not select this option. Only the Route Based option is supported in Azure Stack.

  • After a VM is created and associated with a public IP address, you can't disassociate that VM from that IP address. Disassociation appears to work, but the previously assigned public IP address remains associated with the original VM.

    Currently, you must use only new public IP addresses for new VMs you create.

    This behavior occurs even if you reassign the IP address to a new VM (commonly referred to as a VIP swap). All future attempts to connect through this IP address result in a connection to the original VM, and not to the new one.

  • If you raise a Quota limit for a Network resource that is part of an Offer and Plan that is associated with a tenant subscription, the new limit is not applied to that subscription. However, the new limit does apply to new subscriptions that are created after the quota is increased.

    To work around this problem, use an Add-On plan to increase a Network Quota when the plan is already associated with a subscription. For more information, see how to make an add-on plan available.

  • You cannot delete a subscription that has DNS Zone resources or Route Table resources associated with it. To successfully delete the subscription, you must first delete DNS Zone and Route Table resources from the tenant subscription.

  • Azure Stack supports a single local network gateway per IP address. This is true across all tenant subscriptions. After the creation of the first local network gateway connection, subsequent attempts to create a local network gateway resource with the same IP address are blocked.

  • On a Virtual Network that was created with a DNS Server setting of Automatic, changing to a custom DNS Server fails. The updated settings are not pushed to VMs in that Vnet.

  • Azure Stack does not support adding additional network interfaces to a VM instance after the VM is deployed. If the VM requires more than one network interface, they must be defined at deployment time.

SQL and MySQL

  • The database hosting servers must be dedicated for use by the resource provider and user workloads. You cannot use an instance that is being used by any other consumer, including App Services.

  • Special characters, including spaces and periods, are not supported in the Family name when you create a SKU for the SQL and MySQL resource providers.

App Service

  • Users must register the storage resource provider before they create their first Azure Function in the subscription.

  • In order to scale out infrastructure (workers, management, front-end roles), you must use PowerShell as described in the release notes for Compute.

  • App Service can only be deployed into the Default Provider subscription at this time. In a future update, App Service will deploy into the new Metering subscription that was introduced in Azure Stack 1804. When Metering is supported for use, all existing deployments will be migrated to this new subscription type.

Usage

  • Usage Public IP address usage meter data shows the same EventDateTime value for each record instead of the TimeDate stamp that shows when the record was created. Currently, you can’t use this data to perform accurate accounting of public IP address usage.

Build 20180513.1

New features

This build includes the following improvements and fixes for Azure Stack.

  • New administrative subscriptions. With 1804 there are two new subscription types available in the portal. These new subscription types are in addition to the Default Provider subscription and visible with new Azure Stack installations beginning with version 1804. Do not use these new subscription types with this version of Azure Stack. We will announce the availability to use these subscription types in with a future update.

    These new subscription types are visible, but part of a larger change to secure the Default Provider subscription, and to make it easier to deploy shared resources, like SQL Hosting servers.

    The three subscription types now available are:

    • Default Provider subscription: Continue to use this subscription type.
    • Metering subscription: Do not use this subscription type.
    • Consumption subscription: Do not use this subscription type

Fixed issues

  • In the admin portal, you no longer have to refresh the Update tile before it displays information.

  • You can now use the admin portal to edit storage metrics for Blob service, Table service, and Queue service.

  • Under Networking, when you click Connection to set up a VPN connection, Site-to-site (IPsec) is now the only available option.

  • Various fixes for performance, stability, security, and the operating system that is used by Azure Stack

Additional releases timed with this update

The following are now available, but don't require Azure Stack update 1804.

  • Update to the Microsoft Azure Stack System Center Operations Manager Monitoring Pack. A new version (1.0.3.0) of the Microsoft System Center Operations Manager Monitoring Pack for Azure Stack is available for download. With this version, you can use Service Principals when you add a connected Azure Stack deployment. This version also features an Update Management experience that allows you to take remediation action directly from within Operations Manager. There are also new dashboards that display resource providers, scale units, and scale unit nodes.

  • New Azure Stack Admin PowerShell Version 1.3.0. Azure Stack PowerShell 1.3.0 is now available for installation. This version provides commands for all Admin resource providers to manage Azure Stack. With this release, some content will be deprecated from the Azure Stack Tools GitHub repository.

    For installation details, follow the instructions or the help content for Azure Stack Module 1.3.0.

  • Initial release of Azure Stack API Rest Reference. The API reference for all Azure Stack Admin resource providers is now published.

Known issues

Portal

  • The ability to open a new support request from the dropdown from within the administrator portal isn’t available. Instead, use the following link:

  • You might not have use of the horizontal scroll bar along the bottom of the admin and user portals. If you can’t access the horizontal scroll bar, use the breadcrumbs to navigate to a previous blade in the portal by selecting the name of the blade you want to view from the breadcrumb list found at the top left of the portal. Breadcrumb

  • Deleting user subscriptions results in orphaned resources. As a workaround, first delete user resources or the entire resource group, and then delete user subscriptions.

  • You cannot view permissions to your subscription using the Azure Stack portals. As a workaround, use PowerShell to verify permissions.

  • In the admin portal, you might see a critical alert for the Microsoft.Update.Admin component. The Alert name, description, and remediation all display as:

    • ERROR - Template for FaultType ResourceProviderTimeout is missing.

    This alert can be safely ignored.

Health and monitoring

  • You might see alerts for the Health controller component that have the following details:

    Alert #1:

    • NAME: Infrastructure role unhealthy
    • SEVERITY: Warning
    • COMPONENT: Health controller
    • DESCRIPTION: The health controller Heartbeat Scanner is unavailable. This may affect health reports and metrics.

    Alert #2:

    • NAME: Infrastructure role unhealthy
    • SEVERITY: Warning
    • COMPONENT: Health controller
    • DESCRIPTION: The health controller Fault Scanner is unavailable. This may affect health reports and metrics.

    Both alerts can be safely ignored. They will close automatically over time.

Marketplace

  • Users can browse the full marketplace without a subscription, and can see administrative items like plans and offers. These items are non-functional to users.

Compute

  • Scaling settings for virtual machine scale sets are not available in the portal. As a workaround, you can use Azure PowerShell. Because of PowerShell version differences, you must use the -Name parameter instead of -VMScaleSetName.

  • When you create virtual machines on the Azure Stack user portal, the portal displays an incorrect number of data disks that can attach to a DS series VM. DS series VMs can accommodate as many data disks as the Azure configuration.

  • When a VM image fails to be created, a failed item that you cannot delete might be added to the VM images compute blade.

    As a workaround, create a new VM image with a dummy VHD that can be created through Hyper-V (New-VHD -Path C:\dummy.vhd -Fixed -SizeBytes 1 GB). This process should fix the problem that prevents deleting the failed item. Then, 15 minutes after creating the dummy image, you can successfully delete it.

    You can then try to redownload the VM image that previously failed.

  • If provisioning an extension on a VM deployment takes too long, users should let the provisioning time-out instead of trying to stop the process to deallocate or delete the VM.

  • Linux VM diagnostics is not supported in Azure Stack. When you deploy a Linux VM with VM diagnostics enabled, the deployment fails. The deployment also fails if you enable the Linux VM basic metrics through diagnostic settings.

Networking

  • Under Networking, if you click Create VPN Gateway to set up a VPN connection, Policy Based is listed as a VPN type. Do not select this option. Only the Route Based option is supported in Azure Stack.

  • After a VM is created and associated with a public IP address, you can't disassociate that VM from that IP address. Disassociation appears to work, but the previously assigned public IP address remains associated with the original VM.

    Currently, you must use only new public IP addresses for new VMs you create.

    This behavior occurs even if you reassign the IP address to a new VM (commonly referred to as a VIP swap). All future attempts to connect through this IP address result in a connection to the original VM, and not to the new one.

  • If you raise a Quota limit for a Network resource that is part of an Offer and Plan that is associated with a tenant subscription, the new limit is not applied to that subscription. However, the new limit does apply to new subscriptions that are created after the quota is increased.

    To work around this problem, use an Add-On plan to increase a Network Quota when the plan is already associated with a subscription. For more information, see how to make an add-on plan available.

  • You cannot delete a subscription that has DNS Zone resources or Route Table resources associated with it. To successfully delete the subscription, you must first delete DNS Zone and Route Table resources from the tenant subscription.

  • Azure Stack supports a single local network gateway per IP address. This is true across all tenant subscriptions. After the creation of the first local network gateway connection, subsequent attempts to create a local network gateway resource with the same IP address are blocked.

  • On a Virtual Network that was created with a DNS Server setting of Automatic, changing to a custom DNS Server fails. The updated settings are not pushed to VMs in that Vnet.

  • Azure Stack does not support adding additional network interfaces to a VM instance after the VM is deployed. If the VM requires more than one network interface, they must be defined at deployment time.

SQL and MySQL

  • The database hosting servers must be dedicated for use by the resource provider and user workloads. You cannot use an instance that is being used by any other consumer, including App Services.

  • Special characters, including spaces and periods, are not supported in the Family name when you create a SKU for the SQL and MySQL resource providers.

App Service

  • Users must register the storage resource provider before they create their first Azure Function in the subscription.

  • In order to scale out infrastructure (workers, management, front-end roles), you must use PowerShell as described in the release notes for Compute.

Usage

  • Usage Public IP address usage meter data shows the same EventDateTime value for each record instead of the TimeDate stamp that shows when the record was created. Currently, you can’t use this data to perform accurate accounting of public IP address usage.

Downloading Azure Stack Tools from GitHub

  • When using the invoke-webrequest PowerShell cmdlet to download the Azure Stack tools from Github, you receive an error:

    • invoke-webrequest : The request was aborted: Could not create SSL/TLS secure channel.

    This error occurs because of a recent GitHub support deprecation of the Tlsv1 and Tlsv1.1 cryptographic standards (the default for PowerShell). For more information, see Weak cryptographic standards removal notice.

Build 20180302.1

New features and fixes

The new features and fixes released for Azure Stack integrated systems version 1803 apply to the Azure Stack Development Kit. See the new features and fixed issues sections of the Azure Stack 1803 update release notes for details.

Important

Some of the items listed in the new features and fixed issues sections are relevant only to Azure Stack integrated systems.

Changes

  • The way to change the state of a newly created offer from private to public or decommissioned has changed. For more information, see Create an offer.

Known issues

Portal

  • The ability to open a new support request from the dropdown from within the administrator portal isn’t available. Instead, use the following link:

  • In the admin portal, it is not possible to edit storage metrics for Blob service, Table service, or Queue service. When you go to Storage, and then select the blob, table, or queue service tile, a new blade opens that displays a metrics chart for that service. If you then select Edit from the top of the metrics chart tile, the Edit Chart blade opens but does not display options to edit metrics.

  • You see an Activation Required warning alert that advises you to register your Azure Stack Development Kit. This behavior is expected.

  • Deleting user subscriptions results in orphaned resources. As a workaround, first delete user resources or the entire resource group, and then delete user subscriptions.

  • You cannot view permissions to your subscription using the Azure Stack portals. As a workaround, use PowerShell to verify permissions.

  • In the dashboard of the admin portal, the Update tile fails to display information about updates. To resolve this issue, click on the tile to refresh it.

  • In the admin portal, you might see a critical alert for the Microsoft.Update.Admin component. The Alert name, description, and remediation all display as:

    • ERROR - Template for FaultType ResourceProviderTimeout is missing.

    This alert can be safely ignored.

  • In both the admin portal and user portal, the Overview blade fails to load when you select the Overview blade for storage accounts that were created with an older API version (example: 2015-06-15).

    As a workaround, use PowerShell to run the Start-ResourceSynchronization.ps1 script to restore access to the storage account details. The script is available from GitHub, and must run with service administrator credentials on the development kit host if you use the ASDK.

  • The Service Health blade fails to load. When you open the Service Health blade in either the admin or user portal, Azure Stack displays an error and does not load information. This is expected behavior. Although you can select and open Service Health, this feature is not yet available but will be implemented in a future version of Azure Stack.

Health and monitoring

  • You might see alerts for the Health controller component that have the following details:

    Alert #1:

    • NAME: Infrastructure role unhealthy
    • SEVERITY: Warning
    • COMPONENT: Health controller
    • DESCRIPTION: The health controller Heartbeat Scanner is unavailable. This may affect health reports and metrics.

    Alert #2:

    • NAME: Infrastructure role unhealthy
    • SEVERITY: Warning
    • COMPONENT: Health controller
    • DESCRIPTION: The health controller Fault Scanner is unavailable. This may affect health reports and metrics.

    Both alerts can be safely ignored. They will close automatically over time.

  • In the Azure Stack admin portal, you might see a critical alert with the name Pending external certificate expiration. This alert can be safely ignored and does affect operations of the Azure Stack Development Kit.

Marketplace

  • Users can browse the full marketplace without a subscription, and can see administrative items like plans and offers. These items are non-functional to users.

Compute

  • Scaling settings for virtual machine scale sets are not available in the portal. As a workaround, you can use Azure PowerShell. Because of PowerShell version differences, you must use the -Name parameter instead of -VMScaleSetName.

  • When you create virtual machines on the Azure Stack user portal, the portal displays an incorrect number of data disks that can attach to a DS series VM. DS series VMs can accommodate as many data disks as the Azure configuration.

  • When a VM image fails to be created, a failed item that you cannot delete might be added to the VM images compute blade.

    As a workaround, create a new VM image with a dummy VHD that can be created through Hyper-V (New-VHD -Path C:\dummy.vhd -Fixed -SizeBytes 1 GB). This process should fix the problem that prevents deleting the failed item. Then, 15 minutes after creating the dummy image, you can successfully delete it.

    You can then try to redownload the VM image that previously failed.

  • If provisioning an extension on a VM deployment takes too long, users should let the provisioning time-out instead of trying to stop the process to deallocate or delete the VM.

  • Linux VM diagnostics is not supported in Azure Stack. When you deploy a Linux VM with VM diagnostics enabled, the deployment fails. The deployment also fails if you enable the Linux VM basic metrics through diagnostic settings.

Networking

  • Under Networking, if you click Connection to set up a VPN connection, VNet-to-VNet is listed as a possible connection type. Do not select this option. Currently, only the Site-to-site (IPsec) option is supported.

  • After a VM is created and associated with a public IP address, you can't disassociate that VM from that IP address. Disassociation appears to work, but the previously assigned public IP address remains associated with the original VM.

    Currently, you must use only new public IP addresses for new VMs you create.

    This behavior occurs even if you reassign the IP address to a new VM (commonly referred to as a VIP swap). All future attempts to connect through this IP address result in a connection to the original VM, and not to the new one.

  • Azure Stack supports a single local network gateway per IP address. This is true across all tenant subscriptions. After the creation of the first local network gateway connection, subsequent attempts to create a local network gateway resource with the same IP address are blocked.

  • On a Virtual Network that was created with a DNS Server setting of Automatic, changing to a custom DNS Server fails. The updated settings are not pushed to VMs in that Vnet.

  • Azure Stack does not support adding additional network interfaces to a VM instance after the VM is deployed. If the VM requires more than one network interface, they must be defined at deployment time.

SQL and MySQL

  • It can take up to one hour before users can create databases in a new SQL or MySQL SKU.

  • The database hosting servers must be dedicated for use by the resource provider and user workloads. You cannot use an instance that is being used by any other consumer, including App Services.

  • Special characters, including spaces and periods, are not supported in the Family or Tier names when you create a SKU for the SQL and MySQL resource providers.

App Service

  • Users must register the storage resource provider before they create their first Azure Function in the subscription.

  • In order to scale out infrastructure (workers, management, front-end roles), you must use PowerShell as described in the release notes for Compute.

Usage

  • Usage Public IP address usage meter data shows the same EventDateTime value for each record instead of the TimeDate stamp that shows when the record was created. Currently, you can’t use this data to perform accurate accounting of public IP address usage.

Downloading Azure Stack Tools from GitHub

  • When using the invoke-webrequest PowerShell cmdlet to download the Azure Stack tools from Github, you receive an error:

    • invoke-webrequest : The request was aborted: Could not create SSL/TLS secure channel.

    This error occurs because of a recent GitHub support deprecation of the Tlsv1 and Tlsv1.1 cryptographic standards (the default for PowerShell). For more information, see Weak cryptographic standards removal notice.

    To resolve this issue, add [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 to the top of the script to force the PowerShell console to use TLSv1.2 when downloading from GitHub repositories.