A few weeks ago, Dell Technologies announced a new release of Dell APEX Cloud Platform for Microsoft Azure that introduced a multitude of new features as well as support for Microsoft Azure Stack HCI version 23H2. Today, we are announcing the availability of a new architectural option for Dell APEX Cloud Platform for Microsoft Azure customers – extending the Azure Stack HCI storage fabric to Dell PowerFlex software-defined storage

Dell APEX Cloud Platform for Microsoft Azure has an architecture designed around common building blocks for compute, software-defined storage, and automated management and operations.

Figure 1. Dell APEX Cloud Platforms common infrastructure

The new capability offers customers the unique advantage of having the flexibility to utilize Microsoft Storage Spaces Direct (S2D) alongside Dell PowerFlex, Dell Technologies’ enterprise-class software-defined storage option. APEX Cloud Platform for Azure is the only offer in the Microsoft Premier Solutions for Azure Stack HCI category that supports linear scaling of storage independently from Azure Stack HCI resources. APEX Cloud Platform for Azure with PowerFlex utilizes PowerFlex storage nodes for block storage. Any of the Dell PowerFlex product variants—rack, appliance, or custom node—can be utilized to satisfy the solution. PowerFlex provides a multitude of essential features:

• Ability to host a wide range of business workloads, including:
  • Mission-critical databases and applications that require high transactional performance and low latency
  • Applications that require consistent I/O performance, such as those used for streaming, ingestion, and reporting transactions within AI and data analytics environments
• Highly-available platform at six 9s (99.9999%), which translates to just 31.5 seconds of platform downtime a year. On top of that resiliency, the platform incorporates exceptionally fast rebuild and rebalance operations.
• Modular scale-out architecture, built to support exponential data growth

This new storage option, designed to co-exist with—not replace—Microsoft S2D, has been tested in a proof of concept by both Dell Technologies and Microsoft engineering teams, ensuring that the solution supports the uses cases and features described previously.

“As we continue to innovate and empower our customers with cutting-edge solutions, the partnership with Dell and Microsoft is paramount. With the Dell APEX Cloud Platform for Microsoft Azure, customers gain great flexibility and simplicity by leveraging Microsoft Storage Spaces Direct alongside Dell’s enterprise-class software defined block storage. By integrating Microsoft Azure Stack HCI with Dell software-defined block storage, this solution gives businesses the autonomy to deploy workloads across on-premises and in the Azure cloud.” – Meena Gowdar, Group Principal PM Manager, Azure Edge and Platform, at Microsoft.

The architecture of the tested solution is illustrated in the following figure:

Figure 2. Dell APEX Cloud Platform for Microsoft Azure with Dell PowerFlex high-level architecture

As you can see in Figure 2, the components of a Microsoft S2D-only option overlap completely with the option integrating Dell PowerFlex custom nodes.

This architecture has been designed with the following principles in mind:

• High availability – designed to avoid single points of failure in the compute, storage, and networking domains
• Scalability – enabling you to size the infrastructure accordingly to meet initial deployment demands while also allowing infrastructure assets to grow as demand scales up
• Manageability – leveraging a set of familiar tools to manage the environment
• Simplicity – providing a seamless experience for presenting this new external storage to Azure Stack HCI for IT administrators already familiar with S2D

Tested configuration

The Dell Technologies engineering team performed the testing and validation of the PowerFlex storage configuration using the following building blocks:

• Eight MC-760 HCI nodes
• Eight Dell PowerFlex R760 custom nodes

This was deployed and connected as shown in the following figure:

Figure 3. Dell SDS validated configuration

Note: A fully-supported Dell Validated Design will be available at a later date, providing a more complete set of guidance for configuration, deployment, and design.

To learn more, read the detailed architectural white paper, Enabling Mission Critical Workloads on APEX Cloud Platform for Azure with Dell PowerFlex.

For more information on Dell APEX Cloud Platform for Microsoft Azure, please check the Resources section.

Resources

• Enabling Mission Critical Workloads on APEX Cloud Platform for Azure with Dell PowerFlex
• YouTube Playlists about Dell APEX Cloud Platform for Microsoft Azure:
  • https://www.youtube.com/playlist?list=PL2nlzNk2-VMEkNM7E8m0ia_lLHWlOuT5h
  • https://www.youtube.com/playlist?list=PL2nlzNk2-VMEGiaf2rK4AZ9kOHumGXm0v
• White papers, blogs, videos, and interactive demos about APEX Cloud Platforms
• Dell APEX Cloud Platform for Microsoft Azure main product page
• Dell APEX Cloud Platform for Microsoft Azure Support site with official user manuals and guides

Author: William Leslie, Director, Cloud Platform Technical Marketing

X: @williamleslie8

Some background

In September 2023, we officially released Dell APEX Cloud Platform for Microsoft Azure, the first offer in the market for Premier Solutions for Microsoft Azure Stack HCI.

Collaboratively built with Microsoft, this new platform extends and optimizes Azure Hybrid Cloud to on-premises, delivering three fundamental benefits:

• Simplifying deployment and operations
• Accelerating application modernization
• Optimizing workload placement

Figure 1. Dell APEX Cloud Platform for Microsoft Azure Architecture

The innovation at Dell Technologies never stops. We are constantly developing and improving our products, and we have just launched our first update to the platform. Briefly, this release introduces and enhances:

• New Features:
  • Azure Stack HCI, version 23H2
  • Single-node expansion to a 2-node cluster
  • Convert 2-node switchless storage network cluster to 2-node switched storage
• ACP foundation software improvements:
  • Day 0/1 Operations (Automated cluster deployment up to 16 nodes, JSON file upload, Day 1 RESTful APIs)
  • Day 2 Operations (GUI for drive add/replace, GUI for node repair/replace)
• Integrations:
  • Serviceability (Add ESE/RSC logs to support log bundle collection)
  • Azure Update Manager
  • Event Monitoring for Dell APEX Cloud Platform for Microsoft Azure

Check out those updates in greater detail in these blogs: What's New with the Dell APEX Cloud Platform for Microsoft Azure March 2024 Release and Dell Technologies First to Deliver Azure Stack HCI 23H2.

In this blog, we want to put the spotlight on one particularly significant, useful, and easy to consume new capability – Event Monitoring for Dell APEX Cloud Platform for Microsoft Azure.

Event Monitoring for Dell APEX Cloud Platform for Microsoft Azure

Dell APEX Cloud Platform for Microsoft Azure seamlessly integrates with Microsoft’s Azure Portal, providing the ability to monitor events generated on both Dell APEX Cloud Platform for Microsoft Azure hardware and the Cloud Platform Manager VM.

This new Insights for Azure Stack HCI monitor feature allows our customers to directly visualize in Azure Portal informational event data generated by the multicloud (MC) node hardware and the Cloud Platform Manager VM using an Insights integrated workbook.

With this workbook, we are empowering users to effectively manage and optimize their clusters and, in turn, receive the benefit of accelerated issue detection and time to resolution. I know, we’re excited too.

Enabling Event Monitoring for Dell APEX Cloud Platform for Microsoft Azure: Is it difficult?

Not really. Simply follow these steps:

• First, ensure you meet these mandatory prerequisites in your cluster:
  1. Azure Stack HCI, version 23H2 (registered and connected to Azure)
  2. Arc-enabled (Azure Monitor extension installed)
  3. Insights enabled
• Once you have completed the prerequisites, navigate to the Insights page of your cluster in Azure portal and:

Figure 2. Enabling Event Monitoring in Azure portal

1. Select the Event Monitoring for Dell APEX Cloud Platform for Microsoft Azure workbook
2. Click Enable selected
3. Click Enable to enable the workbook

Boom. Done. That was easy, and now the workbook is enabled…what is next?

What does Event Monitoring for Dell APEX Cloud Platform for Microsoft Azure look like?

Once the page refreshes, you’ll be taken to the first of the two tabs of the workbook – the Overview tab – which provides a brief description of what this workbook is and the information it can provide to its users.

Figure 3. Event Monitoring for Dell APEX Cloud Platform Overview tab

The second tab in the workbook – the Health tab – presents a summary of the alerts or events that have occurred on the cluster, broken down into Warning, Critical, and Informational alerts.

The Health tab also provides a Nodes table with a high-level overview of each node for the selected time range, including which cluster it belongs to, the node name, health status, node state, uptime, and domain.

Figure 4. Event Monitoring for APEX Cloud Platform for Microsoft Azure Health tab

A second table – the Alerts table – shows each alert in greater detail, including its corresponding node, component and subcomponent, severity level, event code, product service tag number, reported time, a short description, and even a knowledgebase article for issue diagnosis and troubleshooting guidance.

Note that you can leverage the Search bar to filter the information based on a given search term and the Time Range drop-down menu to show the events that occurred on all the MC nodes for the cluster within a specific time range.

Conclusion

Our workbook, Event Monitoring for Dell APEX Cloud Platform for Microsoft Azure, makes real the ability to monitor events generated on both Dell APEX Cloud Platform for Microsoft Azure hardware and the Cloud Platform Manager within the Azure Portal.

This powerful integration provides a great deal of value, significantly reducing the issue detection time and time to resolution.

Thanks for reading, and stay tuned for more updates in Info Hub!

Resources

We have tons of great content to help you deep-dive into Dell APEX Cloud Platform for Microsoft Azure powered by Dell APEX Cloud Platform Foundation Software:

• What's New with the Dell APEX Cloud Platform for Microsoft Azure March 2024 Release 
• Dell Technologies First to Deliver Azure Stack HCI 23H2
• YouTube playlist with educational and demo videos 
• NEW YouTube playlist for March 2024 release
• Info Hub white papers, videos, and interactive demos 
• APEX Cloud Platform for Azure main product page 
• Microsoft’s official announcement of 23H2 general availability 
• General availability of Azure Virtual Desktop
• Azure Stack HCI Security Book
• Check out What’s new for Azure edge infrastructure in 2023 for an eye opening case study of a fictional grocery store chain that uses Microsoft Azure to deploy and manage infrastructure at the edge using Azure Arc, Azure Kubernetes Service, and Azure Stack HCI. This is a highly enlightening, end-to-end view of how all the technologies within the Azure hybrid cloud ecosystem can harmoniously work together to solve a real-world business problem in the retail vertical. 

And as always, please reach out to your Dell Technologies account team if you would like to have more in-depth discussions about the Dell APEX Cloud Platforms family. If you don’t currently have a Dell Technologies contact, we’re here to help on our corporate website.

Author: Ignacio Borrero, Senior Principal Engineer, Technical Marketing Dell CI & HCI

@virtualpeli

Appendix

There is nothing quite like being first – first to watch the newly released docuseries on your favorite streaming platform, first to try the highly anticipated new restaurant, first to see the popular band that’s in town, and so on. These types of events tend to get everybody snapping selfies and posting memes on their social media accounts. As a bona fide nerd, I get that same feeling of exhilaration when cool new tech hits the market – especially when it’s from the Dell Technologies and Microsoft team. I love getting the word out about groundbreaking features that produce meaningful business outcomes for our customers.

In September 2023, we officially released our Dell APEX Cloud Platform for Microsoft Azure, the first offer in the market for Premier Solutions for Microsoft Azure Stack HCI. As the first partner to qualify a solution for this elite category, Dell Technologies is ready for greenfield deployments with Azure Stack HCI version 23H2 staged on our factory-delivered MC nodes beginning today. Dell Services is here to provide you with a white glove initial implementation experience.

In this blog, I want to share my enthusiasm about this 23H2 release and help the community understand why it’s such a big deal.

What’s all the fuss about 23H2?

Microsoft just announced the general availability of Azure Stack HCI version 23H2 last month. Pundits agree that this may be their most ambitious Azure Stack HCI release effort to date. They have dramatically simplified fleet management at-scale of infrastructure distributed across edge locations using Azure Resource Manager (ARM) and key Azure management services. On-premises resources like virtualized desktops, server VMs, and Azure Kubernetes Service (AKS) workload clusters are automatically Azure Arc-enabled. This means that these resources can benefit from Azure’s advanced configuration, monitoring, and security services immediately after the deployment of 23H2.

Topping the list of new features is cloud-based deployment. You can use the Azure portal to deploy Azure Stack HCI from the cloud, including cluster, storage, and networking configuration. You can also leverage ARM templates with custom parameter values for each unique cluster to drive reuse and repeatability. Dell Technologies plans on going beyond the cluster creation aspects of the deployment as we integrate with this new capability in our next release of the APEX Cloud Platform for Azure.

As depicted in the following early preview screenshots, we will continue to use our APEX Cloud Platform Foundation Software to provide a fully automated, end-to-end Day 1 deployment and cluster creation experience. This includes bare-metal OS provisioning and onboarding to Azure Arc prior to cluster creation in the Azure portal. We will also be able to seamlessly re-deploy existing clusters using our automation workflow if the need arises.

Figure 1. Early preview of Day 1 deployment and cluster creation workflow

Figure 2. Azure Stack HCI registration step in the early preview

The outcome is the same whether you leverage Dell Technologies’ existing deployment experience or wait for our new cloud-based experience coming in the next release. Both accelerate your time to value – taking you from factory-delivered MC nodes to fully deployed Azure hybrid cloud – using powerful API-driven software capabilities. Dell ProDeploy Services offers a white glove deployment experience that uses our APEX Cloud Platform Foundation Software Day 1 API to rapidly bring up any number of clusters in a predictable and repeatable manner.  

During initial deployment of 23H2, Azure Arc Resource Bridge and AKS enabled by Azure Arc are automatically installed on your Azure Stack HCI cluster. This is an especially compelling enhancement, as installing Arc Resource Bridge and AKS on previous Azure Stack HCI versions has been notoriously challenging. Immediately after initial deployment, you can provision Arc-enabled VMs and Arc-enabled Kubernetes workload clusters across any number of on-premises Azure Stack HCI clusters centrally from ARM. You can use a guided, wizard-driven workflow in the Azure portal or ARM templates for Infrastructure as Code (IaC) automation.

Figure 3. Arc Resource Bridge running on three Azure Stack HCI clusters

Figure 4. Azure Arc VM provisioning

Azure Stack HCI version 23H2 also provides management of updates across all your Azure Stack HCI clusters using Azure Update Manager, as shown in the following figure. These updates are applied with the cluster-aware updating feature to prevent any disruption to running workloads. In the context of APEX Cloud Platform for Azure, you will be able to apply monthly quality and security updates using Azure Update Manager. However, baseline updates that include Dell’s BIOS, firmware, and driver packages will still require the full stack lifecycle management automation workflow in the APEX Cloud Platform extension in Windows Admin Center.

Figure 5. APEX Cloud Platform in Azure Update Manager

Azure Virtual Desktop (AVD) may be the most anxiously anticipated Azure service to come to on-premises Azure Stack HCI clusters to date. AVD is now generally available on 23H2 and offers host pool provisioning directly from the Azure portal. After a 23H2 deployment, you can begin creating Windows 10 and Windows 11 single- and multi-session host VMs across all your Azure Stack HCI clusters. These client VMs can also leverage updated Azure Marketplace images with Microsoft 365 applications preinstalled and GPU acceleration for your most demanding client applications.     

There is also a bevy of new capabilities and improvements that addresses the core stack – hypervisor, storage, and VMs:

• ReFS deduplication and compression is designed for active workloads like AVD running on Azure Stack HCI and can result in significant storage capacity savings.
• Trusted launch comes to Azure Arc-enabled VMs to help prevent firmware and boot loader attacks.
• Significant investments have been made to improve the Azure Stack HCI security posture in 23H2. This new version has a tailored security baseline with over 300 security settings configured that remain compliant using a drift control mechanism. Check out the newly published Azure Stack HCI Security Book, which provides a complete readout of all the robust security features that come out-of-the-box with 23H2.
• Microsoft Defender for Cloud for Azure Stack HCI (preview) provides coverage for Azure Stack HCI infrastructure as part of the Cloud Security Posture Management plan.
• Azure Migrate to Azure Stack HCI (preview) - Use Azure Migrate to move VMs from an existing Hyper-V environment to Azure Stack HCI version 23H2. This feature uses Azure Migrate as the control plane, but the data transfer stays entirely on-premises. Support for VMware vCenter source environments is coming soon.

Dell Technologies is first out of the gate

Premier Solutions for Microsoft Azure Stack HCI is reserved for top partners with the deepest levels of integration and engineering collaboration with Microsoft. Dell Technologies completed our testing and validation of 23H2 ahead of general availability on the Dell APEX Cloud Platform for Microsoft Azure. We are pleased to get the powerful capabilities of 23H2 into your hands immediately, so you can spend less time on operations and more time on the innovation that helps your organization secure a competitive advantage in the market. Dell ProDeploy Services is ready to provide a white glove 23H2 deployment experience on all new MC nodes delivered from the factory.     

Figure 6. 23H2 release timeline

With all the new cloud-based capabilities Microsoft has introduced for Day 1 – N operations with 23H2, we want to be clear about how IT administrators will perform various tasks specifically with Dell APEX Cloud Platform for Microsoft Azure. Some administrative scenarios can be accomplished at-scale with Azure Resource Manager, and others will require the granular, cluster-by-cluster level access provided by the Dell APEX Cloud Platform Foundation Software. This software integrates automation workflows into Windows Admin Center via a Dell extension.

Figure 7. APEX Cloud Platform’s consistent management experience 

The following table provides a detailed comparison of management capabilities.

Table 1. Comparison of fleet and cluster-level management capabilities

Full stack lifecycle management

In the future, you will be able to leverage our full stack lifecycle management (LCM) experience in the Dell APEX Cloud Platform Foundation Software for in-place OS upgrades. Our software periodically queries Dell Technologies and Microsoft update sites, checking for new bundles. You never have to leave the Updates tab of the APEX Cloud Platform extension in Windows Admin Center, as shown in the following figure, to review or apply updates. The software identifies any patch dependencies that may exist before revealing these bundles in the Updates tab. Guardrails are established to ensure you apply all updates in the proper order. Dell Technologies and Microsoft collaboratively test and validate this process for every release using APEX Cloud Platform hardware in our respective engineering labs.

Figure 8. Update bundles in the APEX Cloud Platform extension in Windows Admin Center

The following table summarizes the contents of each update bundle type.

Table 2. Contents of update bundles

For a more in-depth discussion about this full stack lifecycle management feature, please review this recent blog post, The Evolution of Azure Stack HCI Lifecycle Management. 

23H2 is only the beginning

Support of Azure Stack HCI version 23H2 is only one of the many enhancements we’ve introduced in our latest release of Dell APEX Cloud Platform for Microsoft Azure. We’ve also added new automation workflows to our extension in Windows Admin Center, which include many pre-checks and validations to ensure consistently successful operations with no disruption to running workloads:

• Add and Replace Disks feature: We’ve provided an automated workflow to increase Storage Spaces Direct capacity and performance or restore capacity and performance to a desired state.
• Node Repair and Replace feature: We’ve also made it easy to restore a cluster to full health after a node has experienced a failure that requires the server to be reimaged.

Dell Technologies is also developing integrations into Azure management and governance services. This latest platform release introduces the first of these integrations. You can now visualize fault and informational event data generated by the MC node hardware and the Cloud Platform Manager VM using an Azure Monitor Insights for Azure Stack HCI workbook. Simply enable the Event Monitoring for Dell APEX Cloud Platform for Microsoft Azure feature for Insights to get started.

Resources

We have tons of great content to help you deep-dive into Dell APEX Cloud Platform for Microsoft Azure powered by Dell APEX Cloud Platform Foundation Software:

• What's New with the Dell APEX Cloud Platform for Microsoft Azure March 2024 Release 
• Monitoring the Dell APEX Cloud Platform for Microsoft Azure with Azure Insights
• YouTube playlist with educational and demo videos
• NEW YouTube playlist for March 2024 release
• Info Hub white papers, videos, and interactive demos 
• APEX Cloud Platform for Azure main product page 
• Microsoft’s official announcement of 23H2 general availability
• General availability of Azure Virtual Desktop
• Azure Stack HCI Security Book
• Check out What’s new for Azure edge infrastructure in 2023 for an eye-opening case study of a fictional grocery store chain that uses Microsoft Azure to deploy and manage infrastructure at the edge using Azure Arc, Azure Kubernetes Service, and Azure Stack HCI. This is a highly enlightening, end-to-end view of how all the technologies within the Azure hybrid cloud ecosystem can harmoniously work together to solve a real-world business problem in the retail vertical.

And as always, please reach out to your Dell Technologies account team if you would like to have more in-depth discussions about the Dell APEX Cloud Platforms family. If you don’t currently have a Dell Technologies contact, we’re here to help on our corporate website.

Author: Michael Lamia, Engineering Technologist at Dell Technologies

Follow me on X: @Evolving_Techie 

LinkedIn: https://www.linkedin.com/in/michaellamia/

Dell APEX Cloud Platform for Microsoft Azure is about to reach its first six months of existence, and we’re celebrating by incorporating a plethora of enhancements across the entire platform.

First and foremost, Dell has become the first Microsoft partner to enable 23H2 for new deployments. We can ship new platforms based on Dell multicloud (MC) nodes that include a factory staging of Azure Stack HCI 23H2. Dell Services will assist customers on the initial deployment experience,

Azure Stack HCI 23H2 (2311.2 release) comes full of rich features, including:

• Simplification in infrastructure deployment as key Azure Kubernetes Service (AKS) components are created as part of the Azure Stack HCI deployment
• Enhancement in Azure Arc-enabled on-premises resources like virtualized desktops, server VMs, and Azure Kubernetes Service (AKS) hybrid workload clusters, as they are now automatically Azure-Arc enabled
• Azure Stack HCI cloud-based deployment
• Management of updates across all Azure Stack HCI clusters using Azure Update Manager
• New capabilities and improvements to the core Azure Stack HCI stack – hypervisor, storage, security, and virtual machines

Check out these features in greater depth in this blog, Dell Technologies First to Deliver Azure Stack HCI 23H2.

But there is much more to this March release than 23H2, ranging from new cluster node expansion options to improvements in Dell APEX Cloud Platform foundation software for Day 0, Day 1, and Day 2 operations to serviceability and platform monitoring enhancements.

Cluster expansion

Today, all cluster expansion operations are led by Dell Support and Services. Starting with this APEX Cloud Platform for Microsoft Azure March release, there are two new operations supported:

• Upgrading a single node deployment to a 2-node cluster

Through a Dell Services-led engagement, it is possible to expand a single node deployment to a 2-node switched or switchless cluster. 

Figure 1. Single node to 2-node cluster Azure Stack HCI expansion

• Converting a 2-node switchless storage network cluster to a 2-node switched storage network cluster

Dell Services converts from a switchless storage network topology to a switched one. From there – 2-node switched – we can grow our Azure Stack HCI deployment up to 16 nodes.

Figure 2. 2-node switchless to 2-node switched cluster conversion

Dell APEX Cloud Platform Foundation software improvements

Numerous improvements in the platform will affect distinct solutions’ areas. As of today, platform deployment operations are done through a white glove experience led by Dell Services teams, but we are investing in a more API-driven approach moving forward:

• Day 0 – Day 1 Operations
  • To make initial deployment even simpler, we can now use a JSON file that stores the configuration options for our environment, avoiding the need to go step-by-step through the deployment wizard.
  • A RESTful API has been made available to automate provisioning operations.
  • The automated initial deployment was limited to 6 nodes. From this APEX Cloud Platform Foundation Software v1.01 and forward, this process can include up to 16 nodes.
  • iDRAC Service Module (iSM) is installed as part of the initial deployment after the first cluster node boots. Its lifecycle management is handled by Dell APEX Cloud Platform Foundation software.
• Day 2 Operations
  • Wizard driven process for node repair/replace
    • This is a Dell services-led procedure, that – depending on the issue – may require re-imaging the node or preparing a new server.
    • In a nutshell, when the issue requires the Operating System to be reinstalled, we need to go through the node repair operation.

Figure 3. GUI driven process for node repair/replace

• Wizard driven process to add/replace disks in a node
  • These operations can be customer-led.
  • Validation checks are run to ensure optimal operation completion.
  • Verification checks are run post disk insertion. When these finalize successfully, the process can be considered completed.

Figure 4. Add disk to a Dell APEX Cloud Platform for Microsoft Azure node shows successful completion

• There is a similar wizard when the case is disk replacement instead of disk addition. The output of the replacement process will look like the following:

Figure 5. Replace disk/s to a Dell APEX Cloud Platform for Microsoft Azure node shows successful completion

• Serviceability improvements
  • Embedded Service Enabler (ESE) and Remote Secure Credential (RSC) logs have been added to the log bundle collection mechanism. These logs can be very useful when remote access to the cluster is denied and we want to diagnose the connection issue.

Figure 6. Checking the content of a Dell APEX Cloud Platform for Microsoft Azure to verify both ESE and RSC logs are included in the bundle

• Microsoft Azure portal integrations
  • Event Monitoring for Dell APEX Cloud Platform for Microsoft Azure will deliver a customized Azure workbook which will allow you to monitor faults and events that happen on the Dell APEX Cloud Platform for Microsoft Azure hardware and the Cloud Platform Manager via the Microsoft’s Azure Portal itself.

Figure 7. Dell's customized Azure workbook, integrated with Insights in Azure Portal, to monitor real time faults and events generated within Dell APEX Cloud Platform for Microsoft Azure

Check the Resources section in this blog for useful links to more information on Dell APEX Cloud Platform for Microsoft Azure and specifics to this new release.

We will continue working on enhancing the platform features, so stay tuned for more new and exciting capabilities soon.

Resources

• Blog: Dell Technologies First to Deliver Azure Stack HCI 23H2
• Blog: Monitoring the Dell APEX Cloud Platform for Microsoft Azure with Azure Insights
• Info Hub blogs with further details about the new enhancements in our latest release 
• Info Hub white papers, videos, and interactive demos 
• YouTube playlist with educational and demo videos 
• NEW YouTube playlist for March 2024 release
• Main product page with spec sheets, solution briefs, infographics, and other great collateral 
• Dell Support site with administrator guides
• Microsoft’s official announcement of 23H2 general availability 
• General availability of Azure Virtual Desktop 
• Azure Stack HCI Security Book
• Check out What’s new for Azure edge infrastructure in 2023 for an eye opening case study of a fictional grocery store chain that uses Microsoft Azure to deploy and manage infrastructure at the edge using Azure Arc, Azure Kubernetes Service, and Azure Stack HCI. This is a highly enlightening, end-to-end view of how all the technologies within the Azure hybrid cloud ecosystem can harmoniously work together to solve a real-world business problem in the retail vertical. 

And as always, please reach out to your Dell Technologies account team if you would like to have more in-depth discussions about the Dell APEX Cloud Platforms family. If you don’t currently have a Dell Technologies contact, we’re here to help on our corporate website.

Author: Inigo Olcoz - Senior Principal Engineer Technologist Dell HCI Technical Marketing

X: @VirtualOlcoz

On September 26^th, 2023, Dell announced a new cloud platform intended to bring the cloud experience provided by the most relevant hyperscalers to on-premises. Dell APEX Cloud Platform for Microsoft Azure became the first in a group of platforms to facilitate modern application development and operation.

This new offer has become the first in the market for a new category – Premier Solutions for Microsoft Azure Stack HCI.

In this day and age, it’s highly probable that most customers when asked about their preferred way to learn about a new product or technology will select a hands-on experience, which is why we are excited to announce that a new interactive demo (ITD-0235) has been posted in our demo center catalog: Dell APEX Cloud Platform for Microsoft Azure.

Featuring a hands-on experience with the management and orchestration capabilities delivered by Dell APEX Cloud Platform Foundation Software, this interactive journey will guide us through the following topics:

• Platform introduction
• Deployment experience
• Fleet management
• Serviceability features
• Security management
• Lifecycle management
• Cluster expansion operations

The first steps explore the platform architecture displayed in Figure 1, founded upon the multicloud (MC) nodes and based on Dell PowerEdge R660 and R760 servers. The latest release of Azure Stack HCI is installed on these servers, including its storage and network components.

With the addition of the Azure Kubernetes Service (AKS) hybrid, we are on-board to onboard our Azure Stack HCI clusters into the Azure Arc portal, resulting in a true hybrid Azure environment.

Figure 1. Dell APEX Cloud Platform for Microsoft Azure base architecture

By utilizing the automated, wizard-driven process backed up by the Dell APEX Cloud Platform Foundation Software, you can cut down on the multitude of manual steps to deploy the advanced architecture of the Azure hybrid cloud environments by up to 88%.

Note: At initial release, this platform is only installable through Dell ProDeploy Services, however this automation will soon be made available for public use.

The wizard will guide us through a series of steps, including approving the End User License Agreement, fulfilling installation prerequisites, choosing a configuration method, and providing key Azure account parameters, as shown in the following figure.

Figure 2. Cloud Platform deployment through automated wizard, featuring the first configuration steps

Day 1 Deployment and Cluster Creation

Next, the interactive experience will go through the infrastructure resource selection process, beginning with servers, storage, and networking assets. Typical global settings such as cluster name, DNS, LDAPs, and Active Directory are configured next. We will then be prompted to identify a Windows Admin Center instance to install Dell APEX Cloud Platform Foundation Software extension, thus creating a powerful console for cluster management operations.

Configuring the APEX Cloud Platform Manager – the overall management engine for Dell APEX Cloud platforms – is the next step we will undertake. Credentials must be provided for the different users enabled in this engine.

The interactive experience will guide us through basic configuration steps for the three domains: Compute (Servers), Network, and Storage (through a specific network intent dedicated to storage traffic) as shown in the following figure:

Figure 3. Network and Storage intents configuration steps

Once everything is completed, a validation check is run to ensure a fully supported and consistent configuration has been provided and all environmental requirements have been met.

Upon successful execution of the validation check, the demo will display how the deployment process progresses. Once finalized, we can connect to Windows Admin Center to see the details of the newly deployed platform.

Figure 4. Windows Admin Center view of the newly deployed cluster

As a true hybrid environment, we can also verify that the new cluster has been onboarded to Azure Arc and can be managed from there.

Figure 5. New Azure Stack HCI cluster onboarded into the Azure portal

Fleet Management At-Scale

The next demo module will guide us through the capabilities offered by Azure Monitor to the newly onboarded cluster, including key metrics, health, and usage information.

As part of the deployment process, Azure Arc-connected Machine agents are installed on each of the cluster nodes, thus becoming Azure Arc-enabled server hybrid machines.

The installation of these agents is not sufficient to have the new cluster visible within Azure Monitor. The demo will walk through the necessary steps to complete this process and allow monitoring our cluster using Azure Stack HCI cluster insights, as shown in the following dashboard.

Figure 6. Azure Stack HCI cluster now monitored through Azure Monitor capabilities

From the cluster global health to the Virtual Machine or physical drives status across all your Azure platforms, a host of new monitoring capabilities have been made available and ready to use.

Fleet management at scale has been delivered by following these simple steps, creating a new and consistent hybrid management experience through the APEX Cloud Platform.

Dell Support Integrations and ServiceabilityProviding an automated deployment experience is key to the platform, however we have gone beyond that, making the support experience for Dell APEX Cloud Platform for Microsoft Azure as smooth and rich as possible through a set of Serviceability features:

• Secure connection for sending telemetry, creating service requests, and providing remote support
• Event management and Call-Home
• Log bundle collection

This guided journey will walk through how to enable these features through our Windows Admin Center extension and the APEX Cloud Platform Foundation Software.

Security Management

After reviewing these enhanced support capabilities, we will address the intrinsic infrastructure security management features built within Dell APEX Cloud Platform for Microsoft Azure.

All of these security features come out-of-the-box with Azure Stack HCI, providing a platform protected against current and future security threats.

The two main security features shown in the demo are:

• Infrastructure lock
• Secured-core server

Infrastructure Lock is a feature of Dell APEX Cloud Platform Foundation Software. The Dell APEX Cloud Platform extension in Windows Admin Center provides a toggle switch that enables and disables the System Lockdown feature of Dell iDRAC on a cluster-wide basis.

Enabling this feature on all the nodes in an Azure Stack HCI cluster protects against unintentional or malicious changes to critical configuration settings in the BIOS or iDRAC and prevents unapproved updates of BIOS, iDRAC, firmware, and drivers.

Figure 7. System showing Lockdown mode enabled, disabling iDRAC and BIOS configuration changes

The other main security feature exposed in the demo, secured-core server, helps protecting against attacks that try to establish a hardware root-of-trust. This feature must be enabled at both the BIOS and Operating system level. This is done during the initial platform deployment of APEX Cloud Platform for Microsoft Azure.

Figure 8. Dell APEX Cloud Platform for Microsoft Azure showing all nodes protected via secured-core server

Full Stack Lifecycle Management

Once the platform has been deployed, and we have seen the serviceability and security features, it is time to look at lifecycle management. Full stack lifecycle management is of outmost relevance to keep the platform running at optimal performance and resiliency levels.

In this demo, we can see how easy it is to keep the platform in a Continuously Validated State using a guided, wizard-driven workflow in Dell APEX Cloud Platform Foundation Software.

The process will go through a series of steps and validation operations that will lead to the cluster update, as shown in Figure 9.

Figure 9. Detailed dashboard for Azure Stack HCI cluster update as from Windows Admin Center view

When all the steps have been successfully completed, the cluster update process details are shown in an informational pane, as seen in the following figure.

Figure 10. Azure Stack HCI cluster update successfully completed

We can check that the newly updated cluster is compliant with the desired Known Good States through a Dell APEX Cloud Platform Compliance report, as shown in the following figure.

Figure 11. Azure Stack HCI cluster compliance report showing a fully compliant cluster

Rapid Cluster Expansion

For Dell APEX Cloud Platform for Microsoft Azure, it is essential that customers be able to start with only the amount of hardware needed for the initial workloads, allowing them to address business demands as they increase. For that reason, we have implemented an automated workflow to add a node to an existing Azure Stack HCI cluster within the APEX Cloud Platform Foundation software. The final demo in this interactive experience will guide us through a cluster expansion operation.

We will start with a two-node cluster that is intended to host a new business application. In order to address the new performance and capacity needs, an additional MC node must be added.

After all checks are run against the new node and compatibility with the existing cluster is determined, we are ready to start the expansion process.

There are also a number of validation tests shown in Figure 12 that are run to verify cluster integrity and stability in order to check that the cluster adheres to configuration best practices for the network, storage, security, and virtualization domains. With these, we establish that workload performance and cluster resiliency will not be compromised by the expansion process, as well as ensure consistency and standardization across the newly expanded cluster.

Figure 12. New node validation process run before adding a new server to an existing Azure Stack HCI cluster

As a final validation, we can visualize through the Dell APEX Cloud Platform integration with Windows Admin Center that the new node has been successfully added to the existing two-node Azure Stack HCI cluster, as illustrated in the following figure.

Figure 13. Physical view of the expanded Azure Stack HCI cluster

This will conclude the interactive experience offered by this demo, highlighting the efficiency and automation of the process of deploying and operating a Dell APEX Cloud Platform for Microsoft Azure powered by Dell APEX Cloud Platform Foundation Software.

Resources

• Dell APEX Cloud Platform for Microsoft Azure interactive demo, ITD-0235
• Dell Demo Center Catalog
• Info Hub: Dell APEX Cloud Platforms
• YouTube playlist with educational and demo videos – https://www.youtube.com/playlist?list=PL2nlzNk2-VMEkNM7E8m0ia_lLHWlOuT5h 
• Main product page with spec sheets, solution briefs, infographics, and other great collateral – https://www.dell.com/azure 

Author: Inigo Olcoz, Multicloud and HCI Technical Marketing

@VirtualOlcoz

Unleash Innovation Through Dell APEX Cloud Platform (ACP) for Red Hat OpenShift, In Synergy with Dell PowerSwitch 

Organizations are leveraging containerized multicloud deployments to boost revenue, enhance efficiency, and elevate user experiences. Multicloud is the go to choice for organizations, with Kubernetes at the forefront. Among them, 42% opt for Red Hat OpenShift to manage their containers.¹ Yet, multiple clouds can introduce complexity. Modern multicloud container setups demand consistent operations and robust automation for IT peace of mind, enabling a focus on delivering application value over infrastructure management.

Dell APEX Cloud Platform for Red Hat OpenShift

The Dell APEX Cloud Platform for Red Hat OpenShift is a collaborative solution developed in partnership with Red Hat, it enhances and streamlines on-premises OpenShift deployments, offering an integrated operational experience. The key features include:

• Seamless Integration and Intelligent Automation: This platform offers deep integration and intelligent automation across the Dell and OpenShift technology stacks. This integration accelerates time-to-value and eliminates the complexities that are associated with managing these technologies separately by different tools and portals.
• Unified Management: Users benefit from simplified, integrated management through the OpenShift Web Console, making it more straightforward to oversee and control the platform's components.
• Bare Metal Architecture: The platform is built on a bare metal architecture, which ensures high performance, predictability, and linear scalability. This robust foundation meets and exceeds even the most demanding Service Level Agreements (SLAs).
• Reduce cost and complexity: Dell APEX Cloud Platform for Red Hat OpenShift delivers everything that you need to rapidly deploy and run Red Hat OpenShift on a turnkey, integrated bare metal infrastructure. The extensive automation enabled by the Dell APEX Cloud Platform Foundation Software slashes deployment time by over 90%, while reducing time for complex life cycle management tasks by up to 90%.² Further, Dell Technologies performed over 21,000 hours of interoperability testing for each major release, ensuring predictability and reliability.
• Optimize workload outcomes: By optimizing delivery of OpenShift on-premises, the platform helps accelerate application modernization initiatives. Built on the next-generation Dell PowerEdge servers and Dell’s scalable, high-performance Storage Data Server (SDS), the platform delivers stringent SLAs for a broad range of modern mission-critical workloads. Further, with a universal storage layer between on-premises Dell APEX Cloud Platform and Dell’s APEX Storage for Public Cloud, the platform facilitates simpler movement of workloads across your IT estate.
• Enhance security and governance: Based on the cyber-resilient foundation of next-generation PowerEdge nodes, the Dell APEX Cloud Platform accelerates Zero Trust adoption, while providing multi-layer security and governance capabilities built throughout the technology stack. Further, with a bare metal implementation, the platform enhances security by reducing the potential attack surface.

Figure 1      APEX Cloud Platform for Red Hat OpenShift.

Dell Networking Advantage

Dell Networking with Enterprise SONiC is a Linux-based highly scalable, cloud-ready data center network fabric that helps IT organizations create a modern network infrastructure. This modern network infrastructure meets constantly shifting business demands, increases productivity, delivers services faster and remains flexible by incorporating the latest technology innovations like automation, multicloud, and generative AI. 

Salient features include:

• Innovation by collaborating with and contributing to the open-source SONiC community.
• Container-based Automation and Visibility.
• Supports a broad portfolio of high-performance data center and edge PowerSwitch options.
• Expanding ecosystem of partner automation/orchestration applications.
• A growing set of validated use cases, to meet the needs of large enterprises, Telcos, cloud service providers, large retailers and so on.

Dell Networking for ACP for Red Hat OpenShift

The Dell APEX Cloud Platform (ACP) for OpenShift addresses network considerations that are related to availability, performance, and scalability. This platform, which has undergone testing with Dell networking, enables organizations to swiftly deploy the overall solution by referring to the deployment guide and reference architecture. Dell Technologies manufactures APEX Cloud Platforms for OpenShift in the factory, per customers’ purchase order, and delivers to their data centers, ready for deployment. Dell tested the overall solution with Dell PowerSwitch platforms. The nodes in the APEX Cloud Platforms for OpenShift attach to Dell’s Top of Rack (ToR) networking switch which meets the ACP for Red Hat OpenShift network functional requirements which, at a high level, are as follows:

• 25G/100G Network Interface Controllers (NICs) support.
• 802.3ad Link aggregation Control Protocol (LACP) support.
• Maximum Transmission Unit (MTU) Size: 1500 for management and 9000 for Data.
• Disabling option for IPv6 multicast snooping to ensure proper discovery of nodes.
• VLAN support: Tagged 3939 for node discovery and Native 0 for external management.

Network redundancy and performance considerations

APEX Cloud Platform for OpenShift is a software-defined data center which depends on the physical top‑of-rack switching for network communications and is engineered to enable full redundancy, plus failure protection across the cluster. For customer environments that require protection from a single point of failure, you must design and configure the adjacent network supporting the ACP for OpenShift cluster to eliminate any single point of failure. A site must deploy a minimum of two Dell ToR PowerSwitches to support high availability, plus balance the workload on the ACP for OpenShift cluster. A pair of cables (VLT Connection) link these Dell PowerSwitches to support the flow of Layer 2 traffic between the ToR switches.

Figure 2      ACP for Red Hat OpenShift networking diagram.

Dell-on-Dell value proposition

Having an end-to-end stack from Dell Technologies enables customers to build a cohesive and efficient IT infrastructure. This allows customers to focus on their core business objectives rather than managing complex and disparate infrastructure components. Dell-on-Dell’s value proposition for integrated networking, storage, and compute solutions offers the following benefits:

• Seamless integration of Dell networking with Dell APEX Cloud Platform for Red Hat OpenShift which simplifies deployment, management, and maintenance, plus reduces the risk of interoperability issues.
• Dell APEX Cloud Platform for Red Hat OpenShift deployed, with Dell Networking, optimizes, and overall provides better system performance.
• Single point of support across overall deployment provides a consistent service experience.
• Dell APEX Cloud Platform for Red Hat OpenShift solution, with Dell networking, offers competitive pricing compared to stand-alone components from various vendors.
• Reduced complexity and efficient management translates into lower operational expenses (OPEX).
• Regular and seamless system updates across the ACP for OpenShift ecosystem. 

Useful resources

• Internal: Dell APEX Cloud Platform for Red Hat OpenShift
• Public: Dell APEX Cloud Platform for Red Hat OpenShift
• Dell Enterprise SONiC

Modern enterprises depend on their IT departments to facilitate their intricate operations and maintain a competitive edge in the market. To secure their competitiveness and achieve success, these companies aspire to develop groundbreaking applications and services with remarkable agility. Many Businesses are embracing a multicloud approach to fuel their inventive endeavors and expedite the deployment of applications.

Dell APEX Cloud Platform for Microsoft Azure is a hyperconverged infrastructure (HCI) solution that is engineered collaboratively with Microsoft. The solution optimizes Azure hybrid cloud operations which consolidates compute, storage, and network into a single, highly available, unified system. With proper planning, ACP for Azure rapidly deploys into an existing data center environment, and the end-product is immediately available to deploy applications and services.

Figure 1 APEX Cloud Platform for Microsoft Azure.

Dell Networking for Dell APEX Cloud Platform for Azure

The network considerations for Dell APEX Cloud Platform for Azure are no different than any enterprise IT infrastructure: Availability, Performance, and Scalability. Dell Technologies manufactures APEX Cloud Platforms (MC760 and MC660) for Azure in the factory, per customer’s purchase order and delivers to the customer’s data center, ready for deployment. Dell has tested the overall solution with Dell PowerSwitch platforms. The nodes in the ACP for Azure attach to Dell’s Top of Rack (ToR) networking switch which meets the Microsoft Azure Stack HCI network functional requirements.

Following are the prime requirements for networking:

• Priority Flow Control (PFC) – You require PFC where you use Data Center Bridging (DCB). Since you can use DCB in both iWARP Remote Direct Memory Access (RDMA) and RDMA over Converged Ethernet (RoCE) scenarios, you need PFC in all scenarios.
• Enhanced Transmission Select (ETS) – You need ETS where you use DCB. Since you can use DCB in both RoCE and iWARP RDMA scenarios, you require ETS in all scenarios.
• Link Layer Discovery Protocol (LLDP) – You require LLDP as it enables troubleshooting of physical networking configurations. You must dynamically enable configuration of the LLDP Type‑Length‑Values (TLVs).
• The required organizationally specific custom TLV (TLV Type 127) subtypes are:
• Port VLAN ID (Subtype 1)
• VLAN Name (Subtype 3) – Minimum 10 VLANs support
• Link Aggregation (Subtype 7)
• ETS Configuration (Subtype 9)
• ETS Recommendation (Subtype A)
• PFC Configuration (Subtype B)
• Maximum Frame Size (Subtype 4)
• For Software-Defined Networking (SDN) encapsulation, you require a Maximum Transmission Unit (MTU) range of 1514 to 9174.
• You require Border Gateway Protocol (BGP) to enable tenant workloads with SDN and dynamic peering.
• Also, you need a Dynamic Host Configuration Protocol (DHCP) relay agent for Preboot Execution Environment (PXE) boot services.

Network redundancy and performance considerations

ACP for Azure is a software-defined data center which depends on the physical top-of-rack switching for network communications and is engineered to enable full redundancy, plus failure protection across the cluster. For customer environments that require protection from a single point of failure, you must design and configure the adjacent network supporting the ACP for Azure cluster to eliminate any single point of failure. A site must deploy a minimum of two Dell Top-of-Rack PowerSwitches to support high availability, plus balance the workload on the ACP for Azure cluster. A pair of cables (VLT Connection) links these Dell PowerSwitches which supports the flow of Layer 2 traffic between the ToR switches.

Scalable ACP networking topologies for Azure 

Customers can implement various networking topologies to expand to a maximum cluster size of 16 nodes. Dell offers the following scalable networking topologies for APEX Cloud Platform for Azure: 

• Fully converged – RDMA, cluster management, and VM traffic traverse the same Ethernet connections thus conserving on switch ports and cabling requirements per node.
• Non-converged – Separates RDMA and host management/VM traffic on to separate network adapter interfaces. This ensures that there is no contention between storage and LAN communications, plus is easier to troubleshoot.

Figure 2 Dell’s scalable ACP network topologies for Azure example.

Dell-on-Dell value proposition

Having an end-to-end stack from Dell Technologies enables customers to build a cohesive and efficient IT infrastructure. This allows customers to focus on their core business objectives rather than managing complex and disparate infrastructure components. Dell-on-Dell’s value proposition for integrated networking, storage, and compute solutions offers the following benefits:

• Seamless integration of Dell networking with Dell APEX Cloud Platform for Azure which simplifies deployment, management, and maintenance, plus reduces the risk of interoperability issues.
• Dell APEX Cloud Platform for Azure, deployed with Dell Networking, optimizes and overall provides better system performance.
• Single point of support across overall deployment, provides a consistent service experience.
• Dell APEX Cloud Platform for Azure solution, with Dell networking, offers competitive pricing compared to stand-alone components from various vendors.
• Reduced complexity and efficient management translates into lower operational expenses (OPEX).
• Regular and seamless system updates across the ACP for Azure ecosystem.

Useful resources

• Dell APEX Cloud Platform for Microsoft Azure
• Dell Enterprise SONiC

On September 26, 2023, we introduced to the market the new Dell APEX Cloud Platform for Microsoft Azure. It is the first offer for Premier Solutions for Microsoft Azure Stack HCI, a new category in the Azure Stack HCI catalog reserved for key partners with the greatest levels of engagement with Microsoft and deepest integrations into familiar Microsoft management tools.

Dell APEX Cloud Platform for Microsoft Azure is a fully integrated infrastructure platform designed to optimize Microsoft Azure hybrid cloud deployments by optimizing operations, accelerating time-to-value across on-prem, edge, and Azure cloud deployments. It greatly simplifies initial deployments and on-going operations across the complete technology stack.

Security built in at every phase in the lifecycle

Figure 1. APEX Cloud Platform for Microsoft Azure security: The platformSecurity for Dell APEX Cloud Platform for Microsoft Azure is not an afterthought, but rather an integral part of the overall platform design process that leverages our Cyber Resilient Architecture and inherits Dell’s hardened server and software design to protect, detect, and recover from cyberattacks.

Full stack lifecycle management is key to maintaining a strong security posture throughout the life of your APEX Cloud Platforms, continuously and consistently applying Dell and Microsoft updates without risks to the platform and running workloads.

Dell APEX Cloud Platform for Microsoft Azure also leverages intrinsic infrastructure security management through Dell Infrastructure Lock and Secured-core server functionalities.

• Infrastructure Lock protects against unintentional or malicious changes to critical configuration settings in the BIOS or iDRAC. It also prevents any updates to BIOS, iDRAC, firmware, or drivers while enabled.
• Secured-core functionality helps proactively defend against and disrupt many of the paths attackers might use to exploit a system by establishing a hardware root-of-trust, protecting firmware, and introducing virtualization-based security.

You can learn more on these platform features in this video.

Azure Stack HCI, Microsoft Defender for Cloud, and Azure Policy security features

Dell APEX Cloud Platform for Microsoft Azure takes full advantage of the security features that come with Azure Stack HCI:

• Encryption and data protection
  • Data-at-rest encryption enabled with BitLocker by default
  • Self-Encrypting Drives (SED) require authentication independent of the OS
• Always-on antivirus protection
  • Microsoft Defender Antivirus enabled by default on cluster nodes for real-time detection
  • Automatic definition updates
• Recommended security baseline
  • Over 200 security settings enabled out-of-the-box
  • Disables legacy protocols and ciphers
  • Closely meets CIS benchmark and DISA STIG requirements
• Reduced attack surface
  • Figure 2. APEX Cloud Platform for Microsoft Azure: Microsoft integrationWindows Defender Application Control (WDAC) enabled by default
  • WDAC enforces an explicit list of applications and code allowed to run

Microsoft Defender for Cloud and Azure Policy assess, secure, and defend Dell APEX Cloud Platform for Microsoft Azure at-scale:

• Continuously assess -- understand your current security posture, identify and track vulnerabilities.
• Secure -- harden connected resources and services by following customized and prioritized recommendations.
• Defend -- detect and resolve threats to those resources and services. With prioritized security alerts, focus on what matters most and present to the right audience.

With this approach, the entire platform stack is covered – Azure Stack HCI, VMs, AKS hybrid workload cluster, and virtualized and cloud-native applications.

You can learn more on these platform features in this video.

Security Configuration Guide

If you want to go deeper and learn about all the different elements that come into play to properly guarantee the end to end secured and shielded protection for the platform, you can read our Dell APEX Cloud Platform for Microsoft Azure Security Configuration Guide, where we provide the configuration details for:

• Product and subsystem security: authentication, authorization, network security
• Cryptography: cryptographic modules
• Certificate management
• Event monitoring, auditing, and logging
• Integrity: security updates

Conclusion

Dell APEX Cloud Platform for Microsoft Azure enhances Azure operations for edge and on-premises deployments by providing consistent management with centralized Azure tools while mitigating security and compliance risks with an intrinsic approach to security that extends Azure governance across all deployment environments.

Thanks for reading and… stay tuned for more updates in Info Hub!

Author: Ignacio Borrero, Senior Principal Engineer, HCI and Multicloud Technical Marketing

@virtualpeli

Today, Dell Technologies announced the general availability of Dell APEX Cloud Platform for Microsoft Azure. This on-premises, turnkey infrastructure platform is collaboratively engineered with Microsoft to optimize the Azure hybrid cloud experience.

It is the first offer in Premier Solutions for Microsoft Azure Stack HCI, a new category in the Azure Stack HCI catalog reserved for key partners with the greatest levels of engagement with Microsoft and deepest integrations into familiar Microsoft management tools.

The secret sauce

Dell APEX Cloud Platform for Microsoft Azure comes bundled with fully automated management and orchestration, delivered by Dell APEX Cloud Platform Foundation Software. This software runs in a virtual appliance on each cluster and functions as the brains of the solution stack. The Cloud Platform Manager VM communicates with the underlying infrastructure and injects automation workflows into Microsoft Windows Admin Center via the Dell APEX Cloud Platform extension, as depicted in the following diagram.

Features that deliver breakthrough operational efficiency from Day 1 through Day 2/N include:

• Deployment and cluster creation automation – Fastest path to Azure hybrid cloud providing an 88% reduction in steps versus a manual deployment approach.
• Physical hardware views – Intuitive user interface for rapid identification of MC node components and cluster health.
• Integrations with Dell ProSupport – Accelerates time to issue resolution with log collection, remote support, and phone home capabilities.
• Intrinsic infrastructure security management – Toggle Dell Infrastructure Lock to prevent unauthorized changes to configuration settings and to block updates to the platform. Secured-core server establishes a hardware root of trust and provides firmware protection and virtualization-based security.
• End-to-end cluster expansion – Scale-out a cluster in a highly efficient and fully automated manner using a guided wizard-driven workflow.

In this blog, we will focus on one of the most compelling and highly anticipated features of Dell APEX Cloud Platform Foundation Software – next generation full stack lifecycle management (LCM).

Our latest approach to LCM keeps Dell APEX Cloud Platform for Microsoft Azure operating in a Continuously Validated State (CVS) – advancing from one Known Good State (KGS) to the next inclusive of hardware, operating system, and systems management software. We have dramatically accelerated time to value with our latest approach to LCM, providing near instantaneous availability of new Microsoft updates within just four hours of being released.

The following graphic depicts the journey of an update from development to installation.  

History lesson

Dell Technologies is no stranger to efficiently applying updates to Azure Stack HCI clusters, having done so using a fully automated, cluster-aware approach with no impact to running workloads since 2019.

We first introduced this automation in our Dell OpenManage Integration with Microsoft Windows Admin Center v1.1. At that time, we provided the ability to generate a compliance report within our standalone extension that compared the currently running BIOS, firmware, and driver versions with an engineering-validated solution baseline catalog. Simply choose between targeting an online catalog or creating an offline catalog using Dell Repository Manager, and then our standalone extension would orchestrate the updates using Cluster-Aware Updating.

Version 2.0 of our OpenManage Integration extension went a step further to deliver our first foray into full stack cluster-aware updating through a snap-in developed for Microsoft’s Updates extension.

Using this snap-in, Azure Stack HCI operating system updates and Dell hardware updates (i.e., BIOS, firmware, and drivers) were applied using a single, consolidated workflow. This workflow only required one reboot per cluster node and was completely non-disruptive to running workloads. Once again, IT administrators could view a compliance report and select an online or DRM-created offline catalog for the Dell updates.

Maintaining a Continuously Validated State

We’ve developed an entirely new Windows Admin Center extension with integrated Dell APEX Cloud Platform Foundation Software workflow automation. We continue to build on the pedigree we’ve established over the last four years with our OpenManage Integration extension, improving further by now incorporating proven and market-leading intellectual property (IP) from our other hyperconverged infrastructure (HCI) and software defined storage (SDS) offerings. Some of this innovative IP is derived from our highly successful VxRail HCI System software and results in a new standard for lifecycle management in a turnkey infrastructure platform.

When freshly deployed, Dell APEX Cloud Platform for Microsoft Azure runs at peak performance and resiliency to support your current workloads. The platform also comes secure by default with the following protection:

• BIOS and operating system settings are configured correctly to enable secured-core server. Secured-core server establishes a hardware backed root of trust, provides defense against firmware level attacks, and enables virtualization-based security.  
• Data-at-rest encryption is enabled on all volumes using BitLocker.
• Microsoft Defender Antivirus is built into Azure Stack HCI and provides real-time always-on antivirus protection with automatic definition updates.
• Azure Stack HCI has more than 200 security settings enabled out-of-the-box. These settings provide a consistent security baseline. For example, security posture is improved by disabling legacy protocols and ciphers.
• Windows Defender Application Control (WDAC) is a software-based security layer that reduces the attack surface by enforcing an explicit list of software that is allowed to run.  Dell APEX Cloud Platform for Microsoft Azure comes with WDAC enabled and enforced by default.

This pristine operating environment is known as the platform’s current Known Good State (KGS). Rest assured that the entire platform is running in a condition that is collaboratively validated by Dell and Microsoft engineering. To maintain the robust default security posture and optimal performance and resiliency, you need to keep the platform in a Continuously Validated State (CVS). Comprehensively advancing the end-to-end platform from one KGS to the next is accomplished with zero interruption to running workloads. The following graphic shows an example of a quarterly update that includes multiple software and hardware update components.

(Note: The release versions in this graphic are examples only and do not align with any official Dell APEX Cloud Platform for Microsoft Azure planned releases.)

Release terminology

The following table summarizes the different platform components that must be routinely updated to be compliant with the current or target KGS.

The Azure Stack HCI Solution component follows the Modern Lifecycle policy, which defines the products and services that are continuously serviced and supported. To keep your Azure Stack HCI service in a supported state, you have up to six months to install updates. Dell and Microsoft recommend installing all updates as they are released to capitalize on the rapid pace of innovation and inclusion of new features. To learn more, see Azure Stack HCI release information.

Dell and Microsoft release the following types of updates for this platform:

Microsoft Azure and Dell update sites are periodically queried to discover applicable updates. These updates are listed in the Updates tab in the Dell APEX Cloud Platform extension in Windows Admin Center. 

All updates – even emergency patches from Microsoft that address critical security vulnerabilities or bug fixes – will appear in the Dell extension within just four hours of being released. This near immediate availability of patches is unprecedented in a turnkey, on-premises infrastructure platform. And whether the updates are from Microsoft, Dell, or both organizations, you’ll never need to navigate away from the Dell APEX Cloud Platform extension interface to apply them. 

Engineering rigor produces stress-free LCM

In the past, Dell validated hardware updates and Microsoft validated operating system updates independently. With our enhanced lifecycle management approach, every update discovered by Dell APEX Cloud Platform Foundation Software has been jointly tested and validated by Dell and Microsoft. We incorporate new periodic builds of hardware, OS, and systems management components into our respective validation CI/CD pipelines. This raises the bar to an entirely new level of confidence and peace-of-mind for IT administrators.   

In the relentless pursuit of delivering worry-free updates, the full stack lifecycle management workflow performs extensive prechecks before any update operations are initiated. For example, all platform components are checked to ensure they comply with the current KGS. If Dell Infrastructure Lock is enabled on the platform, a dialog box informs you that it will be temporarily disabled to allow updates and re-enabled after the update workflow is complete to maintain a strong security posture. 

The entire update process relies heavily on Azure Stack HCI’s Lifecycle Manager feature, which employs Cluster-Aware Updating (CAU) to ensure no workloads are interrupted. One cluster node is placed into maintenance mode at a time, which triggers the Live Migration of VMs. CAU installs the updates, restarts the node if required, returns the node to a fully functional state, and proceeds to the next node in the cluster. When the LCM workflow is complete, a new compliance check is triggered to confirm that the platform has fully transitioned to the new target KGS.

Seeing is believing

The best way to summarize all the incredible benefits I’ve discussed about our evolved LCM approach is with a demo. Experience for yourself how stress-free LCM can be in this short video vignette. 

Resources

We have tons of great content to help you deep-dive into Dell APEX Cloud Platform for Microsoft Azure powered by Dell APEX Cloud Platform Foundation Software.

• InfoHub (White Papers, Blogs, Interactive Journey, and more) –  https://infohub.delltechnologies.com/t/cloud-platforms/
• YouTube playlist with educational and demo videos – https://www.youtube.com/playlist?list=PL2nlzNk2-VMEkNM7E8m0ia_lLHWlOuT5h
• Main product page with spec sheets, solution briefs, infographics, and other great collateral – https://www.dell.com/azure
• Dell Support site with administrator guides –  https://www.dell.com/support/home/en/product-support/product/apex-cloud-pf-ms-azure/docs

And as always, please reach out to your Dell account team if you would like to have more in-depth discussions about the Dell APEX Cloud Platforms family. If you don’t currently have a Dell contact, we’re here to help on our corporate website.

Author: Michael Lamia, Engineering Technologist at Dell Technologies

Follow me on Twitter: @Evolving_Techie 

LinkedIn: https://www.linkedin.com/in/michaellamia/ 

Email: michael.lamia@dell.com

Applications thrive and proliferate swiftly in our technology-driven world, which places a heavy burden on IT departments that are expected to keep up with that frantic pace. This reality necessitates intensive use of dev/ops environments, often a sweet spot for cloud platforms. Multi-cloud scenarios are commonly adopted to avoid being tied to a single cloud provider; however, each cloud platform has its own management tools and requires different base knowledge. Working on different cloud platforms makes having global visibility of your IT assets a very complex task and implementing a holistic security and compliance policy even harder.

Dell APEX Cloud Platforms facilitate multicloud adoption by bringing cloud stacks to data center, co-location, and edge environments, accomplished by providing turnkey platforms designed from a set of common building blocks that help reduce IT workloads, speed deployment, control costs, and manage end of life of assets sustainably.

 Figure 1. Dell APEX Cloud Platforms: Empowering hybrid cloud innovation

Dell APEX Cloud Platform for Microsoft Azure--one of the offerings within the broader APEX portfolio--allows customers to extend their Microsoft ecosystem on-premises. This new platform ensures consistent operations and governance across data centers, edge locations, and Azure public cloud. The innovative Dell APEX Cloud Platform Foundation Software communicates with the underlying platform and integrates automated workflows into Microsoft Windows Admin Center via our APEX Cloud Platform extension, providing a common and familiar management platform to centralize operations for dispersed Azure deployments.

Figure 2. Dell Cloud Platform Foundation Software capabilities

Dell APEX Cloud Platform for Microsoft Azure supports at launch two hardware platforms:

• Dell MC-660 nodes (1U)
• Dell MC-760 nodes (2U)

Both platforms are equipped with dual socket Intel Sapphire Rapids processors, 4 TB of DDR5 memory, and a wide range of NVMe, SAS, and Nearline SAS drives as storage options.

The following figure shows in detail the MC-660 supported hardware for both All Flash and NVMe configurations.

Figure 3. Dell MC-660 nodes for Dell APEX Cloud Platform for Microsoft Azure

Dell MC-760 nodes expand the storage and GPU capabilities for the Dell APEX Cloud Platform for Microsoft Azure, as shown in the following figure:

Figure 4. Dell MC-760 nodes for Dell APEX Cloud Platform for Microsoft Azure

With these two powerful platforms, you can handle a broad range of business workloads, from accelerating the adoption of your hybrid cloud project or transactional databases to hosting virtual desktops, AI/ML analytics, or containerized cloud native applications.

These MC nodes can be combined into different cluster topologies, heavily dependent on the host’s storage network configuration.

We can start with the smallest approach provided by single node architectures. We will expand on this use case later.

The next step in cluster complexity is the two-node architecture, a switchless option that avoids investing in Top of the Rack (ToR) switches or consuming existing storage ports. It is based in a mesh configuration between the two nodes with connection to client switches for host management and Virtual Machines (VM-1,2) traffic. This is a non-converged network configuration, as shown in the following figure.

Figure 5. Storage on physical links in a non-converged topology with two NIC ports

Storage 1 and 2 represent the physical connections to the storage. Through a Switch Embedded Team (SET), Management and VM traffic are routed to their proper destinations.

To expand the Dell APEX Cloud Platform for Microsoft Azure cluster size beyond the 2 nodes, we must implement a scalable network configuration. This option supports anywhere from 2 to 16 MC nodes and uses ToR switches for management and storage traffic networking.

These architectures support both fully converged and non-converged network topologies:

• Fully converged -- All storage ports from each node are connected to the same network fabric. Within the Azure Stack HCI OS, the NIC ports are used for both storage and management/VM traffic.
• Non-converged -- Storage traffic is separated from the management/VM traffic using dedicated storage network adapters, as shown in figure 5.

The scalable network topology allows for future cluster expansion as business needs grow.

Single node clusters

Single node Dell APEX Cloud Platform for Microsoft Azure deployments are a highly convenient solution for scenarios in which cost and power/space consumption are more relevant than highly resilient systems. This is a very common assumption in today’s Edge and Remote Office/Branch Office scenarios.

Figure 6. Dell APEX Cloud Platform for Microsoft Azure single-node deployments

Through Dell APEX Cloud Platform Foundation Software, we can easily deploy our single node environments in the same way we do with multi-node architectures.

In terms of workload placement, single node scenarios are able to host the same type of workloads as any other multi-node architecture with the performance limitations that one node can provide.

Whatever the deployment may be (single or multi-node, converged or non-converged), it is key that the proper hardware resources are configured to provide the best performance to the hosted business workloads.

Dell sales team have at their disposal a newly created Configuration and Sizing tool that has been designed to inherit the core technology of the existing configuration and sizing tool, thus accumulating 1000s of hours of configuration experience and real-life feedback from 100s of past sizing opportunities.

We can also use Live Optics, a free online software used to collect, visualize, and share data on IT environments and workloads, to feed the decisions made during the sizing process to better reflect the real needs of a customer scenario.

Using such a set of tools ensures you receive the optimal platform to host your Azure workloads.

Figure 7. Dell proprietary configuration and sizing tool for Dell APEX Cloud Platform for Microsoft Azure

Conclusion

With Dell APEX Cloud Platform for Microsoft Azure, customers can leverage Dell’s innovation in terms of automated Management and Operations to extend and optimize Microsoft Azure ecosystems on-premises, maintaining a familiar operational and developer experience.

Resources

We have tons of great content to help you deep-dive into Dell APEX Cloud Platform for Microsoft Azure powered by Dell APEX Cloud Platform Foundation Software. 

• InfoHub (White Papers, Blogs, Interactive Journey, and more) –  https://infohub.delltechnologies.com/t/cloud-platforms/ 
• YouTube playlist with educational and demo videos – https://www.youtube.com/playlist?list=PL2nlzNk2-VMEkNM7E8m0ia_lLHWlOuT5h 
• Main product page with spec sheets, solution briefs, infographics, and other great collateral – https://www.dell.com/azure 
• Dell Support site with administrator guides –        https://www.dell.com/support/home/en/product-support/product/apex-cloud-pf-ms-azure/docs 

And as always, please reach out to your Dell account team if you would like to have more in-depth discussions about the Dell APEX Cloud Platforms family. If you don’t currently have a Dell contact, we’re here to help on our corporate website.

Author: Inigo Olcoz, Senior Principal Engineer Technologist, Dell HCI Technical Marketing

Twitter: @VirtualOlcoz

Whenever an IT company presents a new product, it can be tempting to focus solely on the shiny side of the announcement. How fast are the new processors it incorporates? How much IO throughput can we attain, or how low can the storage latency be? We may be captivated by how easily the new product fits into a hybrid cloud operating model or how it slots perfectly into our multi-cloud strategy. We can focus on the improvements in operational efficiency, the cost savings it introduces, etc. The list is long and attractive, and these are important elements to what makes a new offering worth your time.

But there are a multitude of technologies and processes happening in the background to make these selling points a reality. To keep this new product running and true to the aforementioned benefits, we need to turn our focus to a whole different type of announcement.

Dell APEX Cloud Platform for Microsoft Azure is no different. A fully automated and integrated offering that extends and optimizes the Azure public cloud experience to on-premises IT environments, Dell APEX Cloud Platform for Microsoft Azure accelerates developer productivity, optimizes workload placement to meet application performance, and addresses governance requirements.

 Figure 1. Dell APEX Cloud Platform for Microsoft Azure

But what needs to happen in Dell APEX Cloud Platform for Microsoft Azure to make all these perks possible over time and through any and all vicissitudes?

It all comes down to serviceability. Dell APEX Cloud Platform Foundation Software integrates Dell Support and serviceability features/functionality into the APEX Cloud Platform extension in Microsoft Windows Admin Center.

For serviceability, we bundle a wide range of technologies and processes such as:

• Secure Connection for monitoring, providing remote support and handling hardware alerts
• Event Management and Call-Home
• Log bundle collection
• Check service feature

Dell APEX Cloud Platform Connectivity

Providing a secure connection gateway between customers’ facilities and Dell support sets up a trustable platform to send infrastructure, events, and call home, create service requests and deliver remote support for troubleshooting.

These connectivity features can be managed from the Dell APEX Cloud Platform Extension for Microsoft Windows Admin Center, as shown in the following figure.Figure 2. Connectivity can be enabled, disabled, and configured from Windows Admin Center

As mentioned previously, we can select the type of connectivity, either direct or through Dell Secure Connect Gateway, as shown in figure 3.Figure 3. Selecting connectivity from the APEX Cloud Platform infrastructure to Dell support

This connectivity, once established, enables you to create support cases and review KB articles from within the Dell APEX Cloud Platform for Microsoft Azure extension for Microsoft Windows Admin Center,

Event Management and Call Home

Dell APEX Cloud Platform for Microsoft Azure Event Management is built around an event processing service that:

• Collects events and transforms them into a common format
• Applies filters and other rules to reduce false alarms and unnecessary traffic
• Stores event history and distributes events to both Dell Call Home and Windows event viewer

In the following figure, we can see an event from the Windows Event Viewer. Dell APEX Cloud Platform for Microsoft Azure Events will appear under the section Hyper-V-Dell-APEX-HCP. In the description pane, we can analyze the event code, which includes event type, source, severity, component, and an index field. Other useful information includes:

• Event message and time of occurrence
• Information on the host, component, and sub-component that caused the event
• If there is any KB available related with the raised event

Figure 4. Dell APEX Cloud Platform for Microsoft Azure event, as seen from Windows Event Viewer

In the Dell APEX Cloud Platform Extension for Microsoft Windows Admin center, we have a dashboard dedicated to Alerts, as shown in figure 5.

Figure 5. Alerts UI from the Dell APEX Cloud Platform Extension for Microsoft Windows Admin Center

We can sort and categorize systems alerts by acknowledging them or not.

Establishing the connectivity with Dell support to configure Call Home will enable the automatic creation of Dell support cases based on these alerts.

Log Bundle collection

Dell APEX Cloud Platform for Microsoft Azure allows the user to collect log bundles coming from:

• Cloud Platform Manager
• Each node iDRAC
• Each cluster or node of the Azure Stack HCI platform

In the following example, we have elected to create log bundles from the three available sources.

We can select the nodes or cluster from which we want the logs to be created.

Figure 6. Dell APEX Cloud Platform for Microsoft Azure log bundle creation

You can download the bundles and delete old and/or unneeded logs, shown in figure 7, leaving room for future ones.

Figure 7. Dell APEX Cloud Platform for Microsoft Azure Log management

Check Service

Dell APEX Cloud Platform for Microsoft Azure includes a profile-based check service. Depending on the need--if we are running a compatibility check, a lifecycle management check, or a cluster validation check--we can create and use different profiles for those validations.

In the following table, we can see the type of checks supported in this version of Dell APEX Cloud Platform for Microsoft Azure.

All checks in every profile can be aggregated into a report in .json format.

This report is saved in the Radar docker directory /var/radar/report.

The following figure shows the example of a Day 1 node compatibility check. In it, we can see the compatibility column. The check service has validated that the selected node (with Service Tag 5750003) is compatible to be added to a Dell APEX Cloud Platform for Microsoft Azure cluster. 

Figure 8. Day 1 node compatibility check

All the processes and technologies described in this blog enable IT administrators to keep the lights of their Dell APEX Cloud Platform for Microsoft Azure platform on by facilitating systems’ monitoring and troubleshooting. 

You can find more information on Dell APEX Cloud Platform for Microsoft Azure on Dell InfoHub.

Resources

We have tons of great content to help you deep-dive into Dell APEX Cloud Platform for Microsoft Azure powered by Dell APEX Cloud Platform Foundation Software.

• InfoHub (White Papers, Blogs, Interactive Journey, and more) –  https://infohub.delltechnologies.com/t/cloud-platforms/ 
• YouTube playlist with educational and demo videos – https://www.youtube.com/playlist?list=PL2nlzNk2-VMEkNM7E8m0ia_lLHWlOuT5h 
• Main product page with spec sheets, solution briefs, infographics, and other great collateral – https://www.dell.com/azure 
• Dell Support site with administrator guides –  https://www.dell.com/support/home/en/product-support/product/apex-cloud-pf-ms-azure/docs 

And as always, please reach out to your Dell account team if you would like to have more in-depth discussions about the Dell APEX Cloud Platforms family. If you don’t currently have a Dell contact, we’re here to help on our corporate website.

Author: Inigo Olcoz, Senior Principal Engineer Technologist, Dell HCI Technical Marketing

Twitter: @VirtualOlcoz