VMs, Scale Sets, App Service, Functions, AKS, Container Apps, Batch, AVD, and Build 2026 changes that influence them.
🗺️ Cloud Compute
Azure compute is the set of services that run your code.
The four broad modes are: dedicated VMs (you manage the OS), containers (you manage the image), platform-as-a-service (Microsoft manages the runtime), and serverless functions (you manage only the code). Choosing the right mode determines your patching burden, your pricing model, and how fast you can scale.
💻 Azure Virtual Machines
Azure Virtual Machines (VMs) are the most configurable compute resource in Azure. They are Infrastructure-as-a-Service (IaaS): Microsoft manages the physical host; you manage the operating system and everything above it.
A VM is defined by two values: a size (SKU): sets vCPU count, RAM, and max disk throughput. The image sets the OS and baseline software. Billing is per second on most Linux SKUs and per hour on Windows.
VM Size Families
| Family | Letter | Optimised for | Typical use |
|---|---|---|---|
| General Purpose | B, D, Dv5, Dpdsv6 | Balanced CPU/memory | Web servers, dev/test, small databases |
| Compute Optimised | F, Fsv2 | High CPU-to-memory ratio | Batch processing, gaming, web front-ends |
| Memory Optimised | E, Esv5, M | High memory-to-CPU | SAP HANA, in-memory caches |
| Storage Optimised | L, Lsv3, Lasv5 🆕 | High local NVMe IOPS | NoSQL, data warehouses, big data |
| GPU | N, NC, ND, NV | GPU processing | AI/ML training, rendering, HPC |
| Arm-based | Dpdsv6, Cobalt 100/200 | Power-efficient scale-out | Cloud-native apps, Linux, agentic AI |
Azure Cobalt 200 is Microsoft’s second-generation Arm-based processor. The chip is built on the Arm Neoverse V3 architecture and TSMC’s 3nm process. Cobalt 200 delivers up to 50% better performance over Cobalt 100 and scales to 128 vCPUs. Hardware memory encryption is on by default. Target workload: cloud-native and agentic AI on Linux.
Availability Options
Availability Sets distribute VMs across fault domains within one datacentre building. Availability Zones place VMs in separate datacentre buildings within the same region. For new production workloads, prefer Zones. They offer stronger isolation and a higher SLA.
Pricing Models
| Model | Commitment | Savings vs PAYG | Best for |
|---|---|---|---|
| Pay-as-you-go | None | Baseline | Unpredictable, short-term |
| Reserved Instances | 1 or 3 years | Up to 72% | Steady-state production |
| Spot VMs | None (evictable) | Up to 90% | Fault-tolerant batch, testing |
| Azure Hybrid Benefit | Existing licences | Up to 49% | Windows Server / SQL licences |
Combining Reserved Instances with Azure Hybrid Benefit gives the deepest cost reduction for licensed Windows workloads.
📈 VM Scale Sets (VMSS)
Azure Virtual Machine Scale Sets let you run and auto-scale a group of identical VMs. You define the image, the size, and the scaling rules. Azure manages adding and removing instances.
VMSS supports two orchestration modes: Uniform (all instances share the same model) and Flexible (instances can vary, recommended for new deployments). Flexible mode offers better fault domain distribution and supports mixing Spot and on-demand instances.
Scale-out and scale-in rules trigger on host metrics such as CPU percentage, network traffic, and disk operations. You can also use custom Application Insights metrics. You set minimum and maximum instance counts as hard boundaries.
VMSS now supports predictive autoscale, which uses machine learning to forecast CPU demand and pre-scale capacity before load arrives, not after. Available in the Scaling tab after creating the scale set.
🌐 Azure App Service
Azure App Service is a fully managed PaaS for hosting HTTP-based applications: web apps, REST APIs, and mobile backends. Microsoft manages OS patches, load balancing, and autoscaling. You manage the code.
Supported runtimes include .NET, .NET Core, Java, Node.js, Python, PHP, and Ruby. You can also bring your own Docker container when you need a custom runtime or OS-level dependencies. Every app gets a free hostname:
App Service Plans
An App Service Plan is the billing and compute unit. All apps sharing a plan share the same underlying VM instances.
Only ASE v3 (Isolated v2 plan) is supported today. If you are on v1 or v2, migrate immediately.
Migrate to Premium v3 or v4 for better performance and pricing. The P0v3 SKU offers the best price-to-performance entry point.
Deployment Slots
Deployment Slots let you run separate environments (staging, QA, production) under the same App Service app, each with its own hostname. A one-click swap promotes staging to production with zero downtime. The swap is reversible. Available from Standard tier upward.
Point App Service at an OpenAPI 3.x specification (JSON or YAML) and it automatically exposes each operation as a Model Context Protocol (MCP) tool, served at /mcp by default. No MCP code to write. Any MCP-compatible AI client discovers and calls your existing REST API as agent tools. Available on Basic tier and above; Not supported on Free, Shared, or Consumption plans.
⚡ Azure Functions
Azure Functions is Azure’s event-driven, serverless compute service. You write code; Azure runs it in response to a trigger. You pay only for the time the function executes.
Functions supports C#, Java, JavaScript, TypeScript, Python, PowerShell, and Go (as of Build 2026). Triggers include HTTP, timers, queues, Service Bus, Event Hubs, Cosmos DB, Blob Storage, and more.
Hosting Plans
| Plan | Scale | Min instances | VNet | Best for |
|---|---|---|---|---|
| Consumption (Y1) | Auto, scale-to-zero | 0 | ❌ | Sporadic, bursty workloads |
| Flex Consumption 🆕 | Auto, scale-to-zero | 0 | ✅ | Modern serverless (preferred) |
| Premium (EP1–EP3) | Auto, always-warm | 1+ | ✅ | Low-latency, VNet-integrated |
| Dedicated (App Service) | Manual / auto | Per plan | ✅ | Predictable load, existing plans |
It adds VNet integration, faster cold starts, per-second billing, TLS/SSL certificate support, and zero-downtime rolling updates (GA as of Build 2026). The Linux Consumption plan is not receiving new features or language versions and retires 30 September 2028.
Durable Functions
Durable Functions extends the serverless model with stateful orchestration: chaining, fan-out/fan-in, human-in-the-loop approvals, and long-running workflows. The Durable Task Scheduler underpins Microsoft Copilot’s own orchestration layer.
Functions can now host AI agents defined in .agent.md markdown files. Declare the agent’s instructions, tools, and triggers in one readable document. Any trigger can spawn the agent: HTTP, timer, Service Bus, Cosmos DB, Teams message, or Outlook mail. the agent. The runtime runs on Flex Consumption, so there is zero cost between runs.
The Azure Functions MCP extension is generally available across .NET, Java, Python, TypeScript, and JavaScript. Full MCP server support: tool, resource, and prompt triggers. Built-in OBO (On-Behalf-Of) authentication means MCP servers hosted on Functions delegate the caller’s identity to downstream services automatically. One-click MCP auth setup is now available in the Azure portal.
Go is now a first-class language on the Flex Consumption plan. HTTP handlers are plain http.HandlerFunc; non-HTTP triggers take a typed payload and a context. Standard Go module layout.
az functionapp create \
--resource-group my-rg \
--name my-func-app \
--storage-account mystorage \
--flexconsumption-location "East US" \
--runtime python \
--runtime-version 3.12📄 Flex Consumption plan
📦 Azure Container Instances (ACI)
Azure Container Instances is the fastest way to run a container in Azure. There is no VM to provision and no cluster to manage. A container starts in seconds and bills per second.
ACI is best for isolated, short-lived tasks: build jobs, one-off scripts, background processing, and simple apps that do not need orchestration. For long-running microservices or anything needing autoscaling across multiple replicas, use Azure Container Apps or AKS instead.
Container Groups
A Container Group is the unit of deployment in ACI, equivalent to a Kubernetes pod. Containers in a group share the same host, IP address, and storage volumes. Multi-container groups are Linux-only.
| Property | Value |
|---|---|
| Startup time | Seconds (vs minutes for a VM) |
| Billing unit | Per second, per vCPU and GB of RAM |
| OS support | Linux and Windows containers |
| Max vCPU per container | 4 vCPU |
| Max RAM per container | 16 GB |
| Persistent storage | Azure Files (SMB mount) |
| Public DNS | |
Restart Policies
| Policy | Behaviour | Use |
|---|---|---|
| Always (default) | Restarts on any exit | Web servers, long-running services |
| Never | Runs once, then stops | One-time jobs, batch tasks |
| OnFailure | Restarts only on non-zero exit | Scripts that may fail transiently |
☸️ Azure Kubernetes Service (AKS)
Azure Kubernetes Service is Kubernetes-as-a-service. Microsoft manages the control plane (API server, etcd, scheduler) at no extra charge. You manage worker nodes, workloads, and cluster configuration.
AKS is the right choice when you need full Kubernetes: custom resource definitions, a Helm chart ecosystem, GPU node pools, multi-tenant isolation, or compliance requirements that demand cluster-level control.
AKS Automatic vs AKS Standard
| AKS Automatic | AKS Standard | |
|---|---|---|
| Target | Developer-first, less operational overhead | Full control for platform teams |
| Node management | Fully managed by Azure | You manage node pools |
| Networking | Opinionated defaults (Azure CNI Overlay) | You choose the network model |
| Scaling | Node Autoprovision built-in | KEDA + Cluster Autoscaler |
| Best for | Teams that want Kubernetes without the ops burden | Platform teams running production at scale |
System node pools in AKS Automatic are now fully managed. Azure handles capacity planning, patching, and scaling of the nodes running Kubernetes core components. System components no longer compete with application workloads for resources. This matters especially for GPU-backed nodes.
Azure Kubernetes Fleet Manager now extends beyond Azure to Arc-enabled clusters. Apply updates, enforce policies, and place workloads across on-premises and multi-cloud Kubernetes clusters from a single control plane.
Managed Ray on AKS. Coordinate distributed AI training and inference across hundreds of GPU nodes without managing Ray infrastructure manually. Kubernetes handles cluster scheduling. Ray coordinates distributed execution within the workload.
Microsoft’s purpose-built, minimal container OS is now generally available on AKS node pools. Reduced attack surface, faster boot, smaller image footprint.
🐳 Azure Container Apps (ACA)
Azure Container Apps is a fully managed serverless container platform built on Kubernetes and KEDA. You deploy container images; Azure handles the cluster, networking, scaling, and observability. No kubectl. No node pool sizing.
ACA sits between App Service (opinionated PaaS) and AKS (full Kubernetes). It is the right choice for microservices, background jobs, and event-driven APIs that need auto-scaling to zero but do not need full cluster control. Microsoft Foundry Agent Service is built directly on ACA.
Key Concepts
| Concept | What it does |
|---|---|
| Environment | Shared boundary for apps: common networking, logging, and Dapr config |
| Container App | Deployable unit: one or more container replicas with ingress and scale rules |
| Revision | Immutable snapshot of a container app’s configuration (enables canary deployments) |
| Job | Container that runs to completion on a schedule or triggered by an event |
| Dapr | Optional sidecar for service-to-service calls, pub/sub, and state management |
ACA scales based on KEDA (Kubernetes-based Event Driven Autoscaling). Triggers include HTTP request count, queue depth, CPU, memory, cron schedules, and 60+ custom KEDA scalers. Scale to zero is on by default.
Ephemeral, strongly isolated compute environments with suspend/resume and snapshot capabilities. Purpose-built for AI agents that need to execute untrusted or LLM-generated code: no state persists between sessions, tenant isolation is enforced at the hardware level. No extra charge for the confidential compute workload profile.
Skip environment provisioning entirely. Deploy a container image directly to a public HTTPS endpoint with sub-second cold starts and per-second billing. Built on ACA Sandboxes. Purpose-built for HTTP-first apps, MCP servers, and agent endpoints. Feature parity with standard ACA environments is incomplete today. Check the roadmap before using for production workloads with Dapr, custom KEDA scalers, or private networking.
🔁 Azure Batch
Azure Batch is a managed job scheduling service for large-scale parallel and HPC workloads. It provisions a pool of VMs, distributes tasks across them, and can tear down the pool when the work completes.
Batch is the right choice for workloads that are naturally parallel: rendering, simulations, data transformation, and genomics pipelines. It is not a web or API hosting platform.
| Concept | What it does |
|---|---|
| Pool | A set of compute nodes (VMs) that execute tasks |
| Job | Logical container for a collection of related tasks |
| Task | A single command or script run on a node |
| Auto Pool | Pool created and deleted automatically per job |
Batch integrates directly with Azure Storage for input and output data. Spot VMs are supported on pool nodes and are typically 80–90% cheaper than on-demand. Tasks requeue automatically on eviction.
Several older Batch node agent SKUs and VM families are being retired. Review your pool configurations and migrate affected pools to supported SKUs. Check the Batch node agent release notes for the current supported list.
🖥️ Azure Virtual Desktop
Azure Virtual Desktop (AVD) is a cloud-hosted desktop and application virtualisation service. It delivers a full Windows 11 or Windows 10 desktop to any device over the network. Individual applications can be published via RemoteApp
AVD replaces on-premises Remote Desktop Services (RDS). Microsoft manages the control plane; you manage the session host VMs and the images. Multi-session Windows reduces the number of VMs needed for knowledge workers, cutting infrastructure cost.
| Scenario | AVD option |
|---|---|
| Full Windows desktop for remote workers | Full desktop session pool |
| Single legacy app published to browsers | RemoteApp |
| Regulated industry requiring dedicated VMs | Personal host pools |
| Cost-efficient shared sessions for knowledge workers | Pooled host pools (multi-session Windows) |
🆕 Post-Build 2026: What Changed
Microsoft Build 2026 (June 2026) brought more compute announcements than any recent Build. The table below maps every service in this article to its current status.
| Service | Announcement | Status |
|---|---|---|
| Azure Cobalt 200 VMs | 50% perf gain over Cobalt 100, 128 vCPU, Arm Neoverse V3, 3nm TSMC | Early Access Preview |
| Azure Lasv5 / Laosv5 VMs | AMD EPYC Turin-based storage-optimised VMs | Preview |
| AKS: Managed System Node Pools | Automatic management of system pools in AKS Automatic | GA |
| AKS: Fleet Manager for Arc | Multi-cluster governance: on-prem and Azure from one plane | GA |
| AKS: Azure Container Linux | Purpose-built minimal OS for AKS node pools | GA |
| AKS: Anyscale (managed Ray) | Distributed AI training on AKS without managing Ray infra | Public Preview |
| ACA: Sandboxes | Ephemeral isolated compute for agent code execution | Public Preview |
| ACA: Express | Zero-env container deployment, sub-second cold start | Public Preview |
| ACA: Defender for Cloud posture | Serverless Containers Posture integration | GA |
| App Service: Built-in MCP | REST API → MCP server via OpenAPI spec, no code | Public Preview |
| App Service: AI-assisted IIS Migration | AI-assisted migration workflow for legacy IIS apps with OS-level dependencies | Public Preview |
| Functions: Serverless Agents Runtime | .agent.md model, 1,400+ connectors, MCP, ACA sessions | Public Preview |
| Functions: MCP Extension | Full MCP server support, OBO auth, multi-language | GA |
| Functions: Rolling Updates on Flex | Zero-downtime deployments on Flex Consumption | GA |
| Functions: Go support | First-class language on Flex Consumption | Public Preview |
| Functions: Linux Consumption | No new features or language versions added; retires 30 Sep 2028 | ⚠️ Retiring 30 Sep 2028 |
| Azure Batch: Legacy SKUs | Older node agent SKUs and VM families | ⚠️ Retiring |
| Infrastructure Resiliency Manager | AI-assisted zone-resiliency advisor in the Azure Portal | Public Preview |
📋 Quick Reference
| Scenario / When to use it | Right tool / Service |
|---|---|
| Full control over OS, need to install custom software or drivers | Azure Virtual Machines |
| Auto-scale a group of identical VMs horizontally | VM Scale Sets (VMSS) |
| Run a web app in .NET, Node.js, Python without managing servers | Azure App Service |
| Expose an existing REST API to AI agents as MCP tools, no code | App Service built-in MCP (Preview) |
| Use AI-assisted migration for a legacy IIS app with COM or OS-level dependencies | App Service AI-assisted IIS Migration (Preview) |
| Run event-triggered code at micro-billing with scale-to-zero | Azure Functions (Flex Consumption) |
| Build an AI agent with event triggers and 1,400+ SaaS connectors | Functions Serverless Agents Runtime (Preview) |
| Expose business logic as a secure MCP server with identity delegation | Azure Functions MCP Extension (GA) |
| Run a single container quickly without any infrastructure | Azure Container Instances (ACI) |
| Run a multi-container microservice app with auto-scaling and Dapr | Azure Container Apps (ACA) |
| Deploy a container image to a public URL in seconds, zero env setup | ACA Express (Preview) |
| Run agent code execution in isolated, ephemeral sandboxes | ACA Sandboxes (Preview) |
| Production microservices platform with full Kubernetes control | Azure Kubernetes Service (AKS) Standard |
| Kubernetes without the ops overhead, for developer teams | AKS Automatic |
| Coordinate distributed AI training across hundreds of GPU nodes | Anyscale on Azure on AKS (Preview) |
| Run large-scale parallel batch processing (rendering, simulations) | Azure Batch |
| Deliver Windows desktops or apps remotely to any device | Azure Virtual Desktop (AVD) |
| Power-efficient Linux scale-out, agentic AI workloads | Azure Cobalt 100 VMs (GA) / Cobalt 200 (Preview) |
| Maximise VM savings on steady-state committed workloads | Reserved Instances + Azure Hybrid Benefit |
| Run fault-tolerant batch tasks cheaply with automatic requeue | Spot VMs |
