AKS

Azure Kubernetes Service

Stars
2K
Committers
76
View Code on GitHub Visit Website View on X
Ecosystems: Azure

Bot releases are hidden (Show)

AKS - Release 2023-10-01

Published by stl327 about 1 year ago

Release 2023-10-01

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • No new clusters can be created with Azure AD Integration (legacy). Existing AKS clusters with Azure Active Directory integration will keep working. All Azure AD Integration (legacy) AKS clusters will be migrated to AKS-managed Azure AD automatically starting from 1st Dec. 2023. We recommend updating your cluster with AKS-managed Azure AD before 1 Dec 2023. This way you can manage the API server downtime during non-business hours.

Release notes

  • Features

  • Bug Fixes

    • Fix for some events during an upgrade such as "Deleting node" not appearing in kubectl get events.
    • Fix for metricDefinitions operation not exposed in Azure China.
    • Fix for Cluster Autoscaler condition where nodes that VPA pods are scheduled to could not be evicted.

  • Behavioral Changes

    • The pod CPU request from ama-metrics daemonsets will be reduced in Windows from 500m to 150m and in Linux from 75m to 50m.
    • AKS will now validate, and block if necessary, service CIDRs placed in public and multicast IP address ranges.
    • If the ama-logs add-on is enabled, host port 28330 will be mounted to the ama-logs daemonset in order to facilitate syslog collection.
    • To reduce vertical pod autoscaling (VPA) out of memory (OOM) errors, the vpa-recommender CPU limit will increase to 1000m, memory limit to 2000Mi, and memory request to 800Mi from 200m, 1000m, and 500Mi respectively.
    • The default max surge value during upgrades will be changed from 1 to 10% for AKS 1.28+ on new clusters to improve upgrade latency.

  • Component Updates

    • Linux Network Policy Manager (NPM) version has been rebuilt to v1.4.45.2, containing patches for Ubuntu CVEs.
    • ip-masq-agent-v2 onboarded to semantic versioning and has been updated to v0.1.8.
    • Upgraded Azure File CSI driver to v1.24.10 on AKS 1.25, v1.26.8 on AKS 1.26, and v1.28.5 on AKS 1.27.
    • Blob CSI driver upgraded to v1.22.2 on AKS 1.27+ to support AZNFS mount helper.
AKS - Release 2023-09-24

Published by qpetraroia about 1 year ago

Azure Kubernetes Service Changelog

Release 2023-09-24

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • No new clusters can be created with Azure AD Integration (legacy). Existing AKS clusters with Azure Active Directory integration will keep working. All Azure AD Integration (legacy) AKS clusters will be migrated to AKS-managed Azure AD automatically starting from 1st Dec. 2023. We recommend updating your cluster with AKS-managed Azure AD before 1 Dec 2023. This way you can manage the API server downtime during non-business hours.

Release notes

  • Behavioral changes

  • Preview Features

    • Image Integrity allows you to sign container images via a process that ensures their authenticity and integrity.

  • Bug Fixes

    • Fix for the Private Link Service (PLS) creation failure that can occur if the customer selects a subnet name or PLS name that is too long.

  • Component Updates

    • Microsoft Defender Publisher container (part of defender for containers solution) image version has been updated to 1.0.67 from 1.0.64 which improves memory utilizaiton to reduce pod restarts due to OOMKills
    • Cilium version has been updated to 1.13.5 for AKS clusters with kubernetes versions 1.28 or greater
    • Azure File CSI driver updated to version v1.24.9 for clusters with kubernetes version 1.25, v1.26.7 for clusters with kubernetes version 1.26 and v.1.28.4 for clusters with kubernetes version 1.27
    • Hotfix: There were 3 CVE's in the upstream Kubernetes related to insufficient input sanitiztion which leads to privilege escalation. AKS Patched the AKS cluster nodes for clusters version 1.24.9, 1.24.10, 1.24.15, 1.25.5, 1.25.6, 1.25.11, 1.26.0, 1.26.3, 1.26.6, 1.27.3. CVE links - CVE-2023-3676, CVE-2023-3955, and CVE-2023-3893. Update your AKS cluster's node images if the cluster does not have node OS auto-upgrade feature enabled.
AKS - Release 2023-09-17

Published by AllenWen-at-Azure about 1 year ago

Release 2023-09-17

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • No new clusters can be created with Azure AD Integration (legacy). Existing AKS clusters with Azure Active Directory integration will keep working. All Azure AD Integration (legacy) AKS clusters will be migrated to AKS-managed Azure AD automatically starting from 1st Dec. 2023. We recommend updating your cluster with AKS-managed Azure AD before 1 Dec 2023. This way you can manage the API server downtime during non-business hours.

Release notes

  • Behavioral changes

    • After you set the node OS auto-upgrade channel to "None", AKS doesn't automatically reimage nodes in your node pools. But when you set the node OS auto-upgrade channel to "Unmanaged", AKS will reimage all nodes in your node pools.

  • Features

    • HTTP Proxy can now be updated post clusters creation.

  • Component Updates

AKS - Release 2023-09-10

Published by justindavies about 1 year ago

Release 2023-09-10

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • No new clusters can be created with Azure AD Integration (legacy). Existing AKS clusters with Azure Active Directory integration will keep working. All Azure AD Integration (legacy) AKS clusters will be migrated to AKS-managed Azure AD automatically starting from 1st Dec. 2023. We recommend updating your cluster with AKS-managed Azure AD before 1 Dec 2023. This way you can manage the API server downtime during non-business hours.

Release notes

  • Behavioral changes

    • Update admissions enforcer to ignore "kubernetes.azure.com/managedby" and "control-plane" namespaces to fix this issue.
    • "kubernetes.azure.com/managedby" label added to aks managed namespaces (kube-system, gatekeeper-system, tigera-system, calico-system)
    • Stopped nodepools will be upgraded during an Auto Upgrade operation. The upgrade will apply to nodes when the nodepool is started.
    • Added priorityClassName system-node-critical property to all KEDA add-on pods to fix this issue.
    • We will now check that your cluster has less than 400 nodes when an upgrade operation is requested and using Kubenet (400 being the node limit for Kubenet).

  • Bug Fixes

    • Enable HonorPVReclaimPolicy for Azure Disk CSI driver 1.28, fixing an issue where in some Bound Persistent Volume (PV) – Persistent Volume Claim (PVC) pairs, the ordering of PV-PVC deletion determines whether the PV delete reclaim policy is honored.

  • Component Updates

AKS - Release 2023-09-03

Published by kaarthis about 1 year ago

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • Asia East has now been changed to the 2nd release region. New release changes will reach to Asia East after US West Central, and before UK South. Follow this via AKS-Release-Tracker.
  • No new clusters can be created with Azure AD Integration (legacy). Existing AKS clusters with Azure Active Directory integration will keep working. All Azure AD Integration (legacy) AKS clusters will be migrated to AKS-managed Azure AD automatically starting from 1st Dec. 2023. We recommend updating your cluster with AKS-managed Azure AD before 1 Dec 2023. This way you can manage the API server downtime during non-business hours.
  • To avoid disruptions stemming from unmanaged Canonical nightly security updates, AKS will disable unmanaged Canonical nightly updates by 2 September 2023, on clusters that haven’t specified an update option explicitly, mapping to the option None in the node OS upgrade channel feature. AKS strongly recommends proactively moving to auto-upgrade node-image or node OS upgrade channel - SecurityPatch or NodeImage options; you can set maintenance windows for these channels.

Release notes

  • Preview Features
    • AKS 1.28 version is now available in preview.
    • Now customers can disable OutboundNAT for Windows nodes as long as the cluster's outbound type is not Load Balancer. This change enables customers to disable OutboundNAT in conjunction with User Defined Routes (UDR) and Azure firewall. Before the modification, customers could only disable OutboundNAT for Windows nodes when the cluster's outbound type was NAT Gateway.
  • Features
  • Behavioral changes
    • The taint added by AKS node auto repair will change from remediator.aks.microsoft.com/unschedulable to remediator.kubernetes.azure.com/unschedulable.
    • After you update SSH key, AKS doesn't automatically reimage your node pool, you can choose anytime to perform the reimage operation . Only after reimage is complete, does the update SSH key operation take effect.
  • Component Updates
AKS - Release 2023-08-27

Published by qpetraroia about 1 year ago

Release 2023-08-27

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • No new clusters can be created with Azure AD Integration (legacy). Existing AKS clusters with Azure Active Directory integration will keep working. All Azure AD Integration (legacy) AKS clusters will be migrated to AKS-managed Azure AD automatically starting from 1st Dec. 2023. We recommend updating your cluster with AKS-managed Azure AD before 1 Dec 2023. This way you can manage the API server downtime during non-business hours.
  • Please review the following CVEs that impact all Windows node pools in AKS clusters - CVE-2023-3676, CVE-2023-3955, and CVE-2023-3893. Please update your Windows nodes to the VHD version 230809 as mentioned in these issues.
  • To avoid disruptions stemming from unmanaged Canonical nightly security updates, AKS will disable unmanaged Canonical nightly updates by 2 September 2023
    on clusters that haven’t specified an update option explicitly, mapping to the option None in the node OS upgrade channel feature. AKS strongly recommends proactively moving to auto-upgrade node-image or node OS upgrade channel - Security Patch; you can set maintenance windows for these channels.

Release notes

  • Behavioral changes

    • Previously AKS returned only 1 random node's failure even if multiple nodes had drain failures, in the error response. Now all the node drain failures are appended to the error response and returned for easier troubleshooting.

  • Bug Fixes

    • Customers using Azure Monitor Managed Prometheus Service for AKS Clusters may have experienced issues with metrics add-on being disabled, missing metrics and alerts, in case both Container Insights log and Managed Prometheus are enabled on the clusters. These hotfixes fix that issue.
    • A bug was fixed that prevented clusters using Azure CNI Powered by Cilium from starting after being stopped.

  • Component Updates

AKS - Release 2023-08-20

Published by shashankbarsin about 1 year ago

Release 2023-08-20

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • No new clusters can be created with Azure AD Integration (legacy). Existing AKS clusters with Azure Active Directory integration will keep working. All Azure AD Integration (legacy) AKS clusters will be migrated to AKS-managed Azure AD automatically starting from 1st Dec. 2023. We recommend updating your cluster with AKS-managed Azure AD before 1 Dec 2023. This way you can manage the API server downtime during non-business hours.
  • Please review the following CVEs that impact all Windows node pools in AKS clusters - CVE-2023-3676, CVE-2023-3955, and CVE-2023-3893. Please update your Windows nodes to the VHD version 230809 as mentioned in these issues.
  • To avoid disruptions stemming from unmanaged Canonical nightly security updates, AKS will disable unmanaged Canonical nightly updates by 2 September 2023
    on clusters that haven’t specified an update option explicitly, mapping to the option None in the node OS upgrade channel feature. AKS strongly recommends proactively moving to auto-upgrade node-image or node OS upgrade channel - SecurityPatch; you can set maintenance windows for these channels.

Release notes

  • Features

    • Image Cleaner is now generally available.
    • Planned maintenance is now generally available.
    • Azure AD workload identity with AKS has been made available in the following regions - eastus, australiacentral, australiaeast, brazilsouth, canadacentral, centralindia, eastasia, eastus2, francecentral, germanywestcentral, japaneast, jioindiawest, koreacentral, northcentralus, northeurope, norwayeast, qatarcentral, southafricanorth, swedencentral, switzerlandnorth, uaenorth, ukwest, westus2.
    • networkPolicy to 'none' (no network policy engine is installed) as a default value if unspecified when creating a cluster. Setting networkPolicy to 'none' is blocked for API versions prior to 2023-09-02-preview.

  • Behavioral changes

    • Microsoft.ContainerService/locations/{location}/kubernetesVersions operation will now return isDefault: true on default version.

  • Component Updates

AKS - Release 2023-08-13

Published by CocoWang-wql about 1 year ago

Release 2023-08-13

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • No new clusters can be created with Azure AD Integration (legacy). Existing AKS clusters with Azure Active Directory integration will keep working. All Azure AD Integration (legacy) AKS clusters will be migrated to AKS-managed Azure AD automatically starting from 1st Dec. 2023. We recommend updating your cluster with AKS-managed Azure AD before 1 Dec 2023. This way you can manage the API server downtime during non-business hours.

Release notes

AKS - Release 2023-08-06

Published by allyford about 1 year ago

Release 2023-08-06

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • New v1.27+ AKS clusters will have KMS v2 configured by default when KMS is enabled. Customers with clusters on v1.26 and below with KMS enabled will not be able to upgrade to v1.27. To upgrade, follow the steps outlined in this documentation for migrating from KMS v1 to v2, and then proceed with upgrading the cluster to version v1.27.
  • The pod security policy feature was deprecated on 1st August 2023 and removed since AKS version 1.25. We recommend you migrate to pod security admission controller or Azure Policy to stay within Azure support.

Release notes

  • Preview Features

    • Network Observability add-on plugin is a new public preview feature that will scrape useful metrics from Kubernetes workloads and emit actionable networking observability data into industry standard Prometheus format, which can then be visualized in Grafana.

  • Behavioral changes

  • Bug Fixes

    • Fixed a bug where the addon-token-adapter may get a staled long connection to apiserver causing network connection errors.
    • Added validation to check if pobSubnet is associated with NAT Gateway when cluster outbound type is userAssignedNATGateway and pobSubnet in agentpoolProfile is not empty.
    • Azure CNS will write the CNI conflict on the VM only after the networking goal state has been programmed for that VM. This means that Nodes will stay in a NotReady state with status "network plugin not initialized" until after DNC has created the NC and the Azure host has programmed it.

  • Component Updates

    • Windows CNS updated to v1.4.44.4
    • Envoy Proxy (part of OSM and Istio) has been updated to 1.26.4 to fix CVE-2023-35941 and CVE-2023-35944.
    • OMSAgent for Azure monitor updated to 3.1.11
    • Cluster Autoscaler images are releasing new versions for 1.25.x, 1.26.x, 1.27.x.
    • Azure File CSI Driver has been updated to v1.28.1 on AKS 1.27.
    • Updated wasm containerd shims to v0.8.0, and added wasm worker server shim.
    • Cloud provider Azure versions are bumped to v1.25.17, v1.26.13, v1.27.7 for the corresponding patch versions with the following changes: Health probe port can be any port assigned by customer, Increase limit for TCP Idle Timeout to 100 minutes, Virtual node will always exists.
    • Azure Monitor Metrics addon image updated in 07-28-2023 release
    • AKS Ubuntu 18.04 image has been updated to AKSUbuntu-1804-202308.01.0.
    • AKS Ubuntu 22.04 image has been updated to AKSUbuntu-2204-202308.01.0.
    • Azure Linux image has been updated to AzureLinux-202308.01.0.
AKS - Release 2023-07-30

Published by qpetraroia about 1 year ago

Release 2023-07-30

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • Windows 2019 will be retired in Kubernetes v1.33 and above (ETA March 2026). Customers should upgrade to Windows 2022.
  • For AKS clusters built at version v1.27+ and enable KMS, KMS v2 is configured by default. However, for clusters with KMS enabled at versions below v1.27, upgrading to v1.27 will be blocked. To upgrade, follow the steps outlined in this documentation for migrating from KMS v1 to v2, and then proceed with upgrading the cluster to version v1.27.
  • The pod security policy feature was deprecated on 1st August 2023 and removed since AKS version 1.25. We recommend you migrate to pod security admission controller or Azure Policy to stay within Azure support.

Release notes

  • Features

  • Behavioral changes

    • Kubernetes version 1.24 is now deprecated.
    • During Outbound Type Migration, Public IPs are released when it doesn't meet Outbound IP goal.
    • During Outbound Type Migration, NAT Gateway Profile is set to 1 when Outbound Type is set to something other than Managed NAT Gateway.

  • Component Updates

    • AKS Ubuntu 18.04 image has been updated to AKSUbuntu-1804-202307.27.0.
    • AKS Ubuntu 22.04 image has been updated to AKSUbuntu-2204-202307.27.0.
    • Azure Linux image has been updated to AzureLinux-202307.27.0.
    • Istio-based service mesh add-on's istiod and ingress images updated to v1.17.5. User needs to restart the workload pods to trigger re-injection of the newer patch version of istio-proxy. More information can be found here.
    • Updated Windows Azure CNI to v1.5.6.
    • Updated microsoft-defender-pod-collector image to 1.0.73.
AKS - Release 2023-07-23

Published by miwithro about 1 year ago

Azure Kubernetes Service Changelog

Release 2023-07-23

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • Windows 2019 will be retired in Kubernetes v1.33 and above (ETA March 2026). Customers should upgrade to Windows 2022.
  • Kubernetes 1.24 is being deprecated end of July 2023 and support will transition to our platform support policy.
  • Starting Kubernetes 1.25, the default cgroups implementation on AKS nodes will be cgroupsv2. Older versions of Java, .NET and NodeJS do not support memory querying v2 memory constraints and this will lead to out of memory (OOM) issues for workloads. Please test your applications for cgroupsv2 compliance, and read the [FAQ][https://learn.microsoft.com/troubleshoot/azure/azure-kubernetes/aks-increased-memory-usage-cgroup-v2] for cgroupsv2.
  • A known issue in Kubernetes version 1.24 is causing name resolution failures in Windows pods. Customers experiencing this issue should upgrade their cluster to Kubernetes version 1.25.
  • CVE-2023-35945 has been found in Envoy Proxy (part of OSM and Istio). We are rolling out a fix to all affected customers, please follow the instructions to monitor the rollout and restart your proxies.
  • For AKS clusters built at version v1.27+ and enable KMS, KMS v2 is configured by default. However, for clusters with KMS enabled at versions below v1.27, upgrading to v1.27 will be blocked. To upgrade, follow the steps outlined in this documentation for migrating from KMS v1 to v2, and then proceed with upgrading the cluster to version v1.27.

Release notes

  • Features

    • New K8s patch versions
      • Removed 1.24.9, added 1.24.15.
      • Removed 1.25.5, added 1.25.11.
      • Removed 1.26.0, added 1.26.6.
      • Added 1.27.3(preview).

  • Behavioral changes

    • CNI V2 maxpods increased from 16 to 60 for clusters with more than 1000 nodes and to 40 for clusters with less than 1000 nodes.

  • Bug Fixes

    • Fixed a bug that custom kubelet identity was not working on VMAS clusters.

  • Component Updates

AKS - 2023-07-16

Published by justindavies over 1 year ago

Release 2023-07-16

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • Windows 2019 will be retired in Kubernetes v1.33 and above (ETA March 2026). Customers should upgrade to Windows 2022.
  • Kubernetes 1.24 is being deprecated end of July 2023 and support will transition to our platform support policy.
  • Starting Kubernetes 1.25, the default cgroups implementation on AKS nodes will be cgroupsv2. Older versions of Java, .NET and NodeJS do not support memory querying v2 memory constraints and this will lead to out of memory (OOM) issues for workloads. Please test your applications for cgroupsv2 compliance, and read the [FAQ][https://learn.microsoft.com/en-us/troubleshoot/azure/azure-kubernetes/aks-increased-memory-usage-cgroup-v2] for cgroupsv2.
  • A known issue in Kubernetes version 1.24 is causing name resolution failures in Windows pods. Customers experiencing this issue should upgrade their cluster to Kubernetes version 1.25.
  • A CVE has been found in Envoy Proxy (part of OSM and Istio). We are rolling out a fix to all affected customers, please follow the instructions to monitor the rollout and restart your proxies.

Release notes

AKS - Release 2023-07-09

Published by qpetraroia over 1 year ago

Azure Kubernetes Service Changelog

Release 2023-07-09

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • Windows 2019 will be retired in Kubernetes v1.33 and above (ETA March 2026). Customers should upgrade to Windows 2022.
  • Kubernetes 1.24 is being deprecated end of July 2023 and support will transition to our platform support policy.
  • Starting Kubernetes 1.25, the default cgroups implementation on AKS nodes will be cgroupsv2. Older versions of Java, .NET and NodeJS do not support memory querying v2 memory constraints and this will lead to out of memory (OOM) issues for workloads. Please test your applications for cgroupsv2 compliance.
  • A known issue in Kubernetes version 1.24 is causing name resolution failures in Windows pods. Customers experiencing this issue should upgrade their cluster to Kubernetes version 1.25.

Release notes

  • Bug Fixes

    • A node restriction bug has been fixed that caused issues with Windows Server container pods while using inline volume for 1.24+ clusters.

  • Component Updates

AKS - Release 2023-07-02

Published by sabbour over 1 year ago

Release 2023-07-02

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • Windows 2019 will be retired in Kubernetes v1.33 and above (ETA March 2026). Customers should upgrade to Windows 2022.
  • Kubernetes 1.24 is being deprecated end of July 2023 and support will transition to our platform support policy.
  • Starting Kubernetes 1.25, the default cgroups implementation on AKS nodes will be cgroupsv2. Older versions of Java, .NET and NodeJS do not support memory querying v2 memory constraints and this will lead to out of memory (OOM) issues for workloads. Please test your applications for cgroupsv2 compliance.
  • A known issue in Kubernetes version 1.24 is causing name resolution failures in Windows pods. Customers experiencing this issue should upgrade their cluster to Kubernetes version 1.25.

Release notes

  • Preview Features

  • Behavior Changes

    • The default OS disk type for non-ephemeral OS disks is now Standard SSD.

  • Bug Fixes

    • Disabled auto mounting of service account token for ip-masq-agent.
    • Fixed an issue that can incorrectly override the custom certificate authority trust on a nodepool update.

  • Component Updates

AKS - Release 2023-06-25

Published by justindavies over 1 year ago

Release 2023-06-25

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • Kubernetes 1.24 is the last version of Kubernetes supported by AKS Engine. Kubernetes 1.24 goes end-of-life in July, at which point Upstream will stop releasing patches for AKS Engine and archive the project. Please consider using Azure Kubernetes Service (AKS) for managed Kubernetes or Cluster API Provider Azure for self-managed Kubernetes.
  • Because of Ubuntu 22.04 FIPS certification status, we'll switch AKS FIPS nodes from 18.04 to 20.04 from 1.27 preview onwards.
  • After May 31, 2023, Ubuntu 18.04 will reach end of life. AKS will continue to update the host OS from Canonical into the Kubernetes 1.24 VHD images. Customers will not receive daily security updates from Canonical past the end of May, but will be able to consume those through a node image update only.
  • Windows 2019 will be retired in Kubernetes v1.33 and above (ETA March 2026). Customers should upgrade to Windows 2022.
  • Kubernetes 1.24 is being deprecated end of July 2023. From Kubernetes 1.25 the default cgroups implementation on AKS nodes will be cgroupsv2. Older versions of Java, .NET and NodeJS do not support memory querying v2 memory constraints and this will lead to out of memory (OOM) issues for workloads. Please test your applications for cgroupsv2 compliance.

Release notes

  • Behavior Changes

    • Added node anti affinity for Cilium and Azure Linux so that Network Observability extension does not run on these environments that are not supported.
    • Cluster create check that the size of Kubenet based clusters will not exceed 400 nodes (Kubenet on Azure limit)

  • Bug Fixes

  • Component Updates

AKS - Release 2023-06-18

Published by shashankbarsin over 1 year ago

Release 2023-06-18

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • Kubernetes 1.24 is the last version of Kubernetes supported by AKS Engine. Kubernetes 1.24 goes end-of-life in July, at which point Upstream will stop releasing patches for AKS Engine and archive the project. Please consider using Azure Kubernetes Service (AKS) for managed Kubernetes or Cluster API Provider Azure for self-managed Kubernetes.
  • Because of Ubuntu 22.04 FIPS certification status, we'll switch AKS FIPS nodes from 18.04 to 20.04 from 1.27 preview onwards.
  • After May 31, 2023, Ubuntu 18.04 will reach end of life. AKS will continue to update the host OS from Canonical into the Kubernetes 1.24 VHD images. Customers will not receive daily security updates from Canonical past the end of May, but will be able to consume those through a node image update only.
  • Windows2019 will be retired in Kubernetes v1.33 and above (ETA March 2026). Customers should upgrade to Windows2022.
  • Kubernetes 1.24 is being deprecated end of July. From Kubernetes 1.25 the default cgroups implementation on AKS nodes will be cgroupsv2. Older versions of Java, .NET and NodeJS do not support memory querying v2 memory constraints and this will lead to out of memory (OOM) issues for workloads. Please test your applications for cgroupsv2 compliance.

Release notes

  • Preview Features

  • Behavior Changes

    • Added node affinity for ebpf-dataplane=cilium to Azure CNI Powered by Cilium pod.
    • Introduced overlay-vpa-webhook-generation and overlay-vpa-cert-webhook-check jobs to cleanup and generate Vertical Pod Autoscaling secrets and webhook.
    • Change the default OS disk to Standard SSD instead of Standard HDD for VM SKUs that do not support ephemeral OS disks.
    • Starting 2023-06-02-preview API, pod CIDR is returned when network plugin is none.
    • Updated custom node configuration to change allowed value range for the following:
      • sysctls
        • netIpv4TcpkeepaliveIntvl - Previously: 10-75. New: 10-90.
        • netIpv4IpLocalPortRange - Previously: First (1024 - 60999) and Last (32768 - 65000). New: First (1024 - 60999) and Last (32768 - 65535).
        • netNetfilterNfConntrackMax - Previously: 131072 - 1048576. New: 131072 - 2097152.
        • netNetfilterNfConntrackBuckets - Previously: 65536 - 147456. New: 65536 - 524288.
      • ulimits
        • maxLockedMemory - Previously: unlimited. New: values > 0.
        • noFile - Previously: 1024. New: Values > 1024.
    • Removed unnecessary kubernetes.io/os: linux nodeSelector from Cilium daemonset in Azure CNI Powered By Cilium clusters.
    • kube-proxy-replacement-healthz-bind-address set to 0.0.0.0:10256 in cilium-config ConfigMap on Azure CNI Powered By Cilium clusters.
    • Default for node os upgrade channel updated to NodeImage in 2023-06-01 and 2023-06-02-preview APIs.
    • Registration of NodeOSUpgradeChannelPreview feature flag is only required to use SecurityPatch Channel.

  • Bug Fixes

    • Fix a bug that could cause nodepool creation to retry unnecessarily in Azure CNI enhanced subnet support clusters.
    • Increased CSI snapshot timeout to 600s to fix the azure disk cross region snapshot timeout issue.

  • Component Updates

AKS - Release 2023-06-11

Published by CocoWang-wql over 1 year ago

Release 2023-06-11

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

Release notes

AKS - Release 2023-06-04

Published by phealy over 1 year ago

Release 2023-06-04

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • Docker container runtime for Windows nodepools has been retired as of May 1, 2023. You may remain on existing deployed instances but scaling operations will fail, nodepool creation will fail, and you will be out of support. Follow the detailed steps in our documentation to upgrade to containerd. In alignment with this retirement, AKS has deleted all published windows 2019 docker images.
  • After May 31, 2023, Ubuntu 18.04 will reach end of life. AKS will continue to update the host OS from Canonical into the Kubernetes 1.24 VHD images. Customers will not receive daily security updates from Canonical past the end of May, but will be able to consume those through a node image update only.
  • Each Kubernetes version is supported for 12 months. After 12 months, the minor version will shift to platform support only. Our new platform support policy provides customers with Azure infrastructure support while the cluster is in an n-3 version (where n is the latest supported AKS GA minor version). Platform support does not include anything related to Kubernetes functionality and components, but provides customers with additional support beyond what was previously provided for unsupported versions.
  • Unattended Upgrades are disabled on Azure Linux when running on a NVIDIA GPU enabled VM sizes.
  • SecurityPatch OS Servicing channel is not supported on Azure Linux when running on NVIDIA GPU enabled VM sizes.
  • Windows2019 will be retired in Kubernetes v1.33 and above (ETA March 2026). Customers should upgrade to Windows2022.

Release notes

  • Behavior Changes

    • Automatic upgrades will now be blocked on clusters that have clients using deprecated API versions. This will be logged into the cluster's activity log. Upgrades will be retried during each upgrade interval and will succeed when usage of deprecated APIs has stopped. Clusters can also be upgraded manually with the deprecated API validation bypassed.
    • Konnectivity will now be deployed into clusters using BYOCNI or API Server VNet Integration in combination with Azure CNI Overlay.

  • Component Updates

AKS - Release 2023-05-28

Published by allyford over 1 year ago

Release 2023-05-28

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • Docker container runtime for Windows nodepools has been retired as of May 1, 2023. You may remain on existing deployed instances but scaling operations will fail, nodepool creation will fail, and you will be out of support. Follow the detailed steps in our documentation to upgrade to containerd. In alignment with this retirement, AKS has deleted all published windows 2019 docker images.  
  • After May 31, 2023, Ubuntu 18.04 will reach end of life. AKS will continue to update the host OS from Canonical into the Kubernetes 1.24 VHD images. Customers will not receive daily security updates from Canonical past the end of May, but will be able to consume those through a node image update only.
  • Each Kubernetes version is supported for 12 months. After 12 months, the minor version will shift to platform support only. Our new platform support policy provides customers with Azure infrastructure support while the cluster is in an n-3 version (where n is the latest supported AKS GA minor version). Platform support does not include anything related to Kubernetes functionality and components, but provides customers with additional support beyond what was previously provided for unsupported versions.
  • Unattended Upgrades are disabled on Azure Linux when running on a NVIDIA GPU enabled VM sizes.
  • SecurityPatch OS Servicing channel is not supported on Azure Linux when running on NVIDIA GPU enabled VM sizes.
  • Windows2019 will be retired in Kubernetes v1.33 and above (ETA March 2026). Customers should upgrade to Windows2022.

Release notes

  • Features

    • Azure Linux is now generally available as a container host OS on AKS. The Build announcement can be found here and the documentation for deploying Azure Linux can be found here.
    • FIPS image support is now enabled for Azure Linux.
    • The AKS devX extension now supports the creation of GitHub Actions.
    • Managed Prometheus is now Generally available.
    • Kubernetes Apps is now Generally available.

  • Preview Features

  • Behavior Changes

    • PodSecurityPolicy is removed in AKS clusters v1.25 and higher. Customers may not upgrade to v1.25 and above if PSP is enabled, an error will occur if attempted. PSP needs to be disabled before upgrading.
    • Added installhint to help guide users to install kubelogin if not already in their PATH. Users will see this hint when they get the user kubeconfig for their cluster in exec format and when a tool they use in conjunction with that kubeconfig chooses to display that hint.
    • Added configmap hash to cilium agent and operator annotations. The configmap hash will appear in the k8s manifests for cilium-operator and cilium-agent.
    • Improved error messages and public documentation for errors 50, 51, and 52. Now when customers encounter these errors, they should be able to resolve them by accessing the appropriate section in our troubleshooting documentation.
    • Web Application Routing now supports configuration through the Azure portal.
    • During cluster upgrade to v1.26.0 or a later version, disk PV node affinity check will cause the upgrade to fail if there are disk PVs still using deprecated labels: failure-domain.beta.kubernetes.io/zone and failure-domain.beta.kubernetes.io/region

  • Bug Fixes

    • Fixed a bug to resolve an upstream issue where the volume is not detached after the pod and PVC objects are deleted. See resolved issue here.

  • Component Updates

AKS - Release 2023-05-21

Published by olsenme over 1 year ago

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • Docker container runtime for Windows nodepools has been retired as of May 1, 2023. You may remain on existing deployed instances but scaling operations will fail, nodepool creation will fail, and you will be out of support. Follow the detailed steps in our documentation to upgrade to containerd. In alignment with this retirement, AKS has deleted all published windows 2019 docker images.  
  • After May 31, 2023, Ubuntu 18.04 will reach end of life. AKS will continue to update the host OS from Canonical into the Kubernetes 1.24 VHD images. Customers will not receive daily security updates from Canonical past the end of May, but will be able to consume those through a node image update only.
  • Each Kubernetes version is supported for 12 months. After 12 months, the minor version will shift to platform support only. Our new platform support policy provides customers with Azure infrastructure support while the cluster is in an n-3 version (where n is the latest supported AKS GA minor version). Platform support does not include anything related to Kubernetes functionality and components, but provides customers with additional support beyond what was previously provided for unsupported versions.
  • Unattended Upgrades are disabled on Mariner when running on a NVIDIA GPU enabled VM sizes.
  • SecurityPatch OS Servicing channel is not supported on Mariner when running on NVIDIA GPU enabled VM sizes.

Release notes

  • Behavior Changes

    • Added get permissions for ciliumnetworkpolicy, ciliumclusterwidenetworkpolicy,ciliumendpoint ciliumidentity, and ciliumnode api-resources to the aks-service ClusterRole to enable support workflows.
    • After a cluster has been stopped for 30 days, etcd backup storage is no longer deleted. Deletion of etcd backup now only happens when the cluster is deleted.
    • For arm clients that use the location header instead of the async-operation header, return bad request 400 if the async operation failed for a client error rather than 500 according to this spec.
    • Enable the toggle to use ForcePodDrain option in Stop MC operation to give some grace period for the pod to stop before deleting the node.

  • Bug Fixes

    • Fixed bug that will recreate IPv6 SLB backend pools if missing on dual-stack clusters.
    • Fixed bug to prevent customers from listing secrets in agent nodes.
    • Fixed a bug where disabling the Open Service Mesh add-on was leaving behind the HorizontalPodAutoscaler resources osm-controller-hpa and osm-injector-hpa

  • Component Updates

Related Projects
private-aks-cluster-terraform-devops

This sample shows how to create a private AKS cluster using Terraform and Azure DevOps

21 Sep 2021 75
AKS-Edge

Welcome to the Azure Kubernetes Service (AKS) Edge repo.

17 Nov 2022 56
azure-migrate-export

Azure Migrate Export

15 Nov 2022 11
aks-set-context

GitHub Action for setting context (retrieving Kubeconfig) before interacting with Kubernetes cluster

04 Sep 2019 47
AML-Kubernetes

AzureML customer managed k8s compute samples

03 Jun 2020 80
k8s-deploy

GitHub Action for deploying to Kubernetes clusters

04 Sep 2019 255
application-gateway-kubernetes-ingress

This is an ingress controller that can be run on Azure Kubernetes Service (AKS) to allow an Azure...

29 Aug 2018 677
Bridge-To-Kubernetes

Bridge To Kubernetes (B2K) is development tool to debug microservices, pods which redirects traff...

15 Jul 2022 205
aksArc

# Welcome to the Azure Kubernetes Service enabled by Azure Arc (AKS Arc) repo This is where the A...

27 Aug 2020 111
aks-engine-azurestack

AKS Engine: Units of Kubernetes on Azure Stack Hub!

24 Aug 2022 15
azure-webjobs-sdk

Azure WebJobs SDK

10 Jul 2014 737
azure-functions-core-tools

Command line tools for Azure Functions

04 Jan 2017 1,308
AzureStackHCI-Supportability

Welcome to the Azure Stack HCI Supportability Forum! This is where the HCI team will track troubl...

27 Mar 2024 17
sg-aks-workshop

Security + Governance Workshop

07 Oct 2019 191
AKS-Performance-and-Scale

02 Nov 2023 5