Skip to content

Releases: Azure/AKS

Release 2022-03-27

01 Apr 23:43
@palma21 palma21
2022-03-27
b55599d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release 2022-03-27

This release is rolling out to all regions - estimated time for completed roll out is 2022-04-08 for public cloud and 2022-04-11 for sovereign clouds.

Announcements

  • Upgrade your AKS Ubuntu 18.04 worker nodes to VHD version 2022.03.20 or newer to address CVE-2022-0492 and CVE-2022-23648.
  • From Kubernetes 1.23, containerd will be the default container runtime for Windows node pools. Docker support will be deprecated in Kubernetes 1.24. You are advised to test your workloads before Docker deprecation happens by following the documentation here.
  • Starting with 1.24 the default format of clusterUser credential for AAD enabled clusters will be ‘exec’, which requires kubelogin binary in the execution PATH. If you are using Azure CLI, it will prompt users to download kubelogin. There will be no behavior change for non-AAD clusters, or AAD clusters whose version is older than 1.24. Existing downloaded kubeconfig will still work. We provide an optional query parameter ‘format’ when getting clusterUser credential to overwrite the default behavior change, you can explicitly specify format to ‘azure’ to get old format kubeconfig.
  • Starting in Kubernetes 1.23 AKS Metrics server deployment will start having 2 pods instead of 1 for HA, which will increase the memory requests of the system by 54Mb.
  • Kubernetes version 1.20 will be deprecated and removed from AKS on April 7th 2022.
  • Update your AKS labels to the recommended substitutions before deprecation after the Kubernetes v1.24 release. See more information on label deprecations and how to update your labels in the Use labels in an AKS cluster documentation.
  • Node Pool Snapshot CLI experience is changing by April 6, 2022. The current nodepool snapshot commands i.e az aks snapshot will now be az aks nodepool snapshot.

Release notes

  • Preview Features
  • Features
    • Node pool Scale-down Mode is now Generally available and supports Spot Node Pools.
  • Bug Fixes
  • Behavioral changes
    • An AKS API call on the cluster after a control plane upgrade was incorrectly causing many nodepool upgrades. We have amended the
      behavior such that if you dont specify nodepools or specify some nodepools in the call, then the nodepools are not upgraded to the
      control plane version implicitly. In order to upgrade the nodepools following the control plane upgrade, an explicit kubernetes version
      upgrade in the respective nodepool(s) should be added in the request.
  • Component Updates
Assets 2
Loading

Release 2022-03-20

24 Mar 00:47
@phealy phealy
2022-03-20
86eabf7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release 2022-03-20

Release 2022-03-20

This release is rolling out to all regions - estimated time for completed roll out is 2022-04-03 for public cloud and 2022-04-06 for sovereign clouds. Please note that the AKS release cadence has shifted; new releases will now be cut on Sunday.

Announcements

  • Upgrade your AKS Ubuntu 18.04 worker nodes to VHD version 2022.03.20 or newer to address CVE-2022-23648.
  • From Kubernetes 1.23, containerd will be the default container runtime for Windows node pools. Docker support will be deprecated in Kubernetes 1.24. You are advised to test your workloads before Docker deprecation happens by following the documentation here.
  • Starting with 1.24 the default format of clusterUser credential for AAD enabled clusters will be ‘exec’, which requires kubelogin binary in the execution PATH. If you are using Azure CLI, it will prompt users to download kubelogin. There will be no behavior change for non-AAD clusters, or AAD clusters whose version is older than 1.24. Existing downloaded kubeconfig will still work. We provide an optional query parameter ‘format’ when getting clusterUser credential to overwrite the default behavior change, you can explicitly specify format to ‘azure’ to get old format kubeconfig.
  • Starting in Kubernetes 1.23 AKS Metrics server deployment will start having 2 pods instead of 1 for HA, which will increase the memory requests of the system by 54Mb.
  • Kubernetes version 1.20 will be deprecated and removed from AKS on April 7th 2022.

Release notes

  • Behavioral changes
    • Accelerated networking will now be enabled by default for newly-created Windows nodepools.
    • The single placement group VMSS flag will now be enabled for newly-created node pools using InfiniBand/RDMA-capable VM sizes. InfiniBand/RDMA-capable SKUs, like most H-series and some N-series sizes, can be identified by the "r" in the additional features section of the size name (e.g. Standard_HB120rs_v3, Standard_ND96asr_v4). Note that the InfiniBand drivers are not currently loaded to nodes. Loading these via a DaemonSet will come in the near future.
  • Bug fixes
    • The 2022.03.20+ AKS Ubuntu 18.04 images fix an issue (present since 2022.02.19) in which an unneeded Azure security agent was installed, leading to higher than expected memory consumption on nodes.
    • Improved error handling to resolve a bug where a cluster stop operation may show an inconsistent state, leading to a cluster that is stuck in the "Stopping" state or moves to the "Failed" state. If a cluster is stuck in this state currently, running az resource update --ids <cluster resource ID> should resolve the issue.
  • Features
  • Component updates
Assets 2
Loading

Release 2022-03-10

15 Mar 16:31
@sajitsasi sajitsasi
2022-03-10-2
93c25f5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release 2022-03-10

Release 2022-03-10

This release is rolling out to all regions - estimated time for completed roll out is 2022-03-23 for public cloud and 2022-03-26 for sovereign clouds.

Announcements

  • From Kubernetes 1.23, containerD will be the default container runtime for Windows node pools. Docker support will be deprecated in Kubernetes 1.24. You are advised to test your workloads before Docker deprecation happens by following the documentation here.
  • Starting with 1.24 the default format of clusterUser credential for AAD enabled clusters will be ‘exec’, which requires kubelogin binary in the execution PATH. If you are using Azure CLI, it will prompt users to download kubelogin. There will be no behavior change for non-AAD clusters, or AAD clusters whose version is older than 1.24. Existing downloaded kubeconfig will still work. We provide an optional query parameter ‘format’ when getting clusterUser credential to overwrite the default behavior change, you can explicitly specify format to ‘azure’ to get old format kubeconfig.
  • Starting in Kubernetes 1.23 AKS Metrics server deployment will start having 2 pods instead of 1 for HA, which will increase the memory requests of the system by 54Mb.
  • Kubernetes version 1.20 will be deprecated and removed from AKS on April 7th 2022.

Release notes

  • Component updates
    • AKS clusters >= 1.19 will now have Application Gateway Ingress Controller (AGIC) version 1.5.1 which adds support for ingress class and path prefix
    • Upgrade Azure disk CSI driver to 1.12.0 on 1.21+ clusters
    • Upgrade Azure Defender pod-collector image to 0.3.19 from 0.3.18
    • AKS Ubuntu 18.04 image updated to AKSUbuntu-1804-2022.03.07 which was actually hotfixed to AKSUbuntu-1804-2022.03.21. So an upgrade could result in either 2022.03.07 or 2022.03.21 depending on when you did the upgrade.
    • AKS Windows image has been updated to 2019-datacenter-core-smalldisk-17763.2686.220309.
Assets 2
Loading

Release 2022-03-03

11 Mar 00:42
@kaarthis kaarthis
2022-03-03
25685fa
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release 2022-03-03

Release 2022-03-03

This release is rolling out to all regions - estimated time for completed roll out is 2022-03-16 for public cloud and 2022-03-19 for sovereign clouds.

Announcements

  • From Kubernetes 1.23, containerD will be the default container runtime for Windows node pools. Docker support will be deprecated in Kubernetes 1.24. You are advised to test your workloads before Docker deprecation happens by following the documentation here.
  • Starting with 1.24 the default format of clusterUser credential for AAD enabled clusters will be ‘exec’, which requires kubelogin binary in the execution PATH. If you are using Azure CLI, it will prompt users to download kubelogin. There will be no behavior change for non-AAD clusters, or AAD clusters whose version is older than 1.24. Existing downloaded kubeconfig will still work. We provide an optional query parameter ‘format’ when getting clusterUser credential to overwrite the default behavior change, you can explicitly specify format to ‘azure’ to get old format kubeconfig.
  • Starting in Kubernetes 1.23 AKS Metrics server deployment will start having 2 pods instead of 1 for HA, which will increase the memory requests of the system by 54Mb.
  • Kubernetes version 1.20 will be deprecated and removed from AKS on April 7th 2022.
  • AKS x OSS Integration Blog Series: This month’s article highlights how to deploy a highly available Redis Cluster to AKS. Run scalable and resilient Redis with Kubernetes and Azure Kubernetes Service - Microsoft Tech Community. Previous two articles explore storing Prometheus metrics with Thanos/AKS and Cluster monitoring with Prometheus/Grafana/AKS.

Release notes

  • Preview features
    • Associate capacity reservation to node pools is now previewed in all regions. Documentation available here.
  • Component updates
    • AKS Ubuntu 18.04 image updated to AKSUbuntu-1804-2022.03.03 contains hotfix for containerd-1602.
    • Introducing Prometheus performance metrics, measuring execution time of handling pod/namespace/network policy CRUD events. The pre-existing npm_add_policy_exec_time metric now has an "error" label.
Assets 2
Loading

Releases 2022-02-24

05 Mar 12:29
@shashankbarsin shashankbarsin
2022-02-24
00bd5c9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Releases 2022-02-24

Release 2022-02-24

This release is rolling out to all regions - estimated time for completed roll out is 2022-03-09 for public cloud and 2022-03-12 for sovereign clouds.

Announcements

  • From Kubernetes 1.23, containerD will be the default container runtime for Windows node pools. Docker support will be deprecated in Kubernetes 1.24. You are advised to test your workloads before Docker deprecation happens by following the documentation here.
  • Starting with 1.24 the default format of clusterUser credential for AAD enabled clusters will be ‘exec’, which requires kubelogin binary in the execution PATH. If you are using Azure CLI, it will prompt users to download kubelogin. There will be no behavior change for non-AAD clusters, or AAD clusters whose version is older than 1.24. Existing downloaded kubeconfig will still work. We provide an optional query parameter ‘format’ when getting clusterUser credential to overwrite the default behavior change, you can explicitly specify format to ‘azure’ to get old format kubeconfig.
  • Starting in Kubernetes 1.23 AKS Metrics server deployment will start having 2 pods instead of 1 for HA, which will increase the memory requests of the system by 54Mb.

Release notes

  • Behavioral changes
    • The default VNET address for managed VNETs will change from 10.0.0.0/8 to 10.224.0.0/12 and the default node subnet address will change from 10.240.0.0/16 to 10.224.0.0/16. New clusters will be required to have service and pod CIDR ranges that do not overlap with these new VNET ranges.
  • Bug fixes
    • Fix azure disk resize timeout issue on aks 1.21+
  • Preview features
    • Associate capacity reservation to node pools. Documentation available here.
  • Component updates
    • Upgrade azure disk and azure file csi drivers to v1.11.0 on aks 1.21+
    • AKS Ubuntu 18.04 image updated to AKSUbuntu-1804-2022.02.19.
    • Calico updated to v3.21.4 on Windows
    • Azure Policy for AKS updated to Gatekeeper 3.7.1.
Assets 2
Loading

Release 2022-02-10

15 Feb 18:26
@miwithro miwithro
2022-02-10
97813af
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release 2022-02-10

Release 2022-02-10

This release is rolling out to all regions - estimated time for completed roll out is 2022-02-23 for public cloud and 2022-02-26 for sovereign clouds.

Announcement

  • From Kubernetes 1.23, containerD will be the default container runtime for Windows node pools. Docker support will be deprecated in Kubernetes 1.24. You are advised to test your workloads before Docker deprecation happens by following the documentation here https://docs.microsoft.com/en-us/azure/aks/windows-container-cli#add-a-windows-server-node-pool-with-containerd-preview.
  • Konnectivity rollout will continue in Feb 2022.
  • Kubernetes 1.19 has been removed.
  • Starting with 1.24 the default format of clusterUser credential for AAD enabled clusters will be ‘exec’, which requires kubelogin binary in the execution PATH https://github.com/Azure/kubelogin. If you are using Azure CLI, it will prompt users to download kubelogin. There will be no behavior change for non-AAD clusters, or AAD clusters whose version is older than 1.24. Existing downloaded kubeconfig will still work. We provide an optional query parameter ‘format’ when getting clusterUser credential to overwrite the default behavior change, you can explicitly specify format to ‘azure’ to get old format kubeconfig.
  • Starting in Kubernetes 1.23 AKS Metrics server deployment will start having 2 pods instead of 1 for HA, which will increase the memory requests of the system by 54Mb.

Release Notes

Assets 2
Loading

Release notes for 2022-02-06

09 Feb 17:24
@justindavies justindavies
2022-02-06
bd71e00
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release notes for 2022-02-06

Release 2022-02-06

This release is rolling out to all regions - estimated time for completed roll out is 2022-02-16 for public cloud and 2022-02-19 for sovereign clouds.

Announcement

  • From Kubernetes 1.23, containerD will be the default container runtime for Windows node pools. Docker support will be deprecated in Kubernetes 1.24. You are advised to test your workloads before Docker deprecation happens by following the documentation here https://docs.microsoft.com/en-us/azure/aks/windows-container-cli#add-a-windows-server-node-pool-with-containerd-preview.
  • Konnectivity rollout will continue in Feb 2022.
  • Kubernetes 1.19 will be removed on the next release.
  • Starting with 1.23 AKS will follow upstream kubernetes and deprecate in-tree azure authentication which is marked for deprecation to be replaced with 'exec'. If you are using Azure CLI or Azure clients, AKS will download kubelogin for users automatically. If outside of Azure CLI, users need to download and install kubelogin in order to continue to use kubectl with AAD authentication. https://github.com/Azure/kubelogin
  • Starting in Kubernetes 1.23 AKS Metrics server deployment will start having 2 pods instead of 1 for HA, which will increase the memory requests of the system by 54Mb.

Release Notes

  • Behavioral changes
    • Increase CPU limit on Windows OMS agent from 200mc to 500mc
    • GA AKS Tags now allows Patch tags to managedCluster which will also patch tags to child ARM resources {NetworkSecurityGroup, LoadBalancer, virtualNetwork}
  • Bug Fixes
    • Fix azure file NFS mount permissions and enable azure file volume stats by default on AKS 1.21+
    • Upgraded Linux version to 5.4.0-1068.70-azure to address CVE-2021-4034
  • Preview Features
    • Kubernetes 1.23.3
    • Enable ephemeral OS on temp disk for v5 VM instances
  • Component Updates
    • Kubernetes 1.20.15, 1.21.9 and 1.22.6 released, 1.20.9, 1.21.2, and 1.22.2 removed
    • Upgraded Linux version to 5.4.0-1068.70-azure to address CVE-2021-4034
    • Containerd registry configuration for Linux nodes - including adding root CAs for containerd via DS.
    • AKS Ubuntu 18.04 image updated to AKSUbuntu-1804-2022.02.01.
Assets 2
Loading

Release 2022-01-27

03 Feb 01:45
@kaarthis kaarthis
2022-1-27
8ba1462
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release 2022-01-27

This release is rolling out to all regions - estimated time for completed roll out is 2022-02-07 for public cloud and 2022-02-10 for sovereign clouds.

Announcement

  • From Kubernetes 1.23, containerD will be the default container runtime for Windows node pools. Docker support will be deprecated in Kubernetes 1.24. You are advised to test your workloads before Docker deprecation happens by following the documentation here https://docs.microsoft.com/en-us/azure/aks/windows-container-cli#add-a-windows-server-node-pool-with-containerd-preview.
  • Konnectivity rollout will continue in Feb 2022.
  • Kubernetes 1.19 will be removed on the next release.
  • Starting with 1.23 AKS will follow upstream kubernetes and deprecate in-tree azure authentication which is marked for deprecation to be replaced with 'exec'. If you are using Azure CLI or Azure clients, AKS will download kubelogin for users automatically. If outside of Azure CLI, users need to download and install kubelogin in order to continue to use kubectl with AAD authentication. https://github.com/Azure/kubelogin
  • Starting in Kubernetes 1.23 AKS Metrics server deployment will start having 2 pods instead of 1 for HA, which will increase the memory requests of the system by 54Mb.

Release Notes

  • Behavioral changes
    • AKS will now create pseudo-random IPv6 address ranges for the Kubernetes pod and service IPs for new dual-stack clusters when --pod-cidrs or --service-cidrs are omitted instead of a default static value. These ranges will be generated with the method suggested in RFC 4193.
    • Removed secret RBAC for azure disk csi driver.
    • Increased csi-resizer timeout from 60s to 120s.
  • Component Updates
Assets 2
Loading

Release 2022-01-20

27 Jan 21:01
@palma21 palma21
2022-01-20
1c856ed
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release 2022-01-20

This release is rolling out to all regions - estimated time for completed roll out is 2022-01-31 for public cloud and 2022-02-03 for sovereign clouds.

Announcement

  • From Kubernetes 1.23, containerD will be the default container runtime for Windows node pools. Docker support will be deprecated in Kubernetes 1.24. You are advised to test your workloads before Docker deprecation happens by following the documentation here https://docs.microsoft.com/en-us/azure/aks/windows-container-cli#add-a-windows-server-node-pool-with-containerd-preview.
  • Konnectivity rollout will continue in Feb 2022.
  • Client automatic cert rotation is now being enabled on the last set of regions to be completed by end of Feb 2022.
  • Kubernetes 1.19 will be removed on 2022-01-31.
  • Starting with 1.23 AKS will follow upstream kubernetes and deprecate in-tree azure authentication which is marked for deprecation to be replaced with 'exec'. If you are using Azure CLI or Azure clients, AKS will download kubelogin for users automatically. If outside of Azure CLI, users need to download and install kubelogin in order to continue to use kubectl with AAD authentication. https://github.com/Azure/kubelogin
  • Starting in Kubernetes 1.23 AKS Metrics server deployment will start having 2 pods instead of 1 for HA, which will increase the memory requests of the system by 54Mb.

Release Notes

  • Preview Features
  • Bug Fixes
    • Fixed bug where custom in-tree storage classes on 1.21+ were deleted during cluster upgrade by mistake.
    • Ensured Azure Defender pods have affinity for system pools.
    • App GW ingress controller was added the CriticalAddonsOnly toleration as the rest of the addons and system components.
  • Behavioral changes
    • New global policy added to clusters with Calico network policies enabled to allow egress from the konnectivity system component.
    • All AKS system-created tags will have an "aks-managed" prefix and cannot be modified or deleted.
  • Component Updates
    • ip-masq-agent updated to v2.5.0.9.
    • Konnectivity updated to v0.0.27.
    • Azure CNI updated to v0.9.1.
    • Azure Policy addon updated to prod_20220114.1.
    • Windows Pause Image updated to 3.6-hotfix.20220114.
    • AKS Ubuntu 18.04 image updated to AKSUbuntu-1804-2022.01.19.
Assets 2
Loading

Release 2022-01-13

15 Jan 00:28
@qpetraroia qpetraroia
2022-01-13
7c42e4b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release 2022-01-13

Release 2022-01-13

This release is rolling out to all regions - estimated time for completed roll out is 2022-01-24 for public cloud and 2022-01-27 for sovereign clouds.

Announcement

  • From Kubernetes 1.23, containerD will be the default container runtime for Windows node pools. Docker support will be deprecated in Kubernetes 1.24. You are advised to test your workloads before Docker deprecation happens by following the documentation here https://docs.microsoft.com/en-us/azure/aks/windows-container-cli#add-a-windows-server-node-pool-with-containerd-preview.
  • Konnectivity rollout will continue in Feb 2022.
  • AKS is implementing auto-cert rotation slowly over the next few months. We have already enabled the following regions westcentralus, uksouth, eastus, australiacentral, and australiaest. If you have clusters in those regions please run a cluster upgrade in order to have that cluster configured for auto-cert rotation. The following regions brazilsouth, canadacentral, centralindia, and eastasia will be released in January after the holidays as the next group of regions. We will update the release notes will the upcoming schedule going forward until all regions are deployed.
  • Kubernetes 1.19 will be removed on 2022-01-31.
  • Starting with 1.23 AKS will follow upstream kubernetes and deprecate in-tree azure authentication which is marked for deprecation to be replaced with 'exec'. If you are using Azure CLI or Azure clients, AKS will download kubelogin for users automatically. If outside of Azure CLI, users need to download and install kubelogin in order to continue to use kubectl with AAD authentication. https://github.com/Azure/kubelogin

Release Notes

  • Bug Fixes
    • Fixed a bug where if RBAC was disabled on a cluster, the Azure file daemonset would crash on windows nodes.
  • Component Updates
    • Upgrade dns-autoscaler to version 1.8.5 for 1.22+.
    • Azure disk CSI driver updated to v1.10 on AKS versions 1.21+
    • Azure file CSI driver updated to v1.9 on AKS versions 1.21+
    • AKS Ubuntu 18.04 image updated to AKSUbuntu-1804-2022.01.08.
Assets 2
Loading