Release 2023-01-08

Release 2023-01-08

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

• Kubernetes 1.25 has finished rolling out in all non-sovereign regions.
• AKS begins pod security policy deprecation on 2022-11-01 API. The pod security policy will be removed completely on 2023-06-01 API with AKS 1.25 version or higher. You can migrate pod security policy to pod security admission controller before the deprecation deadline.

Release notes

• Features
  • Starting with Kubernetes 1.26:
    • HostProcess Containers will be GA
    • Some AKS labels will be deprecated. Update your AKS labels to the recommended substitutions. See more information on label deprecations and how to update your labels in the Use labels in an AKS cluster documentation.
  • Dynamic IP Allocation is now available for Windows nodes.
• Preview Features
  • IP based Load Balancer is now available in preview
  • Node public IP tags is now available in preview
  • Host port NSG control is now available in preview
  • Host ASG control is now available in preview
  • Azure CNI Overlay for Windows is now available in preview
• Behavior Changes
  • The OSM addon's osm-injector pod's autoscaler will no longer scale on memory, only on CPU. The osm-controller pod's HPA resource will be reconciled in EnsureExists mode to allow you to edit the resource.
• Bug Fixes
  • A bug regarding Kubernetes version 1.25 and the tigera operator has been fixed. If your cluster is already running on v1.25.4, please create a new cluster or file a support ticket with AKS for any further help.
• Component Updates
  • CIS Kubernetes v1.24 Benchmark has been published which covers AKS 1.21.x through AKS 1.24.x
  • KEDA add-on for AKS has been upgraded to v2.9
  • Virtual Kubelet has been upgraded to v1.4.7 and v1.4.8. See changelog for bug fixes and new features.
  • Azure disk csi driver has been updated to v1.26.0
  • Azure files csi driver has been updated to v1.24.0
  • Azure blob csi driver has been updated to v1.19.0
  • AKS Windows 2022 image has been updated to 20348.1366.221214
  • AKS Windows 2019 image has been updated to 17763.3770.221214.

Release 2022-12-04

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

• AKS is retiring v1.22.x on this (December 4th) release. Please upgrade your clusters to v1.23 or (preferably) above.
• On this release (December 4th 2022), AKS is updating all patches on supported Kubernetes versions. This means that the oldest patch version on a supported minor version will be deprecated. Read more about AKS versioning and our policy here.
• Some AKS labels are being deprecated with the Kubernetes 1.26 release in January. Update your AKS labels to the recommended substitutions. See more information on label deprecations and how to update your labels in the Use labels in an AKS cluster documentation.
• AKS begins pod security policy deprecation on 2022-11-01 API. The pod security policy will be removed completely on 2023-06-01 API with AKS 1.25 version or higher. You can migrate pod security policy to pod security admission controller before the deprecation deadline.
• Azure NAT gateways do not support IPv6 and therefore cannot be used with dual-stack clusters as the cluster would not have a valid IPv6 outbound connection.
• AKS clusters with Calico enabled should not upgrade to Kubernetes v1.25.
• Starting Kubernetes v1.26 two in-tree driver persistent volumes types kubernetes.io/azure-disk, kubernetes.io/azure-file are deprecated and will no longer be supported. Removal of these drivers following its deprecation is not currently planned but all users should migrate as soon as possible to the corresponding persistent volume types, disk.csi.azure.com and file.csi.azure.com respectively. See how here.
• Workload Identity: Application pods using workload identity will need the following label added azure.workload.identity/use starting with the 2023-01-15 release. Add the label to your running pods/deployments to avoid pods from failing at restart. See more here.
• Starting Jan 3, 2023 AKS will expand the policy of 0 node clusters, that are automatically stopped after 30d to include clusters with 0 "Ready" nodes (or all "Not Ready") and 0 Running VMs. Clusters with all nodes manually stopped (unsupported) and in "Not Ready" state after 30 days will be stopped accordingly. To re-start your cluster, run a cluster start command. See the complete Support Policy for more information.

Release notes

• Features
  • Kubernetes 1.25 is now Generally available. 1.25.4 patch version was added
    • Ubuntu 22.04 for AMD and ARM64 architectures will be the default host.
    • Windows Server 2022 will be the default Windows host. Important, old windows 2019 containers will not work on windows server 2022 hosts.
• Preview Features
  • In Azure CNI powered by Cilium clusters, AKS now sets prometheus.io/port and prometheus.io/scrape annotations on the cilium-operator deployment as well as the prometheus container ports on the cilium and cilium operator manifests.
• Behavior Changes
  • AKS now provides a kubernetes.azure.com/dedicated-host-group=<HOST GROUP ID> label for nodes in an Azure Dedicated Host Group.
  • App Gateway Ingress Controller (AGIC) addon memory limit increased to 600 Mi to address to adjust for resourcing in clusters with large pod/secret counts.
  • The only allowed operation that can be performed on a stopped cluster is starting the cluster.
• Bug Fixes
  • Fixed an issue with cluster updates after a failed cluster start getting stuck.
  • AKS will have Accelerated Networking turned off in Azure Dedicated Host nodepools as Azure Dedicated Host placement currently doesn't correctly account for Accelerated Networking capable SKUs at the moment.
  • Fixed IPv6 casing mismatch between azure network provider and AKS.
• Component Updates
  • Azure Monitor Container Insights updated to version ciprod12032022-c9f3dc30
  • AKS Ubuntu 18.04 image has been updated to AKSUbuntu-1804-2022.12.19.
  • AKS Ubuntu 22.04 image has been updated to AKSUbuntu-2204-2022.12.19.
  • AKS Mariner image has been updated to AKSMariner-2022.12.19.

Release 2022-11-27

Release 2022-11-27

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

• AKS is retiring v1.22.x on December 4th 2022. Please upgrade your clusters to v1.23 and above.
• In January 2023, AKS is updating all patch's on supported Kubernetes versions. This means that the oldest patch version on a supported minor version will be deprecated. Read more about AKS versioning and our policy here.
• Some AKS labels are being deprecated with the Kubernetes 1.26 release. Update your AKS labels to the recommended substitutions. See more information on label deprecations and how to update your labels in the Use labels in an AKS cluster documentation.
• AKS begins pod security policy deprecation on 2022-11-01 API. The pod security policy will be removed completely on 2023-06-01 API with AKS 1.25 version or higher. You can migrate pod security policy to pod security admission controller before the deprecation deadline.
• Azure NAT gateways do not support IPv6 and therefore cannot be used with dual-stack clusters as the cluster would not have a valid IPv6 outbound connection.
• Starting Kubernetes v1.26 two in-tree driver persistent volumes won't be supported in AKS : kubernetes.io/azure-disk, kubernetes.io/azure-file.

Release notes

• Behavior Changes
  • Creation, Upgrade operations of PSP-enabled cluster if k8s version is v1.25 or above will no longer be allowed.
  • Updated Calico to v3.23.3 when Kubernetes version is greater than or equal to v1.25.0.
• Bug Fixes
  • Fixed an issue in Kubernetes 1.24+ with dual-stack clusters causing apiserver to crash if the cluster has IPv6 listed first in the serviceCIDRs property.
• Component Updates
  • Update AKS Windows image versions to 17763.3650.221110 for WS2019 and to 20348.1249.221110 for WS2022 with the Windows security patch in Nov 2022. It contains an important bug fix for the hns crash issue.
  • AKS Ubuntu 18.04 image has been updated to AKSUbuntu-1804-2022.11.12.
  • AKS Ubuntu 22.04 image has been updated to AKSUbuntu-2204-2022.11.12.
  • AKS Mariner image has been updated to AKSMariner-2022.11.12.

Release 2022-11-06

Release 2022-11-06

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

• AKS is retiring v1.22.x on December 4th 2022. Please upgrade your clusters to v1.23 and above.
• On December 4th 2022, AKS is updating all patch's on supported Kubernetes versions. This means that the oldest patch version on a supported minor version will be deprecated. Read more about AKS versioning and our policy here.
• Some AKS labels are being deprecated with the Kubernetes 1.26 release. Update your AKS labels to the recommended substitutions. See more information on label deprecations and how to update your labels in the Use labels in an AKS cluster documentation.
• AKS begins pod security policy deprecation on 2022-11-01 API. The pod security policy will be removed completely on 2023-06-01 API with AKS 1.25 version or higher. You can migrate pod security policy to pod security admission controller before the deprecation deadline.
• Azure NAT gateways do not support IPv6 and therefore cannot be used with dual-stack clusters as the cluster would not have a valid IPv6 outbound connection.
• AKS clusters with Calico enabled should not upgrade to Kubernetes v1.25 preview.

Release notes

• Features
  • Azure Blob storage Container Storage Interface (CSI) driver is now generally available.
• Preview Features
  • Updating SSH key on existing AKS cluster is now public preview.
• Security Disclosures
  • CVE-2022-3162
  • CVE-2022-3294
  • CVE-2022-3602 and CVE-2022-3786
• Behavior Changes
  • The OSM add-on now includes horizontal pod autoscaling for the osm-injector pod with a minimum of 2 replicas, maximum of 10. The resources for the injector pod has also been increased so request memory is now 128 MB and limit memory is now 500 MB.
• Bug Fixes
  • Fix issue that would cause a Cluster Stop operation to become stuck.
• Component Updates
  • Update Azure CNI to v1.4.35
  • Update AKS Windows image versions to 17763.3650.221110 for WS2019 and to 20348.1249.221110 for WS2022 with the Windows security patch in Nov 2022. It contains an important bug fix for the hns crash issue.
  • AKS Ubuntu 18.04 image has been updated to AKSUbuntu-1804-2022.11.01.
  • AKS Ubuntu 22.04 image has been updated to AKSUbuntu-2204-2022.11.01.
  • AKS Mariner image has been updated to AKSMariner-2022.11.01.

Release 2022-10-30

Release 2022-10-30

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

• AKS is retiring v1.22.x on December 4th 2022. Please upgrade your clusters to v1.23 and above.
• Some AKS labels are being deprecated with the Kubernetes 1.26 release. Update your AKS labels to the recommended substitutions. See more information on label deprecations and how to update your labels in the Use labels in an AKS cluster documentation. beta.kubernetes.io/arch= and beta.kubernetes.io/os= are still applied by kubelet in kubernetes code.
• AKS will be enforcing the de-allocated clusters policy which specifies that manually de-allocating clusters renders the cluster out of support. Starting November 1, 2022 clusters with zero nodes will be stopped after 30 days.

Release notes

• Preview Features
  • Kubernetes version 1.25 has been released in public preview for AKS and is rolling out to all region. We support Kubernetes 1.25.2.
    • Ubuntu 22.04 for AMD and ARM64 architectures will be the default host.
    • Windows Server 2022 will be the default Windows host. Important, old windows 2019 containers will not work on windows server 2022 hosts.
• Bug Fixes
  • Updated the AKS WS2022 images with 2022.10C. This update addresses an issue that causes Host Network Service to stop working, creating traffic interruptions. This fix will also be included in the AKS Windows2019 images with 2022.11B. Please see the release notes in Azure/AgentBaker#2380 .
• Behavior Changes
  • AKS plans to disable "JobTrackingWithFinalizers" APISever feature for k8s version "1.23" in all regions. There is a bug in this feature. 1.23 by default turned on the feature and 1.24+ turned it off.
  • The fields Cloud, Environment, UnderlayClass, and UnderlayName will no longer be available in customers' log analytics workspaces.
  • The container runtime for Ubuntu VHDs now only depends on VHD version, not Kubernetes version. For supported Kubernetes versions < 1.24, this may imply an upgrade. The latest containerd version for all Ubuntu nodes will now be 1.6
• Component Updates
  • AKS Ubuntu 18.04 image has been updated to AKSUbuntu-1804-2022.10.24.
  • AKS Ubuntu 22.04 image has been updated to AKSUbuntu-2204-2022.10.24.
  • AKS Mariner image has been updated to AKSMariner-2022.10.24.
  • AKS Windows 2022 image has been updated to 20348.1194.221026.

Release 2022-10-23

Release 2022-10-23

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

• AKS is retiring v1.22.x on December 4th 2022. Please upgrade your clusters to v1.23 and above.
• Starting with Kubernetes 1.25, the following changes will be made default:
  • Ubuntu 22.04 for x86, AMD and ARM64 architectures will be the default host.
• Some AKS labels are being deprecated with the Kubernetes 1.26 release. Update your AKS labels to the recommended substitutions. See more information on label deprecations and how to update your labels in the Use labels in an AKS cluster documentation. beta.kubernetes.io/arch= and beta.kubernetes.io/os= are still applied by kubelet in kubernetes code.
• Docker is no longer supported as a container runtime on Windows. Follow these steps in our documentation to upgrade your Kubernetes cluster to change your container runtime to containerd.
• Kubernetes 1.25 is in preview. We support Kubernetes 1.25.2.
• AKS will be enforcing the de-allocated clusters policy which specifies that manually de-allocating clusters renders the cluster out of support. Starting November 1, 2022 clusters with zero nodes will be stopped after 30 days.
• Virtual Node is supported in these additional regions.

Release notes

• Behavior Changes
  • The cpu limits for cloud-node-manager, csi drivers, and kube-proxy have been removed.
  • Fixed a bug to disallow cluster creation where both AAD and local accounts are disabled.
  • Fixed bug where when a cluster is updated, it triggers a reconcile cluster operation which will remove the setting aks-vnet -> subnet -> service endpoints which is set by csi driver when provisioning volume using NFS protocol.
• Component Updates
  • Updated workload identity image to v0.14.0.
  • AKS Ubuntu 18.04 image has been updated to AKSUbuntu-1804-2022.10.17.
  • AKS Windows 2019 image has been updated to 17763.3534.221019.
  • AKS Windows 2022 image has been updated to 20348.1131.221019.

Release 2022-10-16

Release 2022-10-16

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

• AKS is retiring v1.22.x on December 4th 2022. Please upgrade your clusters to v1.23 and above.
• Starting with Kubernetes 1.25, the following changes will be made default:
  • Ubuntu 22.04 for x86, AMD and ARM64 architectures will be the default host.
• Some AKS labels are being deprecated with the Kubernetes 1.26 release. Update your AKS labels to the recommended substitutions. See more information on label deprecations and how to update your labels in the Use labels in an AKS cluster documentation. beta.kubernetes.io/arch= and beta.kubernetes.io/os= are still applied by kubelet in kubernetes code.
• Docker is no longer supported as a container runtime on Windows. Follow these steps in our documentation to upgrade your Kubernetes cluster to change your container runtime to containerd.

Release notes

• Features
  • OIDC Issuer is now Generally Available.
• Behavior Changes
  • The CPU limits for cloud-node-manager has been removed.
  • OMSAgent resources will be renamed to ama-logs.
• Component Updates
  • ip-masq-agent-v2 has been updated to v0.1.5, which includes the usage of a distroless-iptables image and a reduction in image size from 75.4MB to 34.2MB.
  • AKS Ubuntu 18.04 image has been updated to AKSUbuntu-1804-2022.10.12
  • AKS Windows 2019 image has been updated to 17763.3532.221012
  • AKS Windows 2022 image has been updated to 20348.1129.221012

Release 2022-10-09

Release 2022-10-09

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

• Starting with Kubernetes 1.25, the following changes will be made default:
  • Ubuntu 22.04 for x86, AMD and ARM64 architectures will be the default host.
• Some AKS labels are being deprecated with the Kubernetes 1.26 release. Update your AKS labels to the recommended substitutions. See more information on label deprecations and how to update your labels in the Use labels in an AKS cluster documentation. beta.kubernetes.io/arch= and beta.kubernetes.io/os= are still applied by kubelet in kubernetes code.
• Docker is no longer supported as a container runtime on Windows. Follow these steps in our documentation to upgrade your Kubernetes cluster to change your container runtime to containerd.

Release notes

• Features
  • AKS 5000 Node limit per cluster is now Generally Available.
  • Confidential VM Node Pool on AKS is now Generally Available.
  • Event Grid integration with AKS is now Generally Available.
• Preview Features
  • Azure AD Workload Identity, integrated with the Kubernetes native capabilities to federated with Azure AD, is now in Public Preview.
  • Azure Kubernetes Fleet Manager is now in Public Preview.
  • Kubernetes Apps on Azure MarketPlace is now in Public Preview.
• Fixes
  • Hotfixes on v1.24.3 and v1.24.6 for [Windows BUG] (#3246) has been published to all regions. You can check the k8s package version in C:\AzureData\CustomDataSetupScript.log. If neither v1.24.3-hotfix.20221006-1int.zip nor v1.24.6-hotfix.20221006-1int.zip are used, you need to upgrade your clusters or create new Windows agent pools to get the fix.
  • Fixed a bug where an AKS FIPS node may become a non-FIPS node after unattended upgrade and reboot.
  • Hotfixed a bug where we double counted windows vms in subnet size validation.
• Behavior Changes
  • Added pid.available<2000 to kubelet flag --eviction-hard, making the effective number of allocatable PIDs = kernel.pid_max - 2000 eviction-signals
• Component Updates
  • CNI plugin updated to version v1.1.1.
  • Virtual-Node updated to version 1.4.5.
  • Updated Azure Disk CSI Driver to v1.23.0 , Azure File CSI Driver to v1.22.0
  • AKS Ubuntu 18.04 image updated to AKSUbuntu-1804-2022.10.03

Release 2022-10-02

Release 2022-10-02

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

• Draft is looking to get feedback. If you have used Draft or are interested in Draft, please click here to start a conversation with the AKS team.
• Starting with Kubernetes 1.25, the following changes will be made default:
  • Ubuntu 22.04 for x86, AMD and ARM64 architectures will be the default host.
• Some AKS labels are being deprecated with the Kubernetes 1.26 release. Update your AKS labels to the recommended substitutions. See more information on label deprecations and how to update your labels in the Use labels in an AKS cluster documentation. beta.kubernetes.io/arch= and beta.kubernetes.io/os= are still applied by kubelet in kubernetes code.
• Docker is no longer supported as a container runtime on Windows. Follow these steps in our documentation to upgrade your Kubernetes cluster to change your container runtime to containerd.

Release notes

• Preview Features
  • Cluster snapshot and cluster pinning is now released in public preview, allowing you to easily save cluster configurations and apply them to other clusters.
  • Vertical Pod Autoscaling is now released in public preview. VPA allows you to automatically set resource requests and limits on containers per workload based on past usage.
• Bugs
  • Bug: A bug has been found in Windows clusters that have been upgraded to K8s v1.24 that causes external VIP load balancing rules to reference endpoints that no longer exist. The AKS team has rolled out a block on all upgrades to K8s version 1.24 for Windows cluster as we wait for a fix from Windows upstream.
• Component Updates
  • Windows Azure CNI updated to version v1.4.35.
  • Microsoft Defender low-level-collector image updated to v1.3.57.
  • AKS Ubuntu 18.04 image updated to AKSUbuntu-1804-2022.09.27

Release 2022-09-25

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

• Draft is looking to get feedback. If you have used Draft or are interested in Draft, please click here to start a conversation with the AKS team.
• Starting with Kubernetes 1.25, the following changes will be made default:
  • Ubuntu 22.04 for x86, AMD and ARM64 architectures will be the default host.
  • Kubernetes 1.21 version has been deprecated as of July 31st, 2022. See documentation on how to upgrade your cluster.
• Some AKS labels are being deprecated with the Kubernetes 1.25 release. Update your AKS labels to the recommended substitutions. See more information on label deprecations and how to update your labels in the Use labels in an AKS cluster documentation.
• Docker is no longer supported as a container runtime on Windows. Follow these steps in our documentation to upgrade your Kubernetes cluster to change your container runtime to containerd.

Release notes

• Features
  • New Kubernetes patch versions released. Kubernetes 1.22.15, 1.23.12 and 1.24.6.
  • Nodepool snapshots can now work across regions.
• Preview Features
  • THe AKS maintenance window can now also be set centrally via Azure maintenance windows.
• Behavior Changes
  • AKS no longer uses beta.kubernetes.io/os, failure-domain.beta.kubernetes.io/zone labels in its managed components. kubernetes.io/os and topology.kubernetes.io/zone will be used instead, respectively.
  • An additional tag aks-managed-private-dns-zone-mode:none will be added to the nodes on private cluster scenarios when the cluster is using 'none' private DNS zone.
• Bug Fixes
  • Fixed KMS error message to clarify when Key Vault has connectivity blocked.
  • Fixed issue with Availability Set-based clusters where node IPs were double counted when performing available IP validations.
• Component Updates
  • Cloud Controller Manager updated to v1.24.7, v1.23.20 and v1.1.23 (for 1.22 and lower) for the respective kubernetes minor versions.
  • AKS Ubuntu 18.04 image updated to AKSUbuntu-1804-2022.09.22