Skip to content
7c42e4b
Compare
Choose a tag to compare

Release 2022-01-13

This release is rolling out to all regions - estimated time for completed roll out is 2022-01-24 for public cloud and 2022-01-27 for sovereign clouds.

Announcement

  • From Kubernetes 1.23, containerD will be the default container runtime for Windows node pools. Docker support will be deprecated in Kubernetes 1.24. You are advised to test your workloads before Docker deprecation happens by following the documentation here https://docs.microsoft.com/en-us/azure/aks/windows-container-cli#add-a-windows-server-node-pool-with-containerd-preview.
  • Konnectivity rollout will continue in Feb 2022.
  • AKS is implementing auto-cert rotation slowly over the next few months. We have already enabled the following regions westcentralus, uksouth, eastus, australiacentral, and australiaest. If you have clusters in those regions please run a cluster upgrade in order to have that cluster configured for auto-cert rotation. The following regions brazilsouth, canadacentral, centralindia, and eastasia will be released in January after the holidays as the next group of regions. We will update the release notes will the upcoming schedule going forward until all regions are deployed.
  • Kubernetes 1.19 will be removed on 2022-01-31.
  • Starting with 1.23 AKS will follow upstream kubernetes and deprecate in-tree azure authentication which is marked for deprecation to be replaced with 'exec'. If you are using Azure CLI or Azure clients, AKS will download kubelogin for users automatically. If outside of Azure CLI, users need to download and install kubelogin in order to continue to use kubectl with AAD authentication. https://github.com/Azure/kubelogin

Release Notes

  • Bug Fixes
    • Fixed a bug where if RBAC was disabled on a cluster, the Azure file daemonset would crash on windows nodes.
  • Component Updates
    • Upgrade dns-autoscaler to version 1.8.5 for 1.22+.
    • Azure disk CSI driver updated to v1.10 on AKS versions 1.21+
    • Azure file CSI driver updated to v1.9 on AKS versions 1.21+
    • AKS Ubuntu 18.04 image updated to AKSUbuntu-1804-2022.01.08.
d631e30
Compare
Choose a tag to compare

This release is rolling out to all regions - estimated time for completed roll out is 2022-01-17 for public cloud and 2022-01-20 for sovereign clouds.

Announcement

  • From Kubernetes 1.23, containerD will be the default container runtime for Windows node pools. Docker support will be deprecated in Kubernetes 1.24. You are advised to test your workloads before Docker deprecation happens by following the documentation here https://docs.microsoft.com/en-us/azure/aks/windows-container-cli#add-a-windows-server-node-pool-with-containerd-preview.
  • Konnectivity rollout will continue in Feb 2022.
  • AKS is implementing auto-cert rotation slowly over the next few months. We have already enabled the following regions westcentralus, uksouth, eastus, australiacentral, and australiaest. If you have clusters in those regions please run a cluster upgrade in order to have that cluster configured for auto-cert rotation. The following regions brazilsouth, canadacentral, centralindia, and eastasia will be released in January after the holidays as the next group of regions. We will update the release notes will the upcoming schedule going forward until all regions are deployed.
  • Kubernetes 1.19 will be removed on 2022-01-31.
  • Starting with 1.23 AKS will follow upstream kubernetes and deprecate in-tree azure authentication which is marked for deprecation to be replaced with 'exec'. If you are using Azure CLI or Azure clients, AKS will download kubelogin for users automatically. If outside of Azure CLI, users need to download and install kubelogin in order to continue to use kubectl with AAD authentication. https://github.com/Azure/kubelogin

Release Notes

  • Features
    • Private DNS Subzone for Private Cluster is now GA.
    • Containerd runtime on Windows is now GA
    • Upgrade events is now GA: We now have introduced some new events that customers can leverage easily to understand and view their upgrade status.
  • Preview Features
    • Kubenet IPv6 support has been enabled all public cloud regions for Public Preview. See https://aka.ms/aks/ipv6 for more details.
  • Bug Fixes
    • Corrected validation that silently ignored updates to HTTP proxy settings.
    • Fixed issue that blocked creation of 0 node nodepools.
  • Behavioral Change
    • Private Cluster now supports cross-subscription VNET for PrivateLink.
    • In 1.21+ existing and newly created clusters, all built-in storage classes will use CSI Driver provisioners disk.csi.azure.com and file.csi.azure.com. There are no in-tree provisioners anymore (kubernetes.io/azure-disk and kubernetes.io/azure-file).
    • CPU limits for CSI drivers have been removed.
    • Azure CNI - won't reserve VNet IP addresses for daemonset pods using hostNetwork: true"
  • Component Updates
    • Cluster Auto Scaler updates:
      • Added support for more SKUs for scaling from zero (including Standard_E2s_v5, Standard_D8s_v5 and Standard_D4s_v5).
      • Fixed an issue with balancing node groups and scaling from zero in clusters with CSI drivers that utilize zonal affinities.
      • Fixed an issue with scaling from zero when pods have a selector on the stable instance type label node.kubernetes.io/instance-type.
      • Improve scale up performance in very large scale-up scenarios
    • Azure Policy for AKS updated to Gatekeeper 3.7.0
    • AKS Ubuntu 18.04 image updated to AKSUbuntu-1804-2021.01.07.
    • AKS Windows image has been updated to 2019-datacenter-core-smalldisk-17763.2366.211215.
b439f51
Compare
Choose a tag to compare

This release is rolling out to all regions - estimated time for completed roll out is 2021-12-20 for public cloud and 2021-12-23 for sovereign clouds.

Announcement

  • From Kubernetes 1.23, containerD will be the default container runtime for Windows node pools. Docker support will be deprecated in Kubernetes 1.24. You are advised to test your workloads before Docker deprecation happens by following the documentation here https://docs.microsoft.com/en-us/azure/aks/windows-container-cli#add-a-windows-server-node-pool-with-containerd-preview.
  • Konnectivity rollout has been halted for the rest of the year. We will continue the rollout in the new calendar year.
  • AKS is implementing auto-cert rotation slowly over the next few months. We have already enabled the following regions westcentralus, uksouth, eastus, australiacentral, and australiaest. If you have clusters in those regions please run a cluster upgrade in order to have that cluster configured for auto-cert rotation. The following regions brazilsouth, canadacentral, centralindia, and eastasia will be released in January after the holidays as the next group of regions. We will update the release notes will the upcoming schedule going forward until all regions are deployed.
  • Kubernetes 1.19 will be removed on 2022-01-31.
  • Starting with 1.23 AKS will follow upstream kubernetes and deprecate in-tree azure authentication which is marked for deprecation to be replaced with 'exec'. If you are using Azure CLI or Azure clients, AKS will download kubelogin for users automatically. If outside of Azure CLI, users need to download and install kubelogin in order to continue to use kubectl with AAD authentication. https://github.com/Azure/kubelogin

Release Notes

  • Features
    • Kubernetes 1.22 is now GA. Carefully read the Kubernetes release notes, especially the removed APIs section and any breaking changes.
    • New Kubernetes patch versions released, 1.20.13, 1.21.7, 1.22.4.
  • Preview Features
    • Microsoft Defender for containers is now in Public Preview.
    • AKS GitOps agent extension is now in Public Preview.
  • Bug Fixes
    • Corrected validation that silently ignored updates to HTTP proxy settings.
    • Fixed issue that blocked creation of 0 node nodepools.
    • CSI driver probe timeout increased to 30s avoid driver crashes on small Windows VM sizes.
  • Component Updates
c09e76a
Compare
Choose a tag to compare

Release 2021-12-2

This release is rolling out to all regions - estimated time for completed roll out is 2021-12-13 for public cloud and 2021-12-16 for sovereign clouds.

Announcement

  • From Kubernetes 1.23, containerD will be the default container runtime for Windows node pools. Docker support will be deprecated in Kubernetes 1.24. You are advised to test your workloads before Docker deprecation happens by following the documentation here https://docs.microsoft.com/en-us/azure/aks/windows-container-cli#add-a-windows-server-node-pool-with-containerd-preview.
  • Konnectivity rollout has been halted for the rest of the year. We will continue the rollout in the new calendar year.
  • AKS is implementing auto-cert rotation slowly over the next few months. We have already enabled the following regions westcentralus, uksouth, eastus, australiacentral, and australiaest. If you have clusters in those regions please run a cluster upgrade in order to have that cluster configured for auto-cert rotation. The following regions brazilsouth, canadacentral, centralindia, and eastasia will be released in January after the holidays as the next group of regions. We will update the release notes will the upcoming schedule going forward until all regions are deployed.
  • AKS and Holiday Season: To ease the burden of upgrade and change during the holiday season, AKS is extending a limited scope of support for all clusters and node pools on 1.19 as a courtesy. Customers with clusters and node pools on 1.19 after the announced deprecation date of 2021-11-30 will be granted an extension of capabilities outside the usual scope of support for deprecated versions.
    The scope of this limited extension is effective from '2021-12-01 to 2022-01-31' and is limited to the following:
    • Creation of new clusters and node pools on 1.19.
    • CRUD operations on 1.19 clusters.
    • Azure Support of non-Kubernetes related, platform issues. Platform issues include trouble with networking, storage, or compute running on Azure. Any support requests for K8s patching and troubleshooting will be requested to upgrade into a supported version.

Release Notes

  • Bug Fixes
    • Fixed a bug such that the nodes on 1.21 wont be able to start with the DelegateFSGroupToCSIDriver feature flag. This feature flag is only introduced to kubelet in 1.22.
    • A WindowsGmsaProfile certificate renewal issue during certificate rotation has been identified and fixed.
    • Added the component=tunnel label to konnectivity-agent pods so they will be matched by any label selectors that previously matched tunnelfront pods. This only applies to clusters that have received the new Konnectivity network tunnel.
  • Behavioral Changes
    • Increased cpu limits of csi driver node daemonsets from 200m to 1cpu in order to prevent cpu throttling.
  • Component Updates
b311d36
Compare
Choose a tag to compare

Release 2021-11-18

Announcement

  • AKS is implementing auto-cert rotation slowly over the next few months. We have already enabled the following regions westcentralus, uksouth, eastus, australiacentral, and australiaest. If you have clusters in those regions please run a cluster upgrade in order to have that cluster configured for auto-cert rotation. The following regions brazilsouth, canadacentral, centralindia, and eastasia will be released in January after the holidays as the next group of regions. We will update the release notes will the upcoming schedule going forward until all regions are deployed.
  • Konnectivity rollout has been halted for the rest of the year. We will continue the rollout in the new calendar year.
  • AKS and Holiday Season: To ease the burden of upgrade and change during the holiday season, AKS is extending a limited scope of support for all clusters and node pools on 1.19 as a courtesy. Customers with clusters and node pools on 1.19 after the announced deprecation date of 2021-11-30 will be granted an extension of capabilities outside the usual scope of support for deprecated versions.
    The scope of this limited extension is effective from '2021-12-01 to 2022-01-31' and is limited to the following:
    • Creation of new clusters and node pools on 1.19.
    • CRUD operations on 1.19 clusters.
    • Azure Support of non-Kubernetes related, platform issues. Platform issues include trouble with networking, storage, or compute running on Azure. Any support requests for K8s patching and troubleshooting will be requested to upgrade into a supported version.

Release Notes

431a872
Compare
Choose a tag to compare

Release 2021-11-11

This release is rolling out to all regions - estimated time for completed roll out is 2021-11-18 for public cloud and 2021-11-25 for sovereign clouds.

Announcement

  • AKS is implementing auto-cert rotation slowly over the next few months. We have already enabled the following regions westcentralus, uksouth, eastus, australiacentral, and australiaest. If you have clusters in those regions please run a cluster upgrade in order to have that cluster configured for auto-cert rotation. The following regions brazilsouth, canadacentral, centralindia, and eastasia will be released in January after the holidays as the next group of regions. We will update the release notes will the upcoming schedule going forward until all regions are deployed.
  • AKS and Holiday Season: To ease the burden of upgrade and change during the holiday season, AKS is extending a limited scope of support for all clusters and node pools on 1.19 as a courtesy. Customers with clusters and node pools on 1.19 after the announced deprecation date of 2021-11-30 will be granted an extension of capabilities outside the usual scope of support for deprecated versions.
    The scope of this limited extension is effective from '2021-12-01 to 2022-01-31' and is limited to the following:
    • Creation of new clusters and node pools on 1.19.
    • CRUD operations on 1.19 clusters.
    • Azure Support of non-Kubernetes related, platform issues. Platform issues include trouble with networking, storage, or compute running on Azure. Any support requests for K8s patching and troubleshooting will be requested to upgrade into a supported version.

Release Notes

  • New Features
    • Auto-Upgrade for AKS is now GA.
  • Bug Fixes
    • An Authentication issue related to pulling image secrets has been fixed with a new version of the virtual-kubelet.
  • Component Updates
d3dd363
Compare
Choose a tag to compare

Release 2021-11-04

This release is rolling out to all regions - estimated time for completed roll out is 2021-11-11 for public cloud and 2021-11-18 for sovereign clouds.

Announcement

  • AKS is implementing auto-cert rotation slowly over the next few months. We have already enabled the following regions westcentralus, uksouth, eastus, australiacentral, and australiaest. If you have clusters in those regions please run a cluster upgrade in order to have that cluster configured for auto-cert rotation. The following regions brazilsouth, canadacentral, centralindia, and eastasia will be released in January after the holidays as the next group of regions. We will update the release notes will the upcoming schedule going forward until all regions are deployed.
  • Konnectivity - a new version of the AKS tunnel component will replace the aks-link and tunnel-front versions slowly over the rest of the calendar year. The following regions eastus, westcentralus, uksouth, uaenorth already have Konnectivity enabled.

Release Notes

  • Preview Features
    • Managed NAT Gateway is now in public preview.
    • Group Managed Service Accounts (GMSA) for your Windows Server nodes is now in public preview.
  • Bug Fixes
    • A bug has been fixed in Application Gateway Ingress Controller that previously caused users OOM errors while running a large number of ingress objects.
  • Component Updates
e67b689
Compare
Choose a tag to compare

Release 2021-10-28

This release is rolling out to all regions - estimated time for completed roll out is 2021-11-04 for public cloud and 2021-11-11 for sovereign clouds.

Announcement

  • AKS is implementing auto-cert rotation slowly over the next few months. We have already enabled the following regions westcentralus, uksouth, eastus, australiacentral, and australiaest. If you have clusters in those regions please run a cluster upgrade in order to have that cluster configured for auto-cert rotation. The following regions brazilsouth, canadacentral, centralindia, and eastasia will be released in January after the holidays as the next group of regions. We will update the release notes will the upcoming schedule going forward until all regions are deployed.
  • Konnectivity - a new version of the AKS tunnel component will replace the aks-link and tunnel-front versions slowly over the rest of the calendar year. The following regions westcentralus, uksouth, uaenorth already have Konnectivity enabled.

Release Notes

  • Preview Features
    • Node pool start/stop is now in preview.
    • Node pool snapshots are now supported. Please check the AKS documentation at 5pm Pacific on 11/02/2021 to read more.
  • Bug Fixes
    • added missing managed-csi storage class in AKS Kubernetes versions 1.21+.
    • Fixed a bug with the cluster autoscaler nodepool balancing due to a new agentpool label being added "kubernetes.azure.com/agentpool"
    • User manipulation or usage of the system-reserved label prefix "kubernetes.azure.com" is now correctly blocked.
  • Component Updates
    • Updated CSI Disk Driver to v1.8. and File Driver to 1.7.
    • Updated omsagent to ciprod10132021 and win-ciprod10132021.
    • Updated Azure CNI to v1.4.13 for Windows.
    • Updated ngnix to 0.4.93 on 1.21 and up clusters.
    • Updated nginx to 1.0.4 for HttpApplicationRouting addon for 1.22 and up clusters.
    • AKS Ubuntu 18.04 image updated to AKSUbuntu-1804-2021.10.23 - please refer to the link for package versions in this VHD.
637de42
Compare
Choose a tag to compare

Release 2021-10-15

This release is rolling out to all regions - estimated time for completed roll out is 2021-10-21 for public cloud and 2021-10-28 for sovereign clouds.

Release Notes

  • Features
  • Behavioral Changes
    • Add aks-managed-cluster-rg and aks-managed-cluster-name tags to the node resource group
  • Bug Fixes
    • Fix issue where Terraform is unable to set a default for the auto upgrade channel preview feature
  • Component Updates
    • Update Virtual Kubelet to 1.4.0
    • Use 1.5.0-rc1 of the AGIC Addon for k8s 1.22.0 to support ingress v1 API
    • Update Azure CNI to v1.4.12 for Windows
    • Update AKS base image version for Edge zones to 2021.10.13
    • AKS Ubuntu 18.04 image updated to AKSUbuntu-1804-2021.10.13 - please refer to the link for package versions in this VHD.
    • AKS Windows image has been updated to the 10B patch version including KB5004335, KB5004424, KB5006672 & KB5005701 2019-datacenter-core-smalldisk-17763.2237.211014 - please refer to the link for component versions in this VHD.
3892a0f
Compare
Choose a tag to compare

Release 2021-10-08

This release is rolling out to all regions - estimated time for completed roll out is 2021-10-14 for public cloud and 2021-10-21 for sovereign clouds.

Release Notes

  • Features
  • Preview Features
  • Behavioral Changes
    • Validation that DNS service IP is not on subnet boundary
    • Improve system pool taints error messages
    • Don't provision network monitor on any clusters >= 1.21 as Azure CNI moved to transparent mode
  • Bug Fixes
    • Fix issue where images in China region were pulled from public cloud MCR
  • Component Updates