Release 2024-04-11

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

• Support upgrade version skew policy between core node and control plane components from n-2 to n-3 to match related upstream policy change starting Kubernetes version 1.28. AKS docs available here.
• Starting 1.30 Kubernetes version and 1.27 LTS versions, beta apis will be disabled by default, when you upgrade to them. There will be an option provided to explicitly enable beta apis closer to the 1.30 release.
• On 15 March 2027, Windows Server 2022 will be retired when Kubernetes 1.34 reaches the end of platform support. You won't be able to create new Windows Server 2022 node pools on Kubernetes 1.35 and above. We encourage you to make the switch before 15 March 2027 to gain the richer benefits of Windows Server 2025 or Windows Server Annual Channel. These new Windows OS versions will be supported on AKS before Windows Server 2022 is retired. For more updates, see our AKS public roadmap.
• Kubernetes version 1.26 is now removed. Refer to for platform support timeline.
• In 2020 Docker enacted a Rate Limiting policy for all users. In-order to assist customers with the change, Microsoft worked directly with Docker to prevent users of Microsoft Azure from being impacted. However, beginning on June 30th, 2024, Azure customers will begin to be impacted by this limit. In-order for customers to mitigate the potential effects of this limit. We recommend customers begin to use the Artifact Cache feature within Azure Container Registry or sign up for a Docker Subscription. More information is available here

Release Notes

• Features:

  • Dual-stack networking (IPv4/IPv6) with CNI Overlay is now generally available (GA) for Linux node pools.
  • Using Alias Minor Version is now allowed on preview versions.

• Behavioral Changes:

  • This introduces the constraint template validation behavior change called out in November's release notes
    2023-11-28 . It also improves cleanup of the addon, as called out in Issue #3541 , and patches CVE-2024-24786 in the addon.
  • Added resource nodes/proxy to microsoft-defender-operator role
  • AKS will be fixing a behavior where manually added Labels, Taints and Annotations are incorrectly copied to surged upgrade nodes. To ensure any Label or Taint is present in new nodes please use the Labels and/or Taints functionality provided by AKS.

• Bug Fixes:

  • Fixes a bug where a PUT operation(Update) on nodepool without a specified version in LTS clusters would have an internal error.
  • Error message improved to specify that it is only allowed to update public SSH key in preview API versions.
  • Clusters running Kubernetes 1.29 or later will have kubernetes.azure.com/managedby=aks label to tigera-operator deployment in Calico clusters

• Component Updates:

  • Upgraded Azure file CSI driver to v1.29.4 on AKS 1.28, v1.30.1 on AKS 1.29
  • Upgraded Azure Blob CSI driver to v1.23.4 on AKS 1.28 and 1.29
  • Upgraded Azure Monitor Metrics April release to v.6.8.7
  • Istio revision asm-1-21 is now available with Istio-based service mesh add-on. More information on performing canary upgrade for the new minor revision of Istio can be found here
  • Upgraded Windows containerd v1.7 to v1.7.14 in k8s v1.28+
  • Windows Server 2019 Image has been updated to Windows Server 2019-17763.5696.240410 and Windows Server 2019-17763.5576.240401
  • Windows Server 2022 has been updated to Windows Server 20348.2340.240410 and Windows Server 2022-20348.2340.240401
  • Azure Linux image has been updated to Azure Linux 202404.01.0
  • AKS Ubuntu 22.04 image has been updated to AKSUbuntu-2204-202404.01.0
  • Upgraded Azure Monitor Container Insights image to v3.1.19
  • Upgraded Kaito images to v0.2.2