Release 2021-12-2
This release is rolling out to all regions - estimated time for completed roll out is 2021-12-13 for public cloud and 2021-12-16 for sovereign clouds.
Announcement
- From Kubernetes 1.23, containerD will be the default container runtime for Windows node pools. Docker support will be deprecated in Kubernetes 1.24. You are advised to test your workloads before Docker deprecation happens by following the documentation here https://docs.microsoft.com/en-us/azure/aks/windows-container-cli#add-a-windows-server-node-pool-with-containerd-preview.
- Konnectivity rollout has been halted for the rest of the year. We will continue the rollout in the new calendar year.
- AKS is implementing auto-cert rotation slowly over the next few months. We have already enabled the following regions westcentralus, uksouth, eastus, australiacentral, and australiaest. If you have clusters in those regions please run a cluster upgrade in order to have that cluster configured for auto-cert rotation. The following regions brazilsouth, canadacentral, centralindia, and eastasia will be released in January after the holidays as the next group of regions. We will update the release notes will the upcoming schedule going forward until all regions are deployed.
- AKS and Holiday Season: To ease the burden of upgrade and change during the holiday season, AKS is extending a limited scope of support for all clusters and node pools on 1.19 as a courtesy. Customers with clusters and node pools on 1.19 after the announced deprecation date of 2021-11-30 will be granted an extension of capabilities outside the usual scope of support for deprecated versions.
The scope of this limited extension is effective from '2021-12-01 to 2022-01-31' and is limited to the following:- Creation of new clusters and node pools on 1.19.
- CRUD operations on 1.19 clusters.
- Azure Support of non-Kubernetes related, platform issues. Platform issues include trouble with networking, storage, or compute running on Azure. Any support requests for K8s patching and troubleshooting will be requested to upgrade into a supported version.
Release Notes
- Bug Fixes
- Fixed a bug such that the nodes on 1.21 wont be able to start with the DelegateFSGroupToCSIDriver feature flag. This feature flag is only introduced to kubelet in 1.22.
- A WindowsGmsaProfile certificate renewal issue during certificate rotation has been identified and fixed.
- Added the component=tunnel label to konnectivity-agent pods so they will be matched by any label selectors that previously matched tunnelfront pods. This only applies to clusters that have received the new Konnectivity network tunnel.
- Behavioral Changes
- Increased cpu limits of csi driver node daemonsets from 200m to 1cpu in order to prevent cpu throttling.
- Component Updates
- AKS Ubuntu 18.04 image updated to AKSUbuntu-1804-2021.11.27 - please refer to the link for package versions in this VHD.