Release 2023-05-07
Monitor the release status by regions at AKS-Release-Tracker.
Announcements
- Docker container runtime for Windows nodepools has been retired as of May 1, 2023. After docker container runtime is retired, you may remain on existing deployed instances but scaling operations will fail, nodepool creation will fail, and you will be out of support. Follow the detailed steps in our documentation to upgrade to containerd.
- Each Kubernetes version is supported for 12 months. After 12 months, the minor version will shift to platform support only. Our new platform support policy provides customers with Azure infrastructure support while the cluster is in an n-3 version (where n is the latest supported AKS GA minor version). Platform support does not include anything related to Kubernetes functionality and components, but provides customers with additional support beyond what was previously provided for unsupported versions.
- The Docker Bridge CIDR field in the AKS API was made redundant during our change from Docker to containerD in Kubernetes version 1.19. Starting with the 2023-04-01 AKS API version, the Docker Bridge CIDR field will be removed.
- AKS is gradually rolling out a change that will rotate the token in the kubeconfig credentials. It shall not incur any impact since kubeconfig has the client certificate. Should you see any issue, retrieve the kubeconfig again with
az aks get-credentials.
Release notes
-
Preview Features
- Mariner is now supported in NodeOSUpgradeChannel (preview). This change is currently rolling out and expected to be in all regions by May 12th.
-
Bug Fixes
- Updated 'cilium', 'cilium-operator', 'cilium-pre-flight' ClusterRoles to include 'update' permission for 'ciliumidentities' api-resource. This addresses the issue where cilium-operator and cilium-agent could not garbage collect unused identities. identities.
- Now returning a clientError, when you do a Stop/RunCommand action on a cluster that was never successfully provisioned and was stuck in failed state. Error message returned is "The cluster is being deleted or hasn't been fully provisioned yet.".
- The CPU limit of Windows DaemonSet for Azure Monitor Metrics Addon is updated from 200m to 500m to fix throttling issue.
- In cases where an Azure CNI Overlay cluster's podCIDR becomes exhausted (i.e does not have enough ip addresses for the node count across all nodepools)then based on nodepools.MaxCount value only for those nodepools that have AutoScaling enabled - customer will get an already existing error message 'i18n.InsufficientSubnetSize error Target fieldnames.NetworkProfile_PodCIDR'.
- In case customer deploys an Azure CNI Overlay cluster into a nodeCIDR, where the nodeCIDR doesn't have enough ip addresses for the number of nodes across the nodepools on the same subnet. Then for nodepools that have autoscaling enabled and based on maxcount, customer will get the same 'i18n.InsufficientSubnetSize error message with an error target fieldnames.AgentPoolProfile_VnetSubnetID'.
-
Component Updates
- Open Service Mesh add-on images updated from v1.2.3 to v1.2.4 for AKS clusters of versions >= 1.24.0.
- Istio-based service mesh add-on's istiod and ingress images updated from v1.17.1 to v1.17.2. User needs to restart the workload pods to trigger re-injection of the newer patch version of istio-proxy. More information can be found here.
- Cilium upgraded to 1.12.8 for AKS clusters with Azure CNI Powered by Cilium.
- Blob csi driver upgraded to v1.19.5 on AKS 1.24, 1.25 to fix blobfuse install failures.
- Csi-provisioner version updated to v3.5.0 in order to fix a volume deletion issue, details
- AKS Ubuntu 18.04 image has been updated to AKSUbuntu-1804-202305.08.0.
- AKS Ubuntu 22.04 image has been updated to AKSUbuntu-2204-202305.08.0.
- AKS Mariner image has been updated to AKSMariner-202305.08.0.