Release 2023-10-15
Monitor the release status by regions at AKS-Release-Tracker.
Announcements
- No new clusters can be created with Azure AD Integration (legacy). Existing AKS clusters with Azure Active Directory integration will keep working. All Azure AD Integration (legacy) AKS clusters will be migrated to AKS-managed Azure AD automatically starting from 1st Dec. 2023. We recommend updating your cluster with AKS-managed Azure AD before 1 Dec 2023. This way you can manage the API server downtime during non-business hours.
- CVE-2023-29332 Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability. An attacker who successfully exploited this vulnerability could gain Cluster Administrator privileges. Please update your AKS VHD to at least VHD version 230801 as mentioned in the issue
Release notes
-
Feature
- AKS supports to use annotations to configure the load balancer health probe for different service ports
-
Bug Fixes
- Fix for preventing cilium-operator from restarting unmanaged coredns pods
- Fix for - CVE-2023-44487 - The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly
- Fix for AKS Not Honoring/ Returning PrivateEndpointConnection description field
- Fix for PUT on ManagedCluster allowing more than the maximum tag limit of 50 in some rare cases
- Fix for Failure to create multiple agent pools concurrently when using the same PodSubnetID- Dynamic IP Allocation mode
-
Behavioral Changes
- Change in Key Vault error codes - KeyVaultEncryptKeyFailed will now be KeyVaultEncryptFailed and KeyVaultDecryptKeyFailed will now be KeyVaultDecryptFailed
-
Component Updates
- Updates ama-logs addon to version 3.1.15 10/13/2023
- Azure Linux image has been updated to Azure Linux - 202310.09.0
- Azure Windows 2019 Image has been updated to Azure Windows - 17763.4974.231011
- Azure Windows 2022 Image has been updated to Azure Windows - 20348.2031.231011
- AKS Ubuntu 22.04 image has been updated to AKSUbuntu-2204-202310.09.0