github Azure/AKS 2024-04-28
Release 2024-04-28
on GitHub

12 days ago

Monitor the release status by regions at AKS-Release-Tracker.

Announcements

  • Starting 1.30 Kubernetes version and 1.27 LTS versions, beta apis will be disabled by default, when you upgrade to them. There will be an option provided to explicitly enable beta apis closer to the 1.30 release.
  • On 15 March 2027, Windows Server 2022 will be retired when Kubernetes 1.34 reaches the end of platform support. You won't be able to create new Windows Server 2022 node pools on Kubernetes 1.35 and above. We encourage you to make the switch before 15 March 2027 to gain the richer benefits of Windows Server 2025 or Windows Server Annual Channel. These new Windows OS versions will be supported on AKS before Windows Server 2022 is retired. For more updates, see our AKS public roadmap.
  • In 2020 Docker enacted a Rate Limiting policy for all users. In-order to assist customers with the change, Microsoft worked directly with Docker to prevent users of Microsoft Azure from being impacted. However, beginning on June 30th, 2024, Azure customers will begin to be impacted by this limit. In-order for customers to mitigate the potential effects of this limit. We recommend customers begin to use the Artifact Cache feature within Azure Container Registry or sign up for a Docker Subscription. More information is available here
  • If you use any programming/scripting logic to list and select a minor version of Kubernetes before creating clusters with the ListKubernetesVersions API, note that starting from Kubernetes v1.27, the API returns SupportPlan as [KubernetesOfficial, AKSLongTermSupport]. Please ensure you update any logic to exclude AKSLongTermSupport versions to avoid any breaks and choose KubernetesOfficial support plan versions. Otherwise, if LTS is indeed your path forward please first opt-into the Premium tier and the AKSLongTermSupport support plan versions from the ListKubernetesVersions API before creating clusters. Refer long term support for more information.
  • AKS patch version 1.29.4 is now available.

Release Notes

  • Features:

    • With this release, Azure Linux 2.0 becomes a supported OS for AKS Long Term Support (LTS) with v1.27. Learn more about Azure Linux and LTS.
    • You can now get insight into the progress of any ongoing operation, such as create, upgrade, and scale, using any preview API version after 2024-01-02-preview using the Get/List operations call. Refer to Long running operations on an Azure Kubernetes Service (AKS) cluster for more information.

  • Behavioral Changes:

    • Manually added Labels, Taints, and Annotations on nodes will no longer be copied to nodes during surged upgrade. To ensure any Label or Taint is present in new nodes please use the Labels and/or Taints functionality provided by AKS.
    • The Istio-based service mesh add-on now skips validation of its compatibility with cluster version unless mesh upgrade or cluster upgrade is attempted.
    • Effective starting with Kubernetes version 1.29, when you deploy Azure Kubernetes Service (AKS) clusters across multiple availability zones, AKS now utilizes zone-redundant storage (ZRS) to create managed disks within built-in storage classes. ZRS ensures synchronous replication of your Azure managed disk across multiple Azure availability zones in your chosen region. This redundancy strategy enhances the resilience of your applications and safeguards your data against datacenter failures. Refer to Storage concept for more information.

  • Bug Fixes:

    • Fixed a bug that incorrectly calculated number of free IPs in a subnet when upgrading an agent pool using Azure CNI with Dynamic IP allocation.
    • Fixed a bug to allow correct IP address calculation for subnets with Private Link Service.
    • Fixed a bug where the ordering of the system environment variables injected into pods could change.
    • Fixed a bug in clusters that use Node Autoprovisioning for stateful workloads deployments that use availability zones.
    • Fixed a bug in clusters that use Node Autoprovisioning and managed identity to authenticate Azure Container Registry.
    • Fixed an issue for clusters older than v1.20.X where Cluster Autoscaler cannot be started or reconciled.
    • Fixed an issue where clusters using Pod Identity would fail to migrate to Azure CNI.
    • The Istio-based service mesh add-on components can now tolerate running on the system node pools with the CriticalAddonsOnly taint.
    • Fixed an issue where ephemeral disk placement was incorrectly updated.

  • Component Updates:

    • Upgraded Kubernetes Secrets Store CSI Driver to v1.4.3 and Azure Key Vault Provider for Secrets Store CSI Driver to v1.5.2
    • The Istio-based service mesh add-on has been patched to versions 1.19.9, 1.20.5, and 1.21.1 to address CVE-2024-27919, CVE-2024-30255, CVE-2023-45288, and GHSA-3mh5-6q8v-25wj. Workloads need to be restarted by user to consume the latest version of istio-proxy sidecar. More information can be found here.
    • Open Service Mesh (OSM) add-on has been patched to address GHSA-3mh5-6q8v-25wj.
    • Upgraded Azure Disk CSI driver to v1.30.1 on AKS 1.29.
    • Upgraded Azure File CSI driver to v1.29.7 on AKS 1.27 and to v1.29.4 on AKS 1.28 on Windows nodes.
    • Upgraded Azure Blob CSI driver to v1.24.1 on AKS 1.28 and to v1.22.6 on AKS 1.27.
    • Upgraded Azure workload identity to v1.2.2.
    • Upgraded Azure Monitor Container Insights image to v3.1.20
    • Windows Server 2019 has been updated to Windows Server 17763.5696.240423.
    • Windows Server 2022 has been updated to Windows Server 20348.2402.240423.
    • Azure Linux image has been updated to Azure Linux 202404.16.0
    • AKS Ubuntu 22.04 image has been updated to AKSUbuntu-2204-202404.16.0
Check out latest releases or
releases around Azure/AKS 2024-04-28

Don't miss a new AKS release

NewReleases is sending notifications on new releases.

Get notifications