Azure Day with Kubernetes

calendarMar 18, 2024 · 7 min read · Kubernetes AKS  ·
Share on: linkedincopy

Within this blog, I want to give an overview of all the feature which where shared at KubeCon Europe 2024 that becomes available in General Availability, Technical Preview or End of Support by Microsoft. This information can be found at Microsoft Azure Updates.

Features that are now supported by Microsoft (GA):

  • [General available] Cost analysis add-on for AKS
    Cost analysis add-on for AKS is now Generally Available. This Azure-native experience provides visibility into underlying cluster infrastructure costs associated with your AKS workloads. Costs are broken down by Kubernetes constructs such as cluster and namespace in addition to Azure asset categories. View cost allocation data directly in Azure Portal. Cost analysis add-on for AKS helps you tackle everyday cost monitoring, allocation, and cost optimization scenarios. Click here to learn more.
  • [General available] Windows Gen 2 VM support in AKS
    Gen 2 VM SKUs are now generally available for Windows on AKS. Azure Generation 2 (Gen2) virtual machines (VMs) support key features not supported in generation 1 VMs (Gen1). This enables you to bring Windows workloads to the cloud native platform more easily. Key features for Gen 2 VMs include increased memory, Intel Software Guard Extensions (Intel SGX), and virtualized persistent memory (vPMEM). Generation 2 VMs use the new UEFI-based boot architecture rather than the BIOS-based architecture used by generation 1 VMs. Only specific SKUs and sizes support Gen2 VMs. Check the list of supported sizes, to see if your SKU supports or requires Gen2. Gen2 VMs on Windows are supported for WS2022 only. Click here to learn more.
  • [General available] Custom kubelet configuration for Windows in AKS
    Custom kubelet configuration for Windows is now generally available in AKS. It allows you to modify certain default supported kubelet parameters for your Windows nodepools. Currently supported parameters can be found in the AKS documentation. If you’d like additional parameters supported, make a request on our AKS Github. Click here to learn more.
  • [General available] Kubernetes 1.29 support in AKS
    AKS now supports the latest Kubernetes 1.29 preview release (mandala) that has some much-awaited features such as ReadWriteOncePod, PersistentVolume access mode, Node volume expansion Secret support for CSI drivers, and more. Click here to learn more.
  • [General available] - Azure CNI overlay dual stack Support in AKS (Linux Only)
    This feature introduces dual stack networking in AKS using overlay networking, allowing nodes and pods to have both IPv4 and IPv6 addresses, enhancing connectivity and application compatibility. Click here to learn more.
  • [General available] VM IP based load balancer in AKS
    VM IP based load balancer feature, now generally available, introduces the capability to switch the inbound pool type in AKS, improving update and provisioning efficiency for services utilizing load balancers, particularly beneficial for clusters with large numbers of nodes. Click here to learn more.
  • [General available] Host Network Security Group (NSG) control in AKS
    You can now specify allowed host ports on node pools and add these pools to Application Security Group by directly configuring allowed ports in your node pool settings. For AKS nodes with public IPs hosting services, you must add a Network Security Group (NSG) rule to allow traffic. When you specify ports in the node pool configuration, it automatically creates "allow" rules in the cluster's NSG. This enhances security and traffic management for AKS nodes using public IPs. Click here to learn more.
  • [General available] HostPort auto assign in AKS
    HostPort auto assign feature in AKS, now generally available, enables the automatic assignment of host ports for pod workloads, streamlining the deployment process for services requiring direct access to a node's public IP without an intermediary like a load balancer. Click here to learn more.
  • [General available] Azure Kubernetes Service (AKS) support for 5K Node limit by default for standard tier clusters
    Azure Kubernetes Service (AKS) now supports up to 5000 Node limit by default in the Standard and Premium Pricing. This feature allows large workloads such as batch processing Jobs, Machine learning, simulations and multi-tenanted clusters to run at large scale with greater performance as AKS will Automatically scale up the Kubernetes control plane based on the load in the cluster. This feature enhances not just the number of nodes you can run in a cluster but increases the overall scale envelope (number of pods, services, CRDs) of AKS clusters in accordance with the upstream kubernetes scale limits. Both existing and new AKS clusters using the standard tier now get greater scalability and performance for Kubernetes control plane, up-to a maximum of 5,000 nodes and 200,000 pods per cluster. Click here to learn more.

Features that are currently in Public Preview and not yet GA

  • [Public Preview] Kubernetes AI Toolchain Operator (KAITO) add-on for AKS
    The Kubernetes AI Toolchain Operator (KAITO) add-on for AKS is now available in preview. You can now run specialized machine learning workloads like large language models (LLMs) on AKS more cost-effectively and with less manual configuration. The add-on is based on the open-source Kubernetes AI Toolchain Operator (KAITO). Streamlined to a few steps, the AI toolchain operator add-on for AKS automates LLM deployment across available CPU and GPU resources by selecting optimally sized infrastructure for the model. This add-on makes it possible to easily split inferencing across multiple lower-GPU count VMs, increasing the number of Azure regions where workloads can run, eliminating wait times for higher GPU-count VMs, and lowering overall cost.You can also choose from preset models with images hosted by AKS, significantly reducing overall inference service setup time on your cluster. To learn more, click here.
  • [Public Preview] Windows GPU support in AKS
    Azure Kubernetes Service (AKS) now supports Windows GPU in public preview. This feature allows you to run GPU workloads on Windows nodepools and addresses the needs of those already on Windows, or interested in migrating to AKS with Windows nodes with a requirement for compute intensive resources. Some common GPU workloads include machine learning, video encoding, large simulations, and gaming. To set up your nodepool, all you need to do is create a new nodepool with a supported GPU SKU. AKS will automatically install the NVIDIA driver and other required components. This unblocks Windows GPU workloads and greatly reduces the burden on you to manually install the necessary components. To learn more, click here.
  • [Public Preview] Azure CNI static block IP allocation support in AKS
    Azure Container Network Interface (CNI) static block IP allocation for AKS is now available in public preview.This feature optimizes scalability by allowing direct Pod IP access via VNet IPs, allocating IPs from one subnet to nodes and CIDR blocks to pods from another subnet for scalable network management. To learn more, click here.
  • [Public Preview] Deployment safeguards in AKS
    Throughout the development lifecycle, it's common for bugs, issues, and other problems to arise if misconfigurations have taken place during the initial deployment of your Kubernetes resources. To make it easier to implement best practices when deploying to Kubernetes, Azure Kubernetes Service (AKS) now offers deployment safeguards - a new feature that enforces Kubernetes best practices in your AKS cluster through Azure Policy controls. You can benefit from oversight of your Kubernetes manifest files via two configuration levels: 'Warning' and 'Enforcement’. ‘Warning’ level enables you to receive immediate warnings for improperly configured manifest files at the time of deployment. ‘Enforcement’ level blocks such files from being deployed outright. To learn more, click here.
  • [Public Preview] Instance level Public IP tags in AKS
    You can now utilize public IP tags on node public IPs to utilize the Azure Routing Preference feature. To learn more, click here.
  • [Public Preview] Trusted launch support in AKS
    Azure offers trusted launch as a seamless way to improve the security of Gen 2 virtual machines (VMs) by protecting against advanced and persistent attack techniques. Trusted launch is composed of several, coordinated infrastructure technologies that can be enabled independently. Each technology provides another layer of defense against sophisticated threats. Trusted launch preview in Azure Kubernetes Service (AKS) enables administrators to deploy AKS nodes, which contain the underlying virtual machines, with verified and signed bootloaders, OS kernels, and drivers. By using secure and measured boot, administrators gain insights and confidence of the entire boot chain's integrity and can ensure workloads are trusted and verifiable. To learn more, click here.