Microsoft AKS updates 2025 - Q1 and KubeCon Europe 2025

calendarMar 31, 2025 · 11 min read · Kubernetes AKS Prometheus KubeCon Cloudnativecon  ·
Share on: linkedincopy

Within this blog, I want to give an overview of all the feature in Q1 2025 that becomes available in General Available, Public Preview or Retired by Microsoft. This information can be found at Microsoft Azure Updates.

Features that are now supported by Microsoft (GA):

  • [General available] Node Auto-Repair Kubernetes Events in AKS since March 2025
    You can now monitor node auto-repair using the new Kubernetes events, which will notify you whenever node auto-repair initiates and finishes repair actions in your cluster. Node auto-repair is a built-in process which automatically detects unhealthy nodes and attempts to repair them through reboot, reimage, and redeploy actions. You can create alerts on the new events and be notified if there are any errors with the process.
  • [General available] Message of the Day support in AKS since March 2025
    Message of the day (MOTD) is now generally available on AKS. You can pass the --message-of-the-day flag with the location of the file to replace the Message of the Day on Linux nodes at cluster creation or node pool creation. This is often used in combination with Federal Information Process Standard (FIPS) enabled node pools.
  • [General available] Default Ephemeral OS disk Sizing in AKS since March 2025
    If you select a VM SKU that supports Ephemeral OS disks but don't specify an OS disk size, AKS by default provisions an Ephemeral OS disk with a size that scales according to the total temp storage of the VM SKU so long as the temp is at least 128GiB. If you want to use the temp storage of the VM SKU, you need to specify the OS disk size during deployment, otherwise it’s consumed by default.
  • [General available] Azure Managed Prometheus Supports Horizontal Pod Autoscaling for Replica Sets Pods in AKS since March 2025
    Azure Monitor Managed service for Prometheus now supports Horizontal Pod Autoscaling (HPA) for the ama-metrics replica set pod by default. With this update, the ama-metrics replica set pod which handles the scraping of Prometheus metrics with custom jobs can scale automatically based on the memory utilization. By default, the HPA is configured to support a minimum of 2 replicas (which is the global default) and a maximum of 12 replicas. Customers will also the have ability to set the shards to any number of minimum and maximum replicas as long as they are within the range of 2 and 12. HPA will automatically take care of scaling based on the memory utilization of the ama-metrics pod to avoid OOM kills.

Features that are currently in Public Preview and not yet GA

  • [Public Preview] Windows Support to Virtual Miachines Node Pools in AKS since March 2025
    Windows support for Virtual Machines Node Pools is now available in Azure Kubernetes Services. With Virtual Machines node pools, Azure Kubernetes Services directly manages the provisioning and bootstrapping of every single node. When deploying a workload onto Azure Kubernetes Services (AKS), each node pool typically can only contain one virtual machine (VM) type or SKU. Virtual Machines node pools allow the capability to add multiple VM SKUs of a similar family to a single node pool. Virtual Machines node pools allow you to specify a family of SKUs for a node pool without the need to maintain one node pool per SKU type, reducing the node pool footprint.
  • [Public Preview] Azure Linux 3.0 Support in AKS since March 2025
    Windows support for Virtual Machines Node Pools is now available in Azure Kubernetes Services. With Virtual Machines node pools, Azure Kubernetes Services directly manages the provisioning and bootstrapping of every single node. When deploying a workload onto Azure Kubernetes Services (AKS), each node pool typically can only contain one virtual machine (VM) type or SKU. Virtual Machines node pools allow the capability to add multiple VM SKUs of a similar family to a single node pool. Virtual Machines node pools allow you to specify a family of SKUs for a node pool without the need to maintain one node pool per SKU type, reducing the node pool footprint.
  • [Public Preview] Control plane Azure Platform Metrics in AKS since March 2025
    You can now monitor your AKS cluster control plane components such as the API server and ETCD using the new Azure platform metrics for control plane. The metrics provide insight into the availability and performance of your managed control plane components, helping you detect and resolve issues relating to the control plane. All Azure platform metrics are automatically collected for free for your AKS cluster, and are available for creating metrics-based alerts.
  • [Public Preview] Azure CNI Powered by Cilium Node Subnet Support in AKS since Februari 2025
    Public preview of Azure CNI powered by Cilium using Node Subnet for Linux clusters in AKS is now available. This enhancement allows users to configure AKS clusters with Azure CNI powered by Cilium and Node Subnet. Thereby, it extends compatibility of Cilium’s eBPF dataplane to all supported IP address management configurations on AKS clusters.
  • [Public Preview] Azure Container Storage on managed Prometheus since Februari 2025
    Azure Container Storage is a cloud-based volume management, deployment and orchestration service and works with Azure Kubernetes Service (AKS) to effectively scale across storage services while providing a cost-effective, container-native experience. Customers using Azure Container Storage (ACStor) on AKS clusters can now collect storage pool and disk metrics with Azure Managed Prometheus and view/query metrics in Azure Managed Grafana. When customers enable ACStor on an AKS cluster where Managed Prometheus is enabled, metrics will be automatically collected and ingested along with other metrics.
  • [Public Preview] Introducing the New AKS Monitoring Experience - Unified Insights since January 2025
    We're excited to announce the public preview of our enhanced Monitoring experience for Azure Kubernetes Service (AKS). This redesign of the existing Insights experience brings comprehensive monitoring capabilities into a single, streamlined view, addressing some of the most common challenges users face when managing their AKS clusters. Our new Monitoring experience provides both basic (free) and detailed insights (with enabled Prometheus metrics and logging), offering a unified, single-pane-of-glass experience. The basic experience is available for all AKS users with no configuration required at all.

Features that are retired

  • [Retirement] - Upgrade Architecture for AKS on Windows Server 2019 and Windows Server 2022 on March 27, 2028
    Required action:
    • If you're using Azure Kubernetes Service on Windows Server 2019 or Windows Server 2022: Azure Kubernetes Service's current architecture on Windows Server 2019 and Windows Server 2022 will be retired on March 27, 2028. Starting March 27, 2028, you'll no longer get support, security and quality updates for your existing Azure Kubernetes Service clusters. Additionally, you will not be able to deploy, upgrade or scale the current architecture of Azure Kubernetes Service on Windows Server 2019 and Windows Server 2022. In order to deploy Azure Kubernetes Service clusters on Azure Local, you need to first deploy a supported version of Azure Local.
    • If you're using Azure Kubernetes Service on Azure Local, version 22H2: If you're using AKS on Azure Local, version 22H2, be aware that Azure Local, version 22H2 will reach end of service on May 31, 2025. To continue receiving updates, we recommend updating to the latest version of Azure Local.
  • [Retirement] - Ubuntu 20.04 Node Pools in AKS on March 17, 2027
    Ubuntu 20.04 on Azure Kubernetes Service will be retired on March 17, 2027. Please transition to a supported Ubuntu version by that date. Ubuntu 20.04 has been replaced by newer supported versions, including Ubuntu 22.04 and Ubuntu 24.04. We encourage you to transition to Ubuntu 22.04+ before the retirement date. Starting on March 17, 2027, AKS will no longer create new node images for Ubuntu 20.04 or provide security updates. Existing node images will be deleted. Your node pools will be unsupported and you will no longer be able to scale.
    Required action:
    • If you’re currently using Ubuntu 20.04 with a Confidential VM (CVM) on AKS, follow our instructions to upgrade your Kubernetes version to 1.33+ where Ubuntu 24.04 will be the default Ubuntu version for CVM workloads.
    • If you’re currently using Ubuntu 20.04 with Federal Information Process Standard (FIPS) on AKS, follow our instructions to upgrade your Kubernetes version to 1.34+ where Ubuntu 22.04 will be the default Ubuntu version for FIPS workloads.
    • To avoid service disruptions, scaling restrictions, and remain supported, please follow our instructions to upgrade your Kubernetes version to 1.34+ by March 17, 2027. For more information on this retirement, see AKS GitHub.
  • [Retirement] - Ubuntu 20.04 Node Pools in AKS on June 17, 2025
    Ubuntu 18.04 on Azure Kubernetes Service will be retired on June 17, 2025. Please transition to a supported Ubuntu version by that date. Ubuntu 18.04 has been replaced by newer supported versions, including Ubuntu 22.04. We encourage you to transition to Ubuntu 22.04 prior to June 17, 2025 to experience the capabilities of Ubuntu 22.04 including kernel updates and security improvements.
    Required action:
    To avoid service disruptions, scaling restrictions, and remain supported, please follow our instructions to upgrade to a supported Kubernetes version. For more information on this retirement, see AKS GitHub.
  • [Retirement] - Kubenet Networking for Azure Kubernetes Service to Be Retired on March 31, 2028
    On March 31, 2028, kubenet networking for Azure Kubernetes Service (AKS) will be retired. To avoid service disruptions, you'll need to follow these instructions to upgrade to Azure Container Networking Interface (CNI) overlay before that date, when workloads running on kubenet for AKS will no longer be supported. Azure CNI overlay provides the same IP address overlay architecture as kubenet, plus new capabilities for increased scalability. We encourage you to migrate to Azure CNI overlay prior to the retirement date to take advantage of the added benefits.
  • [Retirement] - GPU image (Preview) in AKS on Januari 10, 2025
    On January 10, 2025, the AKS GPU Image (preview) retired. New node pool creations with the GPU image (preview) are now blocked. Existing node pools using the GPU Image (preview) are now unsupported. Follow the detailed steps in the documentation create GPU-enabled node pools using the alternative supported options on AKS.
    Required action:
    Migrate your existing AKS workloads from GPU VHD-enabled node pools to GPU-enabled node pools created using the supported alternative solutions.
  • [Retirement] - WebAssembly System Interface (WASI) node pools in AKS on May 5, 2025
    Azure Kubernetes Service will no longer support the WebAssembly System Interface (WASI) nodepools (preview). Starting on May 5, 2025 you will no longer be able to create new WASI nodepools. If you'd like to run WebAssembly (WASM) workloads, you can deploy SpinKube to Azure Kubernetes Service (AKS) from Azure Marketplace.
    Required action:
    Create new node pools following the AKS-supported alternative method using SpinKube and migrate existing workloads.
  • [Retirement] - Upgrade your Azure HDInsigt Clusters with TLS versions 1 dot 1 and below on March 31, 2025
    Customers that have Azure HDInsight cluster is using TLS version 1.1 or lower are requested to upgrade to clusters have TLS version 1.2.  To enhance security and provide best-in-class encryption for your data, we'll require all connections to Azure HDInsight clusters to be secured using Transport Layer Security (TLS) 1.2 or later beginning March 31, 2025, when connectivity will only be available through TLS 1.2 or later versions. This retirement notice applies only to Azure HDInsight clusters; all other TLS retirements aren’t impacted by this announcement. Your clusters maybe configured to use TLS 1.1 or lower due to outdated clusters, or other applications connected to Azure HDInsight clusters that only support lower TLS versions. 
    Required action:
    Upgrade to versions 5.1 of the Azure HDInsight cluster with TLS version 1.2 by March 31 to keep your clusters working as expected. To avoid potential service disruptions, confirm that your resources that interact with Azure services are using TLS 1.2 or later.

KubeCon 2025 Europe Highlights

General

  • [General available] - Deployment recommendations;
  • [General available] - Long term support for Kubernetes;
  • [General available] - AKS communication manager;
  • [General available] - Upgrade algorithm improvements;
  • [General available] - Deployment recommendations;
  • [Public Preview] - maxUnavailable;
  • [Public Preview] - Last Operation Status API;
  • [Public Preview] - Azure Linux 3.0 on AKS.

Monitoring

  • [General available] - Multitenant logging in Container Insights;
  • [General available] - Kubernetes metadata in Container Insights;
  • [General available] - CRD support in managed Prometheus;
  • [Public Preview] - Auto-instrumentation with Application Insights;
  • [Public Preview] - Diagnostic Settings managed component Logs;
  • [Public Preview] - Azure managed prometheus support Horizontal Pod Autoscaling;
  • [Public Preview] - Control Plane Platform Metrics.

Costs

  • [General available] - AKS Cost Recommendations;
  • [Coming soon] - Optimized Addon Autoscaling.

WebAssembly

  • [General available] - SpinKube.

FleetManager

  • [General available] - Auto-upgrade, safe automated multi-cluster updates;
  • [Public Preview] - Multi-cluster workload staged rollouts;
  • [Public Preview] - Multi-cluster resource eviction and disruption budgets.

ACR

  • [Public Preview] - Artifact Streaming Benefits;
  • [Private Preview] - Continuous Patching;
  • [Private Preview] - Entra ID Repository permissions.

Security

  • [General available] - AKS Security Bulletin;
  • [General available] - AKS CVE Mitigation Status;
  • [General available] - Kubernetes Host Protect;
  • [Public Preview] - Security Dashboard;
  • [Public Preview] - Agentless Runtime VA (Vulnerability Assessments);
  • [Public Preview] - Security Guardrails.

Networks

  • [General available] - Higher Pod Scale with Azure Cilium from kubernetes 1.32+;
  • [General available] - Network Isolated Clusters;
  • [General available] - Dual-stack on Azured Managed Cilium;
  • [General available] - Node Subnet on Azure Managed Cilium;
  • [Public Preview] - Azure CNI Overlay with AGC and AGIC;
  • [Public Preview] - LB Health probe optimizations;
  • [Public Preview] - Enchanged Security with Layer 7 Policies;
  • [Public Preview] - Service Allowed IP ranges;
  • [Coming soon] - Higher Throughput, Lower Latency;
  • [Coming soon] - Network Flow Logs powered by Retina;
  • [Coming soon] - Transparent encryption with WireGuard.

Development

  • [Public Preview] - Using natural language for common AKS tasks;
  • [Public Preview] - Edit with GitHub Copilot Agent Mode.

AI

  • [General available] - Skip automiatic GPU driver installation;
  • [Public Preview] - KAITO developer experience in Visual Studio Code;
  • [Public Preview] - Fine-tune models with AI toolchain operator add-on;
  • [Public Preview] - AL toolchain operator add-on: KAITO v0.4.4 updates.