Microsoft AKS updates 2023 - Q1

calendarApr 1, 2023 · 6 min read · Kubernetes AKS  ·
Share on: linkedincopy

Within this blog, I want to give an overview of all the feature in Q1 2023 that becomes available in General Availability, Technical Preview or End of Support by Microsoft. This information can be found at Microsoft Azure Updates.

Features that are now supported by Microsoft (GA):

  • [General available] AKS Edge Essentials
    Azure Kubernetes Service Edge Essentials is a Microsoft supported lightweight Kubernetes distribution that is fine tuned to run on edge devices with constrained resources. It can be used to deploy both single and multi-node K3s and K8S clusters that can run both Linux and Windows workloads on existing Windows devices.
  • [General available] Online live resize of persistent volumes
    Live resizing capability allows you to dynamically scale up your persistent volumes without application downtime. Previously, in order to resize the disk, you had to scale down your deployment to zero pods, wait several minutes for the disk to detach, update your persistent volume claim, and then scale back up the deployment. With Live resize of persistent volumes, you can just modify your persistent volume claim directly, avoiding any application downtime
  • [General available] Azure Kubernetes Service introduces two pricing tiers: Free and Standard
    AKS's unique Free tier allows you to only pay for the virtual machines, and associated storage and networking resources consumed, and you get the managed Kubernetes control plane for free. This allows you to deploy unlimited free test clusters to decide if AKS is right for your needs and allows you to configure and test your infrastructure set-up before running critical production workloads. The Free tier is recommended for clusters with less than 10 nodes and for experimenting, learning, and simple testing. The new Standard tier is the recommended control plane management pricing option which comes with greater control plane resources, scalability and the existing uptime SLA support. Customers currently signed up for the uptime SLA support will automatically be moved to the Standard tier with no change in cost or action needed. Standard tier not only includes the uptime SLA, but it will also include additional features such as support for up to 5000 nodes per cluster and API server autoscaling.

Features that are currently in Public Preview and not yet GA

  • [Public Preview] AKS support for Kubernetes 1.26 release
    AKS support for Kubernetes 1.26 AKS support for Kubernetes release 1.26 is now in public preview. Kubernetes 1.26 delivers 37 enhancements. This release includes new improvements in general Kubernetes metrics as well as in pod scheduling.
  • [Public Preview] Collect Syslog from AKS nodes using Azure Monitor container insights
    Customers can now collect Syslog from their AKS Clusters using Azure Monitor container insights. Combined with SIEM systems (Microsoft Sentinel) and observability tools (Azure Monitor), syslog collection enables tracking security and health events across IaaS and containerized workloads.
  • [Public Preview] Backup for Azure Kubernetes Service (AKS)
    Azure Backup now supports Backup for AKS, which is available in public preview. This solution simplifies the backup and restore of containerized applications and data. It allows customers to configure scheduled backup for both cluster state and application data, with fine-grained control. Backup for AKS is aligned with the Container Storage Interface (CSI) to offer Kubernetes-aware backup capabilities.
  • [Public Preview] Pod sandboxing in AKS
    Pod Sandboxing provide an effective strategy for safeguarding against “Container Breakout” scenarios such as a malicious or legitimate user escaping container isolation to access filesystem, processes, network interfaces, and other resources on the host machine. While one can enforce isolation through node pools, such an approach poses significant operation and resource overhead and increases operational costs. Pod Sandboxing addresses this issue by isolation workloads at the kernel level.
  • [Public Preview] AKS NodeOSUpgrade channel
    NodeOSUpgrade channel is a new channel that runs complementary to the existing AutoUpgrade Channel today. Customers can use this channel to disable unattended upgrades and put a maintenance schedule without worrying about Kured for security patches. They can run Node image upgrades in tandem with major Kubernetes auto upgrade channels like Stable, Rapid etc. The Node OS Upgrade channel also gets its own scheduler that runs parallel to the auto upgrade channel schedule. NodeOSUpgrade channel has the following 4 options and will work in tandem with Auto upgrade channel: None, Unmanaged, SecurityPatch and NodeImage.
  • [Public Preview] Upgrade scheduler
    Upgrade scheduler for AKS enables you to have a flexible schedule for your auto-upgrade channel. This helps provide more control to the set and forget model with additional cadence possibilities and a ‘Not allowed’ timeframe. If you are currently using the planned maintenance preview feature, you are encouraged to use the upgrade scheduler feature instead. The existing planned maintenance preview will eventually be relegated only for AKS weekly releases and the new auto upgrade scheduler will become the de facto maintenance scheduler for auto-upgrades.
  • [Public Preview] Container insights support for AKS hybrid clusters
    With AKS hybrid cluster support, you can now enable Azure Monitor container insights for your lifecycle managed AKS on Azure Stack HCI.

Features that are end of support by Microsoft:

  • [End of Life] Docker container runtime retirement for Windows node pools effective May 1, 2023
    Docker container runtime will be retired for Windows node pools on May 1, 2023. After docker container runtime is retired, you may remain on existing deployed instances but scaling operations will fail, node pool creation will fail, and you will be out of support.
  • [End of Life] AKS will stop support for Windows Server 2019 on March 1 2026
    Kubernetes workloads will no longer be supported with Windows Server 2019 when Kubernetes version 1.32 reaches End of Life (EOL) on March 1, 2026. Windows Server 2019 will not be available in Kubernetes 1.33 and higher.
  • [End of Life] In-tree disk and file drivers will no longer be supported starting in Kubernetes v1.26
    Due to the deprecation of in-tree storage drivers by the Kubernetes Community, Azure Storage is now provided by the Azure Disk CSI driver and Azure File CSI driver. Starting in Kubernetes 1.26 , we will no longer offer support for Azure Disk and Azure File in-tree drivers. While existing deployments using the in-tree drivers are not expected to break, these will no longer be tested and users should update them to use the CSI drivers as soon as possible. To migrate your existing in-tree disk and file volumes, review the following guidance: https://aka.ms/MigrateInTreeToCSI.

For more information about the features that are coming out, please refer to the public roadmap of Microsoft AKS team.