Release 2024-07-16

Release 2024-07-16

Monitor the release status by regions at AKS-Release-Tracker. This release is titled as v20240716.

Announcements

• 1.30 is the next LTS version after 1.27. Upgrade from 1.27 LTS to 1.30 LTS will be possible starting August 2024. More information about AKS LTS is available here.
• 1.27 community supported has ended. To exit Long-Term Support (LTS) upgrade to 1.28 and disable LTS with the az aks upgrade command.
• A new tutorial has been released on how to securely scale your applications using the KEDA add-on and workload identity.
• Running az aks get-versions now returns all patch versions for an AKS version. Each supported minor version can support any number of patches at a given time. AKS reserves the right to deprecate patches if a critical CVE or security vulnerability is detected. To learn more about AKS versioning, please read the official documentation.
• Currently 1.25 + clusters which are running Microsoft Defender for Containers are running v1, and 1.29 + clusters which are running Microsoft Defender for Containers are running v2. Starting in mid-September 2024 all 1.25 + clusters which are running Microsoft Defender for Containers v1 will be migrated to Microsoft Defender for Containers v2.

Release Notes

• Features:

  • AKS version 1.30 is now GA.
  • AKS patch versions 1.30.2, 1.30.1, 1.29.6, 1.28.11, 1.27.15, are now available. Refer to version support policy and upgrading a cluster for more information.
  • Istio add-on for AKS now supports EnvoyFilter of the type Lua (type.googleapis.com/envoy.extensions.filters.http.lua.v3.Lua). While this EnvoyFilter is allowed, any issue arising from the Lua script itself is not supported. Other EnvoyFilter types currently remain blocked.
  • The ability to migrate your existing Ubuntu node pools to Azure Linux by changing the OS SKU of the node pool is now GA.

• Preview features:

  • CNI Overlay dual-stack (IPv4/IPv6) is now available on Windows Agent Pools.
  • Existing node pools can now be updated to enable or disable Federal Information Process Standard (FIPS). See aka.ms/aks/updatefips for more information.

• Bug Fixes:

  • Updated iptables rules in clusters with Azure Network Policy Manager to block pod access to wireserver.
  • A bug regarding App Routing's placeholderPod not properly cleaning up has been fixed.
  • A regression in kube-scheduler impacting Kubernetes versions 1.27.14, 1.28.10, 1.29.5 has been fixed in new patch versions 1.30.2, 1.30.1, 1.29.6, 1.28.11, 1.27.15. If you are on the affected patch versions. Please follow release v20240716 and upgrade your AKS version once the release is in your region.

• Behavior Change:

  • AKS Automatic clusters now use Azure Linux for Node Auto Provision dynamic nodes.

• Component Updates:

  • AKS has released new patches v1.29.5 and v1.30.4 for Cluster Autoscaler to fix a bug which prevents scaling from zero of selected SKUs.
  • coreDNS has been updated to use image v1.9.4-hotfix.20240704 to fix CVE vulnerabilities.
  • Istio add-on has been bumped to include v1.21.3-hotfix.20240626 and v1.22.1-hotfix.20240626 to fix datadog tracer zero-day crash.
  • KEDA add-on has been updated to v2.14.0 on AKS v1.30.
  • AKS Ubuntu 22.04 image has been updated to AKSUbuntu-202407.08.0.
  • Azure Linux image has been updated to AzureLinux-202407.08.0.