Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release 01/22/2023 -01/29/2023 #3445

Merged
merged 6 commits into from
Feb 6, 2023
Merged

Release 01/22/2023 -01/29/2023 #3445

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
bac1c92
Release 01/22/2023 -01/29/2023
miwithro Jan 31, 2023
95bf2bf
Update CHANGELOG.md
miwithro Jan 31, 2023
e841294
Update CHANGELOG.md
miwithro Jan 31, 2023
5397c86
Update CHANGELOG.md
miwithro Feb 1, 2023
c202ff4
Update CHANGELOG.md
miwithro Feb 1, 2023
d4e3ad9
Update CHANGELOG.md
miwithro Feb 1, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 28 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,33 @@
# Azure Kubernetes Service Changelog

## Release 2023-01-29

Monitor the release status by regions at [AKS-Release-Tracker](https://releases.aks.azure.com/).

### Announcements

* Starting with Kubernetes 1.26:
* HostProcess Containers will be GA
* Some AKS labels will be deprecated. Update your AKS labels to the recommended substitutions. See more information on label deprecations and how to update your labels in the [Use labels in an AKS cluster](https://docs.microsoft.com/azure/aks/use-labels) documentation.
* AKS began pod security policy deprecation on 2022-11-01 API. The [pod security policy](https://learn.microsoft.com/azure/aks/use-pod-security-policies) will be removed completely on 2023-06-01 API with AKS 1.25 version or higher. You can migrate pod security policy to [pod security admission controller](https://learn.microsoft.com/azure/aks/use-psa) before the deprecation deadline.
* Azure Policy will be updated to [GateKeeper 3.11](https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.11.0) on Feb 20th for AKS 1.24 and up.
* Workload Identity: Application pods using workload identity will need the following label added `azure.workload.identity/use` starting with the 2023-01-29 release. Add the label to your running pods/deployments to avoid pods from failing at restart. See more [here](https://learn.microsoft.com/azure/aks/workload-identity-overview#service-account-labels).

### Release notes

* Features
* New k8s patch versions for 1.23: Added 1.23.15, removed 1.23.8
* Preview Feature
* Azure CNI Overlay now available in uksouth, australiaeast
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have the docs been updated @phealy ?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The docs have been updated.

* Behavior Change
* AKS now allows updating httpProxyConfig.noProxy after cluster deployment. This updates the webhook which automatically injects environment variables into pods. It does not yet update noProxy configuration on running nodes. New nodepools or VMSS model upgrades will update noProxy on the nodes. In the future, rolling nodes may become automatic.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

are docs updated for this? because in docs right now, it's still saying "noProxy can't be changed after cluster creation"

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

doc update is forthcoming.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch.

That description is both too low level and not detailed enough. Also this is a feature, not a behavior change.

AKS now allows updating the noProxy value of HTTP Proxy configuration after cluster deployment. This will automatically inject new environment variables into pods with the new noProxy values. Pods must be rotated for the apps to pick it up. For components under kubernetes, like containerd and the node itself this won't take effect until a node image upgrade is performed.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Requesting changes on this

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

well technically, we are changing the behavior of an http proxy to allow update, which removes a limitation

* Component Updates
* Container Insights addon upgraded to[ciprod01182023](https://dev.azure.com/msazure/CloudNativeCompute/_git/aks-rp/pullrequest/7484271).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add the missing space

* Azure NPM addon upgraded to [v1.4.32](https://github.com/Azure/azure-container-networking/releases/tag/v1.4.32) in SOV Clouds.
* AKS Ubuntu 18.04 image has been updated to [AKSUbuntu-1804-2023.01.25](vhd-notes/aks-ubuntu/AKSUbuntu-1804/2023.01.25.txt).
* AKS Ubuntu 22.04 image has been updated to [AKSUbuntu-2204-2023.01.25](vhd-notes/aks-ubuntu/AKSUbuntu-2204/2023.01.25.txt).
* AKS Mariner image has been updated to [AKSMariner-2023.01.25](vhd-notes/AKSMariner/2023.01.25.txt).

## Release 2023-01-22

Monitor the release status by regions at [AKS-Release-Tracker](https://releases.aks.azure.com/).
Expand Down
Loading