Hello everyone,
We are pleased to announce that we have extended our support for minor Kubernetes versions for a period of up to one year, commencing with v1.23.x. In order to facilitate this, we have added a range of enhancements to our AKS hybrid platform which include:
On to product improvements since the last release.
Kubernetes 1.25 support
In this release we are bringing in support for K8s 1.25. This version of K8s has 40 enhancements and has improved windows support by addition of Performance Dashboard, Unit Tests and Conformance Test. We also have a
new repository created for Windows Operational Readiness.
Some notable enhancements and changes:
Deprecations:
Restrict SSH Access to VMs under AKS hybrid
We have added a feature that restricts Secure Shell Protocol (SSH) access to underlying VMs to certain IP addresses. By default, anyone with administrator access to AKS hybrid can access AKS hybrid service VMs through SSH on any machine. Given access is already limited to administrators, limiting access by IP address doesn't change our security posture but can make compliance much easier for customers who need to meet strict access controls requirements.
Add Pre-Install Validation tests
This release contains the following validation tests during the execution of Set-AksHciConfig to ensure that the configuration needed for a successful execution of Install-AksHci is available ahead of the actual installation.
Test name |
Description |
Troubleshooting |
AKS hybrid internet connectivity |
The test validates that the virtual machine hosting AKS hybrid has internet connectivity to key Microsoft endpoints. |
- Ensure that there is connectivity from the physical hosts to the internet. - If using a proxy, ensure that the proxy settings passed in Set-AksHciConfig are correct. - Ensure there is connectivity from any VMs in the the nodepool IP range provided in New-AksHciNetworkSetting parameters: “-k8sNodeIpPoolStart” and “-k8sNodeIpPoolStart” |
DNS availability |
The test validates that the provided DNS servers are available |
- Ensure that the DNS servers provided in New-AksHciNetworkSetting parameter “-dnsServers” are available to VMs in the IP range provided in parameters: “-k8sNodeIpPoolStart” and “-k8sNodeIpPoolStart” |
Connectivity between the VM that hosts AKS hybrid (Management Cluster) and the Cloud Agent |
This test validates that VMs in K8sNoodPool range can reach cloud agent endpoint |
- Ensure that the DNS servers provided in New-AksHciNetworkSetting can resolve cloud agent FQDN. - Ensure that cloud agent endpoint is online. |
Version updates and bug fixes
Software updates:
We have updated several components and dependencies to the latest versions to fix CVEs:
Bug Fix:
Documentation updates
Troubleshooting guide updates:
As always, you can try AKS on Azure Stack HCI or Windows Server any time even if you do not have the hardware handy using our eval guide to set up AKS on a Windows Server Azure VM.
Once you have downloaded and installed the AKS on Azure Stack HCI or Windows Server Update – you can report any issues you encounter, follow our plans, and check out recently released updates through the AKS hybrid roadmap in GitHub.
We look forward to hearing from you all!
Cheers,
AKS hybrid team.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.