This is an exciting month for us in the AKS hybrid team. Not only do I get to share the September update of AKS on Azure Stack HCI and Windows Server but Ignite also just began and will include some exciting announcements.
Looking at the September release, this update is absolutely packed with new things from new PowerShell controls for pre-downloading images to Mariner 2.0 support. Stay tuned for a follow up blog post with all of the Ignite sessions you should follow to follow our other product updates.
As always, you can try AKS on Azure Stack HCI or Windows Server any time using our get-started guide. If you do not have the hardware handy to evaluate AKS on physical hardware you can use our eval guide to set up AKS on a Windows Server Azure VM.
Here are more details about the changes you'll see in this update:
PowerShell support for pre-downloading install and update content (preview) We have seen a number of people running AKS on HCI or Windows Server in semi-connected or low-quality networking environments. We have introduced new PowerShell cmdlets to pre-download AKS hybrid images so that update and install are more reliable in places where large data downloads need to be pre-staged. Read more.
Software Defined Networking (SDN) support has been promoted to GA Last month we announced Microsoft SDN integration had been integrated into our GA build as a preview feature. We have completed validation, added documentation, and are officially moving SDN from preview to GA.
Updated Linux container base image to Mariner 2.0
Mariner 2.0 is just under half the size of Mariner 1.0 but comes with security improvements, faster upgrades, and ~3000 added or updated packages. We’re excited.
As a reminder, the Mariner image under all of our Linux container workloads provides a Linux kernel for Linux-based Kubernetes clusters. You can, of course, run any Linux container you'd like on this base image (ubuntu, alpine, redis, busybox, etc).
Support for multiple administrators using system Administrators group Some of you may have experienced an annoying permission error when someone other than the user who installed AKS hybrid tries to upgrade, make new clusters, or generally interact with the AKS service.
Starting with the September release, AKS on Azure Stack HCI and Windows Server permissions are integrated with the local 'Administrators' user group; now any Administrator on the system to create/delete clusters and manage the AKS service.
SDN + AKS HCI Known Issue - Update, Invoke, and Repair AKSHCI PowerShell cmdlets sometimes fail because they can't connect through security isolation on an overlay virtual network. This script is available to download that will connect the HCI host to the virtual network on-demand so that the AKSHCI commands run as expected.
Introduced auto-renewal for mocctl certificate expiry issue which improves quality past 90 days.
Added an install precheck for root folders for the CSV (eg: c:\clusterstorage\volume1) as workingDir.
Improved reliability when starting/stopping cluster VMs.
Updated the pattern internally for identifying control plane VMs to improve cert repair behavior. This improves update reliability.
Once you have downloaded and installed the AKS on Azure Stack HCI or Windows Server Update – you can report any issues you encounter and track future feature work on our GitHub Project at https://github.com/Azure/aks-hci.