There were a whole lot of announcements around Azure Kubernetes Service (AKS) at Ignite 2020. I thought I’d quickly sum them all up and provide links:
Brendan Burn’s post on AKS Updates
A great summary of recent investments in AKS from Kubernetes co-creator, Brendan Burns.
Preview: AKS now available on Azure Stack HCI
AKS on Azure Stack HCI enables customers to deploy and manage containerized apps at scale on Azure Stack HCI, just as they can run AKS within Azure.
Public Preview: AKS Stop/Start Cluster
Pause an AKS cluster and pick up where they left off later with a switch of a button, saving time and cost.
GA: Azure Policy add on for AKS
Azure Policy add on for AKS allows customers to audit and enforce policies to their Kubernetes resources.
Public Preview: Confidential computing nodes on Azure Kubernetes Service
Azure Kubernetes Service (AKS) supports adding DCsv2 confidential computing nodes on Intel SGX.
GA: AKS support for new Base image Ubuntu 18.04
You can now create Node Pools using Ubuntu 18.04.
GA: Mutate default storage class
You can now use a different storage class in place of the default storage class to better fit their workload needs.
Public preview: Kubernetes 1.19 support
AKS now supports Kubernetes release 1.19 in public preview. Kubernetes release 1.19 includes several new features and enhancements such as support for TLS 1.3, Ingress and seccomp feature GA, and others.
Public preview: RBAC for K8s auth
With this capability, you can now manage RBAC for AKS and its resources using Azure or native Kubernetes mechanisms. When enabled, Azure AD users will be validated exclusively by Azure RBAC while regular Kubernetes service accounts are exclusively validated by Kubernetes RBAC.
Public Preview: VSCode ext. diag+periscope
This Visual Studio Code extension enables developers to use AKS periscope and AKS diagnostics in their development workflow to quickly diagnose and troubleshoot their clusters.This Visual Studio Code extension enables developers to use AKS periscope and AKS diagnostics in their development workflow to quickly diagnose and troubleshoot their clusters.
Enhanced protection for containers
Enhanced protection for containers: As containers and specifically Kubernetes are becoming more widely used, the Azure Defender for Kubernetes offering has been extended to include Kubernetes-level policy management, hardening and enforcement with admission control to make sure that Kubernetes workloads are secured by default. In addition, container image scanning by Azure Defender for Container Registries will now support continuous scanning of container images to minimize the exploitability of running containers
Learn more about Microsoft Defender, Azure Defender and Azure Sentinel.
There may indeed been more, and I’ll update them as they come to hand. Hope this roll up helps.
Head over to https://myignite.microsoft.com and watch some of the AKS content to get even an even better view of the updates.