HomeWinBuzzer NewsMicrosoft Rolls Out Azure Linux 3.0 Preview for AKS with Security and...

Microsoft Rolls Out Azure Linux 3.0 Preview for AKS with Security and Performance Updates

Azure Linux 3.0 enters preview for on Azure Kubernetes Service v1.31, bringing updated components, stronger security, and developer-focused features.

-

Microsoft has released the preview version of Azure Linux 3.0 for Azure Kubernetes Service (AKS) running version 1.31, marking a major update to its container host OS. This release focuses on improving performance, tightening security, and enhancing developer resources, signaling a continued commitment to cloud-native technology.

From CBL-Mariner to Azure Linux

Azure Linux was formerly known as CBL-Mariner (Common Base Linux), Microsoft’s lightweight Linux distribution developed for cloud and edge services. Launched in 2020, CBL-Mariner served as the backbone for Azure containerized workloads and supported Windows Subsystem for Linux 2 (WSL 2).

Managed by Microsoft’s Linux Systems Group, it was designed with minimal packages to run containers efficiently, incorporating RPM for package management. The OS also featured a hardened kernel, a firewall based on iptables, and support for signed updates. The shift to Azure Linux with version 2.0.20240301 reflected its deeper integration into Microsoft’s cloud services.

Core Technical Updates

The 3.0 version introduces an upgraded Long-Term Support (LTS) Linux Kernel, advancing from 5.15 to 6.6. This change enhances system performance while integrating newer security protocols. Containerd, a vital container runtime, has moved to version 1.7.13, with plans for a 2.0 release once stable. SystemD has been updated from version 250 to 255, improving system management processes, while OpenSSL has been upgraded from version 1.1.1k to 3.3.0, providing stronger encryption capabilities [source].

Some of the major components upgraded from Azure Linux 2.0 to 3.0 include:

Component

Azure Linux 3.0

Azure Linux 2.0

Release Notes

Linux Kernel

v6.6 (Latest LTS)

V5.15 (Previous LTS)

Linux 6.6

Containerd

v1.7.13, but will also offer v2.0 once it becomes stable

1.6.26

Container Releases

SystemD

v255

V250

Systemd Releases

OpenSSL

v3.3.0

V1.1.1k

OpenSSL 3.3

 

Reinforced Security Measures

A notable feature in Azure Linux 3.0 is the default activation of SELinux (Security-Enhanced Linux) in enforcing mode, which provides granular access control policies that safeguard the system from unauthorized operations. This addition ensures that containerized workloads operate in a more secure environment, reducing exposure to potential vulnerabilities. The preview also includes a FIPS-compliant image, aligning with data protection standards required by federal agencies.

Broader Role in Microsoft’s Infrastructure

Azure Linux plays a pivotal role across Microsoft’s cloud ecosystem, powering Azure Stack HCI’s container services and supporting Linux workloads on Azure IoT Edge. It is also utilized in WSLg, facilitating the use of Linux GUI applications within Windows. By building on the foundation of CBL-Mariner, Azure Linux emphasizes reliability and lightweight performance, making it integral to Microsoft’s strategy for hybrid and multi-cloud solutions.

Enhanced Developer Experience

Developers using Azure Linux 3.0 will find an expanded array of tools and more efficient package availability. The OS is constructed to include only the fundamental packages necessary for containers, but users can add custom packages using RPM, offering flexibility without sacrificing system efficiency. This streamlined experience supports complex deployments while maintaining a focus on security with features like an iptables-based firewall and support for signed updates. [source].

How to Get Started with Azure Linux 3.0

To enable the Azure Linux 3.0 preview on AKS version 1.31, users must register the feature flag with their Azure subscription:

az feature registernamespace Microsoft.ContainerService –name AzureLinuxV3Preview

You can check the registration status with:

az feature show –namespace Microsoft.ContainerService –name AzureLinuxV3Preview

After registration, creating new AKS clusters or node pools with --os-sku=AzureLinux will automatically implement version 3.0. This deployment can be conducted using various tools such as CLI, PowerShell, Terraform, or ARM templates, ensuring flexibility for administrators [source].

Current Limitations and Preview Scope

While the Azure Linux 3.0 preview offers new capabilities, it comes with specific constraints. Only AKS version 1.31 supports this preview, and clusters using Azure Linux 2.0 cannot be upgraded to 3.0. Users must create new clusters or node pools to test the preview version. This release is part of the v20241025 rollout, and availability details can be found in the AKS Release Tracker. Microsoft plans to gather user feedback during this stage to refine the final version set for general availability on AKS 1.32.

Feedback and Community Involvement

Feedback is essential for Microsoft’s iterative development process, and Azure Linux users are encouraged to submit their insights via GitHub Issues. Public community calls, held bi-monthly, provide opportunities for direct interaction with the Azure Linux team. The upcoming call is on November 21 at 8:00 AM PST for those interested in more detailed discussions.

SourceMicrosoft
Markus Kasanmascheff
Markus Kasanmascheff
Markus has been covering the tech industry for more than 15 years. He is holding a Master´s degree in International Economics and is the founder and managing editor of Winbuzzer.com.

Recent News

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
We would love to hear your opinion! Please comment below.x
()
x
Mastodon