Curated documentation updates, feature announcements, community blogs, release highlights, and more.
Welcome to the March 2026 edition of the AKS Newsletter.
This month brings 6 features reaching General Availability and 9 new preview announcements. Here are some of the highlights:
Let's dive in.
Fine-tune and deploy an AI model on Azure Kubernetes Service (AKS) with the AI toolchain operator add-on: Learn how to fine-tune and deploy a language model with the AI toolchain operator add-on on your AKS cluster.
Blue-Green Node Pool Upgrades in Azure Kubernetes Service (AKS) (preview): Perform upgrades of AKS node pools using a blue-green deployment strategy to ensure workload availability during updates.
Configure Availability Zones in Azure Kubernetes Service (AKS): Learn how to configure availability zones in Azure Kubernetes Service (AKS) to increase the availability of your applications.
Deploy a Java application with Open Liberty/WebSphere Liberty on an Azure Kubernetes Service (AKS) cluster: Deploy a Java application with Open Liberty or WebSphere Liberty on an AKS cluster by using the Azure Marketplace offer, which automatically provisions resources.
Onboard custom models for inferencing with the AI toolchain operator (KAITO) on Azure Kubernetes Service (AKS): Learn how to onboard custom models for inferencing with the AI toolchain operator (KAITO) on AKS.
Outbound network and FQDN rules for Azure Kubernetes Service (AKS) clusters: Learn what ports and addresses are required to control egress traffic in Azure Kubernetes Service (AKS)
Create virtual nodes in Azure Kubernetes Service (AKS) using Azure CLI: Learn how to use Azure CLI to create an Azure Kubernetes Services (AKS) cluster that uses virtual nodes to run pods.
Use Cluster Health Monitor checker in Azure Kubernetes Service (AKS) (preview): Learn how the Cluster Health Monitor checker in Azure Kubernetes Service (AKS) runs data plane health checks and supports CoreDNS remediation.
Deploy Cilium mTLS encryption with Advanced Container Networking Services: Get started with Cilium mTLS encryption for Advanced Container Networking Services on your AKS cluster.
Create and Manage Persistent Volumes with Azure Files in Azure Kubernetes Service (AKS): Learn how to create and manage persistent volumes using Azure Files with the Container Storage Interface (CSI) driver in Azure Kubernetes Service (AKS) to provide scalable and reliable storage for...
Supported Kubernetes Versions in Azure Kubernetes Service (AKS): Learn the Kubernetes version support policy and lifecycle of clusters in Azure Kubernetes Service (AKS).
Cilium mutual TLS authentication and encryption with Advanced Container Networking Services (ACNS): An overview of Advanced Container Networking Services' Cilium mTLS encryption capabilities on Azure Kubernetes Service (AKS).
Update Azure CNI IP Address Management (IPAM) Mode and Data Plane Technology: Learn how to update existing Azure Kubernetes Service (AKS) clusters to use the latest Azure CNI IPAM modes and data plane technologies.
Use the Vertical Pod Autoscaler in Azure Kubernetes Service (AKS): Learn how to deploy, upgrade, or disable the Vertical Pod Autoscaler on your Azure Kubernetes Service (AKS) cluster.
Security bulletins for Azure Kubernetes Service (AKS): This article provides security/vulnerability related updates and troubleshooting guides for Azure Kubernetes Services (AKS).
Customize cluster egress with outbound types in Azure Kubernetes Service (AKS): Learn how to define a custom egress route in Azure Kubernetes Service (AKS).
Service account creation and workload identity setup for the Agentic CLI for Azure Kubernetes Service (AKS) (Preview): Learn how to create the required service account and optionally configure workload identity for the agentic CLI for AKS to enable authentication.
Azure Kubernetes Service (AKS) application routing add-on with the Kubernetes Gateway API (preview): Use the application routing add-on to manage ingress traffic on Azure Kubernetes Service (AKS) using the Kubernetes Gateway API.
Public Preview: Blue-green agent pool upgrade in AKS: In‑place node pool upgrades can introduce risk by applying changes directly to running environments.
Public Preview: Cross-cluster networking in Azure Kubernetes Fleet Manager: Organizations running applications across multiple Kubernetes clusters often face challenges with performance, global service discovery, and observability due to the complexity of distributed...
Public Preview: AKS managed GPU metrics in Azure Monitor: Teams running GPU‑backed workloads often lack integrated visibility into GPU utilization alongside Kubernetes metrics.
Public Preview: AI Agent for container networking troubleshooting: Troubleshooting Kubernetes networking issues is often slowed by logs and metrics scattered across multiple tools, forcing engineers to manually correlate signals during incidents.
Public Preview: Microsoft Azure Kubernetes Application Network: As Kubernetes environments scale across regions and clusters, IP‑based networking becomes difficult to manage and provides limited application‑level visibility and security controls.
Public Preview: Application routing with meshless Istio in AKS: Following the deprecation of ingress‑nginx, Kubernetes operators need a supported, standards‑aligned migration path for ingress without the complexity of a full service mesh.
Azure Monitor Profile OTLP gRPC support (preview): Is now available in public preview, enabling OpenTelemetry Protocol gRPC endpoints for Azure Monitor metrics collection.
ACNS (preview): Preview feature is now supported on dual-stack clusters.
Node Auto Provisioning (preview): Has been updated to Karpenter Azure provider v1.7.2.
Generally Available: Container network logs in AKS: Networking issues in Kubernetes environments can be difficult to diagnose due to limited visibility into traffic flows and insufficient context around failures.
Generally Available: Container network metrics filtering for AKS: Network observability can generate large volumes of metrics, making it difficult for teams to focus on data that is operationally relevant.
Generally Available: Azure Container Storage v2.1.0 now with Elastic SAN integration and on demand installation: Containerized workloads often require higher and more consistent storage performance without managing large numbers of individual disks.
Application Monitoring auto-instrumentation – now generally available: This feature enables codeless monitoring of your Java and Node.js workloads running on AKS — no source code changes required. It works by automatically injecting the Azure Monitor OpenTelemetry Distro into your application pods, generating telemetry for distributed tracing, metrics, and logs. You can onboard entire namespaces or individual deployments via the Azure portal, CLI, or YAML custom resources. Simply enable application monitoring on your cluster, configure an Instrumentation resource, and restart your deployments to start collecting telemetry in Application Insights.
AI Toolchain Operator (KAITO) add-on – now generally available: For running AI and ML workloads on AKS.
Private IP support in Static Egress Gateway – now generally available: Enables workloads to use private static IP addresses as the source for all outbound (egress) traffic from AKS clusters. By configuring a dedicated gateway node pool, you get consistent and predictable egress IPs — useful for allowlisting specific private addresses on downstream services or appliances
AKS Automatic clusters: Now enforce multiple layers of defense against remote code execution via nodes/proxy permissions: - A ValidatingAdmissionPolicy (VAP) restricts creation or updates of ClusterRole and Role...
eBPF host routing: Nodes will be labeled with kubernetes.azure.com/ebpf-host-routing=true.
Service tags for API server authorized IP ranges: Are now supported for AKS clusters with API server VNet integration.
configuring Standard V2 Azure NAT Gateway: As a user‑assigned NAT gateway for outbound (egress) traffic.
Flatcar Container Linux for AKS (preview): Will be retired on 8 June 2026, transition to a supported alternative by that date.
Announcing Gateway API support for App Routing (preview): The AKS app routing add-on now supports the Kubernetes Gateway API via a meshless Istio control plane — the recommended path to migrate from Ingress-NGINX.
Scaling multi-node LLM inference with NVIDIA Dynamo and NVIDIA GPUs on AKS (Part 3): This blog post is co-authored with Nikhar Maheshwari, Anish Maddipoti, Rohan Varma, Clement Pakkam Isaac, and Stephen Mccoulough from NVIDIA.
Dynamic Resource Allocation (DRA) with NVIDIA virtualized GPU (vGPU) on AKS: Recently, dynamic resource allocation (DRA) has emerged as the standard mechanism to consume GPU resources in Kubernetes. With DRA, accelerators like GPUs are no longer exposed as static extended...
Running more with less: Multi-instance GPU (MIG) with Dynamic Resource Allocation (DRA) on AKS: GPUs power a wide range of production Kubernetes workloads across industries. For example, media platforms rely on them for video encoding/transcoding, financial services firms run quantitative...
Announcing Public Preview of Argo CD extension on AKS and Azure Arc enabled Kubernetes clusters: Announcing Public Preview of Argo CD extension on AKS and Azure Arc enabled Kubernetes clusters We are excited to announce public preview of the Argo...
Announcing public preview: Cilium mTLS encryption for Azure Kubernetes Service: We are thrilled to announce the public preview of Cilium mTLS encryption in Azure Kubernetes Service (AKS), delivered as part...
Migrating to the next generation of Virtual Nodes on Azure Container Instances (ACI): ...nfrastructure. Virtual Nodes on ACI allows you to run Kubernetes pods managed by an AKS cluster in a serverless way on ACI instead of traditional...
After Ingress NGINX: Migrating to Application Gateway for Containers: If you're running Ingress NGINX on AKS, you've probably seen the announcements by now. The community Ingress Nginx project is being retired, upstream...
Microsoft Azure at KubeCon Europe 2026 | Amsterdam, NL - March 23-26: ...ctivities, and ways to connect with the engineers behind AKS and our open-source projects. Here's what's on the schedule: Azure Day with...
Defending Container Runtime from Malware with Microsoft Defender for Containers: ...bsp;near-real-time malware detection directly into container environments. The antimalware feature is available via Helm with sensor version 0.10.2 for <SPAN...
AI Reduces Time-To-Resolution (TTR) for your Kubernetes Cluster Issues: Reduce the troubleshooting time from 2. 5 hours to literally minutes with AI assisted troubleshooting on AKS using AKS MCP Server.
Context is crucial with AI Debugging - AI Debugging Best Practices: Qasim Sarfaraz talks about why providing the right context is crucial when debugging with AI assistants. He also discusses the need for independent analysis and confirming the AI findings rather...
AKS MCP Server with Julia Yin: AKS Troubleshooting Series: Azure Kubernetes Service: In todays episode, we talk to Julia Yin to do a deepdive on the AKS MCP Server. In the previous episodes, you have seen the AKS MCP Server and agentic CLI being used for troubleshooting different...
March 2026 showed continued investment across key areas of the AKS platform:
These updates reflect the platform's ongoing focus on production readiness, operational simplicity, and support for modern cloud-native workloads.
Stay tuned for next month's edition, and feel free to share feedback or suggestions for future coverage.