更新封存
Azure Kubernetes Service (AKS): 九月 2020 的每月更新
New features for Windows Server containers in Azure Kubernetes Service
Learn about new Windows Server container related capabilities in AKS
Confidential computing nodes (DCSv2) support on Azure Kubernetes Service (AKS) in public preview
Orchestrate your container applications with hardware based isolation and data-in-use protection through Intel SGX enclaves. Supporting both enclave aware containers and confidential containers (unmodified container apps)
GA: Azure Kubernetes Service mutate default storage class feature
AKS users now have the flexibility to use a different storage class instead of the default storage class.
Visual Studio Code extension diagnostics + periscope
This Visual Studio Code extension enables developers to use AKS periscope and AKS diagnostics in their development workflow to quickly diagnose and troubleshoot their clusters.
正式上市:新基本映像 Ubuntu 18.04 的 Azure Kubernetes Service 支援
Ubuntu 18.04 現在是 Azure Kubernetes Service (AKS) 上的預設節點作業系統。
Public preview: Azure role-based access control (RBAC) for Kubernetes authorization
Achieve unified management and access control across Azure resources, AKS, and Kubernetes resources.
GA: Policy add-on for Azure Kubernetes Service
You can now set policies beyond the Azure Resource Manager level and drive in-depth compliance across pods, namespaces, ingress, and other Kubernetes resources.
Public preview: AKS start/stop cluster feature
Customers can save on time and costs by using the start/stop AKS clusters.
Azure Kubernetes Service on Azure Stack HCI now in public preview
Azure Kubernetes Services (AKS) on Azure Stack HCI enables developers and admins to deploy and manage containerized apps on Azure Stack HCI.
Public preview: Azure Kubernetes Service support for Kubernetes 1.19
AKS users can now benefit from features in Kubernetes 1.19 release
Azure Kubernetes Service:藉由寫入至容器的 /etc/hosts 來發動節點磁碟 DOS (CVE-2020-8557)
若 Pod 將大量資料寫入至 Azure Kubernetes Service 中的 etc/hosts 檔案,可能會導致節點失敗。
Azure Kubernetes Service:從遭入侵節點對叢集發動權限提升攻擊 (CVE-2020-8559)
若攻擊者能夠攔截 Kubelet 的特定要求,這些節點可能存在風險。 了解您是否易受攻擊及如何降低風險。