Welcome to the March 2026 edition of the AKS Newsletter.

This month brings 6 features reaching General Availability and 9 new preview announcements. Here are some of the highlights:

• Container network logs in AKS are now generally available
• Container network metrics filtering for AKS is now generally available
• Azure Container Storage v2.1.0, now with Elastic SAN integration and on-demand installation, is now generally available
• Blue-green agent pool upgrades in AKS enter public preview
• Cross-cluster networking in Azure Kubernetes Fleet Manager enters public preview
• AKS managed GPU metrics in Azure Monitor enters public preview

Let's dive in.

🔎 Documentation Updates

• Fine-tune and deploy an AI model on Azure Kubernetes Service (AKS) with the AI toolchain operator add-on: Learn how to fine-tune and deploy a language model with the AI toolchain operator add-on on your AKS cluster.

• Blue-Green Node Pool Upgrades in Azure Kubernetes Service (AKS) (preview): Perform upgrades of AKS node pools using a blue-green deployment strategy to ensure workload availability during updates.

• Configure Availability Zones in Azure Kubernetes Service (AKS): Learn how to configure availability zones in Azure Kubernetes Service (AKS) to increase the availability of your applications.

• Deploy a Java application with Open Liberty/WebSphere Liberty on an Azure Kubernetes Service (AKS) cluster: Deploy a Java application with Open Liberty or WebSphere Liberty on an AKS cluster by using the Azure Marketplace offer, which automatically provisions resources.

• Onboard custom models for inferencing with the AI toolchain operator (KAITO) on Azure Kubernetes Service (AKS): Learn how to onboard custom models for inferencing with the AI toolchain operator (KAITO) on AKS.

• Outbound network and FQDN rules for Azure Kubernetes Service (AKS) clusters: Learn what ports and addresses are required to control egress traffic in Azure Kubernetes Service (AKS)

• Create virtual nodes in Azure Kubernetes Service (AKS) using Azure CLI: Learn how to use Azure CLI to create an Azure Kubernetes Services (AKS) cluster that uses virtual nodes to run pods.

• Use Cluster Health Monitor checker in Azure Kubernetes Service (AKS) (preview): Learn how the Cluster Health Monitor checker in Azure Kubernetes Service (AKS) runs data plane health checks and supports CoreDNS remediation.

• Deploy Cilium mTLS encryption with Advanced Container Networking Services: Get started with Cilium mTLS encryption for Advanced Container Networking Services on your AKS cluster.

• Create and Manage Persistent Volumes with Azure Files in Azure Kubernetes Service (AKS): Learn how to create and manage persistent volumes using Azure Files with the Container Storage Interface (CSI) driver in Azure Kubernetes Service (AKS) to provide scalable and reliable storage for...

• Supported Kubernetes Versions in Azure Kubernetes Service (AKS): Learn the Kubernetes version support policy and lifecycle of clusters in Azure Kubernetes Service (AKS).

• Cilium mutual TLS authentication and encryption with Advanced Container Networking Services (ACNS): An overview of Advanced Container Networking Services' Cilium mTLS encryption capabilities on Azure Kubernetes Service (AKS).

• Update Azure CNI IP Address Management (IPAM) Mode and Data Plane Technology: Learn how to update existing Azure Kubernetes Service (AKS) clusters to use the latest Azure CNI IPAM modes and data plane technologies.

• Use the Vertical Pod Autoscaler in Azure Kubernetes Service (AKS): Learn how to deploy, upgrade, or disable the Vertical Pod Autoscaler on your Azure Kubernetes Service (AKS) cluster.

• Security bulletins for Azure Kubernetes Service (AKS): This article provides security/vulnerability related updates and troubleshooting guides for Azure Kubernetes Services (AKS).

• Customize cluster egress with outbound types in Azure Kubernetes Service (AKS): Learn how to define a custom egress route in Azure Kubernetes Service (AKS).

• Service account creation and workload identity setup for the Agentic CLI for Azure Kubernetes Service (AKS) (Preview): Learn how to create the required service account and optionally configure workload identity for the agentic CLI for AKS to enable authentication.

• Azure Kubernetes Service (AKS) application routing add-on with the Kubernetes Gateway API (preview): Use the application routing add-on to manage ingress traffic on Azure Kubernetes Service (AKS) using the Kubernetes Gateway API.

🧪 Preview Feature Announcements

• Public Preview: Blue-green agent pool upgrade in AKS: In‑place node pool upgrades can introduce risk by applying changes directly to running environments.

• Public Preview: Cross-cluster networking in Azure Kubernetes Fleet Manager: Organizations running applications across multiple Kubernetes clusters often face challenges with performance, global service discovery, and observability due to the complexity of distributed...

• Public Preview: AKS managed GPU metrics in Azure Monitor: Teams running GPU‑backed workloads often lack integrated visibility into GPU utilization alongside Kubernetes metrics.

• Public Preview: AI Agent for container networking troubleshooting: Troubleshooting Kubernetes networking issues is often slowed by logs and metrics scattered across multiple tools, forcing engineers to manually correlate signals during incidents.

• Public Preview: Microsoft Azure Kubernetes Application Network: As Kubernetes environments scale across regions and clusters, IP‑based networking becomes difficult to manage and provides limited application‑level visibility and security controls.

• Public Preview: Application routing with meshless Istio in AKS: Following the deprecation of ingress‑nginx, Kubernetes operators need a supported, standards‑aligned migration path for ingress without the complexity of a full service mesh.

• Azure Monitor Profile OTLP gRPC support (preview): Is now available in public preview, enabling OpenTelemetry Protocol gRPC endpoints for Azure Monitor metrics collection.

• ACNS (preview): Preview feature is now supported on dual-stack clusters.

• Node Auto Provisioning (preview): Has been updated to Karpenter Azure provider v1.7.2.

✅ General Availability Announcements

• Generally Available: Container network logs in AKS: Networking issues in Kubernetes environments can be difficult to diagnose due to limited visibility into traffic flows and insufficient context around failures.

• Generally Available: Container network metrics filtering for AKS: Network observability can generate large volumes of metrics, making it difficult for teams to focus on data that is operationally relevant.

• Generally Available: Azure Container Storage v2.1.0 now with Elastic SAN integration and on demand installation: Containerized workloads often require higher and more consistent storage performance without managing large numbers of individual disks.

• Application Monitoring auto-instrumentation – now generally available

• AI Toolchain Operator (KAITO) add-on – now generally available: For running AI and ML workloads on AKS.

• Private IP support in Static Egress Gateway – now generally available: Enables workloads to use private static IP addresses as the source for all outbound (egress) traffic from AKS clusters. By configuring a dedicated gateway node pool, you get consistent and predictable egress IPs — useful for allowlisting specific private addresses on downstream services or appliances

🔁 Behavioral Changes

• AKS Automatic clusters: Now enforce multiple layers of defense against remote code execution via nodes/proxy permissions: - A ValidatingAdmissionPolicy (VAP) restricts creation or updates of ClusterRole and Role...

• eBPF host routing: Nodes will be labeled with kubernetes.azure.com/ebpf-host-routing=true.

• Service tags for API server authorized IP ranges: Are now supported for AKS clusters with API server VNet integration.

• configuring Standard V2 Azure NAT Gateway: As a user‑assigned NAT gateway for outbound (egress) traffic.

• Flatcar Container Linux for AKS (preview): Will be retired on 8 June 2026, transition to a supported alternative by that date.

📚 Community Blogs

• Announcing Gateway API support for App Routing (preview): The AKS app routing add-on now supports the Kubernetes Gateway API via a meshless Istio control plane — the recommended path to migrate from Ingress-NGINX.

• Scaling multi-node LLM inference with NVIDIA Dynamo and NVIDIA GPUs on AKS (Part 3): This blog post is co-authored with Nikhar Maheshwari, Anish Maddipoti, Rohan Varma, Clement Pakkam Isaac, and Stephen Mccoulough from NVIDIA.

• Dynamic Resource Allocation (DRA) with NVIDIA virtualized GPU (vGPU) on AKS: Recently, dynamic resource allocation (DRA) has emerged as the standard mechanism to consume GPU resources in Kubernetes. With DRA, accelerators like GPUs are no longer exposed as static extended...

• Running more with less: Multi-instance GPU (MIG) with Dynamic Resource Allocation (DRA) on AKS: GPUs power a wide range of production Kubernetes workloads across industries. For example, media platforms rely on them for video encoding/transcoding, financial services firms run quantitative...

• Announcing Public Preview of Argo CD extension on AKS and Azure Arc enabled Kubernetes clusters: Announcing Public Preview of Argo CD extension on AKS and Azure Arc enabled Kubernetes clusters We are excited to announce public preview of the Argo...

• Announcing public preview: Cilium mTLS encryption for Azure Kubernetes Service: We are thrilled to announce the public preview of Cilium mTLS encryption in Azure Kubernetes Service (AKS), delivered as part...

• Migrating to the next generation of Virtual Nodes on Azure Container Instances (ACI): ...nfrastructure. Virtual Nodes on ACI allows you to run Kubernetes pods managed by an AKS cluster in a serverless way on ACI instead of traditional...

• After Ingress NGINX: Migrating to Application Gateway for Containers: If you're running Ingress NGINX on AKS, you've probably seen the announcements by now. The community Ingress Nginx project is being retired, upstream...

• Microsoft Azure at KubeCon Europe 2026 | Amsterdam, NL - March 23-26: ...ctivities, and ways to connect with the engineers behind AKS and our open-source projects. Here's what's on the schedule: Azure Day with...

• Defending Container Runtime from Malware with Microsoft Defender for Containers: ...bsp;near-real-time malware detection directly into container environments. The antimalware feature is available via Helm with sensor version 0.10.2 for <SPAN...

🔗 Releases and Roadmap

• AKS GitHub Releases: Track the latest AKS release notes, including Kubernetes version updates, component upgrades, CVE remediations, new features, behavioral changes, and bug fixes.
• AKS Public Roadmap: View upcoming features, planned improvements, and the delivery timeline for Azure Kubernetes Service on the official public roadmap.

Release Highlights

• Release Notes - 2026-03-05: This release includes Kubernetes patch versions 1.32.11, 1.34.3, 37 component updates, 52 CVE remediations.

🎥 Watch & Learn

• AI Reduces Time-To-Resolution (TTR) for your Kubernetes Cluster Issues: Reduce the troubleshooting time from 2. 5 hours to literally minutes with AI assisted troubleshooting on AKS using AKS MCP Server.

• Context is crucial with AI Debugging - AI Debugging Best Practices: Qasim Sarfaraz talks about why providing the right context is crucial when debugging with AI assistants. He also discusses the need for independent analysis and confirming the AI findings rather...

• AKS MCP Server with Julia Yin: AKS Troubleshooting Series: Azure Kubernetes Service: In todays episode, we talk to Julia Yin to do a deepdive on the AKS MCP Server. In the previous episodes, you have seen the AKS MCP Server and agentic CLI being used for troubleshooting different...

🧠 Closing Thoughts

March 2026 showed continued investment across key areas of the AKS platform:

• Networking capabilities
• Observability and monitoring
• AI and GPU workloads
• Scaling and node management
• Storage
• Multi-cluster and fleet management

These updates reflect the platform's ongoing focus on production readiness, operational simplicity, and support for modern cloud-native workloads.

Stay tuned for next month's edition, and feel free to share feedback or suggestions for future coverage.