What’s new in Azure Linux: Containers, Azure Portal, Security and more

Posted by

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Community Hub.

Azure Linux is Microsoft's proven Linux distribution that has been used for years by internal Microsoft services such as Minecraft, Xbox, HDInsight, Defender, Azure Kubernetes Service and Azure Nexus. At Build in May 2023, Microsoft made this distribution available to external customers via a container host on Azure Kubernetes Service (AKS). In the six months since we announced General Availability of Azure Linux as a container host for AKS, we have seen an incredible reception from our customers and partners. The team has been hard at work, in partnership with the AKS team, to bring many updates to our customers. This blog captures the Azure Linux updates the team has been working on, customer and partner testimonials, upcoming roadmap and how to keep in touch with team! Note, for Azure Kubernetes Service updates, please visit the public AKS Roadmap.


Supporting your deployment choice

Azure Linux added support for Terraform shortly after the Build announcement and have since added support in Azure Portal to deploy clusters.


CIS Benchmarks and FIPS image availability

Building our own distribution allows us to deliver on differentiated security benefits through certifications like CIS and FIPS.

Customers running in many industries require the container host to publish and meet a certain number of CIS benchmarks. Azure Linux worked with the Center for Internet Security to publish our benchmarks, passing all applicable benchmarks.


Furthermore, the team is also making a FIPS image available for consumption in the new year. This FIPS image ships with a FIPS compliant OpenSSL and kernel, and is serviced regularly like any other Azure Linux image for security patches.


Microsoft OpenJDK container images

The same benefits of Azure Linux in the container host is available for customers consuming Microsoft offered Open JDK containers. This includes support for distroless Java containers which are ~100MB smaller than other containers and include the bare minimum required to run your Java apps.


Confidential Containers on AKS

This morning at Ignite 2023, Microsoft announced [Confidential Containers on AKS](https://aka.ms/coco-aks-preview). To read more about how Azure Linux powers this under the hood, you can read our [Technical Deep Dive](https://aka.ms/coco-azurelinux-tech).


What’s coming down the line?

While this blog touches on some of the updates, the following are some of the things coming down the line for the team:


  • Support for broader GPU SKUs: Today, Azure Linux supports NVIDIA V100, and T4 GPUs and the team is working on adding support for NVIDIA A100 and H100 GPUs.
  • Cgroupsv2 enablement: Cgroupsv2 will be enabled by default on Azure Linux starting AKS version 1.29.
  • OSsku in-place migration: Allows a user to seamlessly migrate between Linux OSskus without having to create new clusters.

How to keep in touch with the team

For updates, feedback, feature requests related to Azure Linux, there are a few ways to stay connected to the team:

  • Ask questions & submit feedback via Azure Linux GitHub Issues
  • We will be starting a public community call in the new year for Azure Linux users to come together to ask questions, share learnings, and get updates. We’ll post the link to this call in our documentation and in an upcoming blog post.

Growing our partner ecosystem

Since announcing our launch partners at Build, the team has been working with many partners based on customer demand to offer support on Azure Linux.

Read more from our partner Isovalent on how Cilium, Azure Linux & Azure Kubernetes Service come together to bring value to customers -  https://isovalent.com/blog/post/isovalent-azure-linux-aks/

See below for a listing of our growing partner ecosystem. For ISVs and vendors who are interested in partnering with us, you can reach out to us at azurelinuxisv@microsoft.com.























Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.