diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
index dcacce4f22..071c07a8eb 100644
--- a/.github/dependabot.yaml
+++ b/.github/dependabot.yaml
@@ -197,50 +197,3 @@ updates:
       versions: [">=0.30.0"]
     - dependency-name: "k8s.io/kubectl"
       versions: [">=0.30.0"]
-
-
-# Constrain Kubernetes dependencies to compatibility with release/v1.4 branch - v1.25-v1.27
-- package-ecosystem: "gomod"
-  directory: "/"
-  schedule:
-    interval: "daily"
-  commit-message:
-    prefix: "deps"
-  labels: [ "dependencies", "release/1.4" ]
-  open-pull-requests-limit: 10
-  target-branch: "release/v1.4"
-  ignore:
-    - dependency-name: "k8s.io/api"
-      versions: [">=0.27.0"]
-    - dependency-name: "k8s.io/apiextensions-apiserver"
-      versions: [">=0.27.0"]
-    - dependency-name: "k8s.io/apimachinery"
-      versions: [">=0.27.0"]
-    - dependency-name: "k8s.io/client-go"
-      versions: [">=0.27.0"]
-    - dependency-name: "k8s.io/kubelet"
-      versions: [">=0.27.0"]
-    - dependency-name: "k8s.io/kubectl"
-      versions: [">=0.27.0"]
-- package-ecosystem: "gomod"
-  directory: "/azure-ipam"
-  schedule:
-    interval: "daily"
-  commit-message:
-    prefix: "deps"
-  labels: [ "dependencies", "azure-ipam", "release/1.4" ]
-  open-pull-requests-limit: 10
-  target-branch: "release/v1.4"
-  ignore:
-    - dependency-name: "k8s.io/api"
-      versions: [">=0.27.0"]
-    - dependency-name: "k8s.io/apiextensions-apiserver"
-      versions: [">=0.27.0"]
-    - dependency-name: "k8s.io/apimachinery"
-      versions: [">=0.27.0"]
-    - dependency-name: "k8s.io/client-go"
-      versions: [">=0.27.0"]
-    - dependency-name: "k8s.io/kubelet"
-      versions: [">=0.27.0"]
-    - dependency-name: "k8s.io/kubectl"
-      versions: [">=0.27.0"]
diff --git a/.pipelines/mdnc/azure-cns-cni-1.4.39.1.yaml b/.pipelines/mdnc/azure-cns-cni-1.4.39.1.yaml
deleted file mode 100644
index 749c68a5a6..0000000000
--- a/.pipelines/mdnc/azure-cns-cni-1.4.39.1.yaml
+++ /dev/null
@@ -1,207 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: azure-cns
-  namespace: kube-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  namespace: kube-system
-  name: nodeNetConfigEditor
-rules:
-- apiGroups: ["acn.azure.com"]
-  resources: ["nodenetworkconfigs"]
-  verbs: ["get", "list", "watch", "patch", "update"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: pod-reader-all-namespaces
-rules:
-- apiGroups: [""]
-  resources: ["pods"]
-  verbs: ["get", "watch", "list"]
-- apiGroups: [""]
-  resources: ["nodes"]
-  verbs: ["get"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: nodeNetConfigEditorRoleBinding
-  namespace: kube-system
-subjects:
-- kind: ServiceAccount
-  name: azure-cns
-  namespace: kube-system
-roleRef:
-  kind: Role
-  name: nodeNetConfigEditor
-  apiGroup: rbac.authorization.k8s.io
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: pod-reader-all-namespaces-binding
-subjects:
-- kind: ServiceAccount
-  name: azure-cns
-  namespace: kube-system
-roleRef:
-  kind: ClusterRole
-  name: pod-reader-all-namespaces
-  apiGroup: rbac.authorization.k8s.io
----
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  name: azure-cns
-  namespace: kube-system
-  labels:
-    app: azure-cns
-spec:
-  selector:
-    matchLabels:
-      k8s-app: azure-cns
-  template:
-    metadata:
-      labels:
-        k8s-app: azure-cns
-      annotations:
-        cluster-autoscaler.kubernetes.io/daemonset-pod: "true"
-    spec:
-      affinity:
-        nodeAffinity:
-          requiredDuringSchedulingIgnoredDuringExecution:
-            nodeSelectorTerms:
-            - matchExpressions:
-              - key: kubernetes.azure.com/cluster
-                operator: Exists
-              - key: type
-                operator: NotIn
-                values:
-                - virtual-kubelet
-              - key: kubernetes.io/os
-                operator: In
-                values:
-                - linux
-      priorityClassName: system-node-critical
-      tolerations:
-        - key: CriticalAddonsOnly
-          operator: Exists
-        - operator: "Exists"
-          effect: NoExecute
-        - operator: "Exists"
-          effect: NoSchedule
-      initContainers:
-        - name: init-cni-dropgz
-          image: mcr.microsoft.com/containernetworking/cni-dropgz:v0.0.4.1 # CNI 1.4.39.1
-          imagePullPolicy: IfNotPresent
-          command: ["/dropgz"]
-          args: ["deploy" , "azure-vnet", "-o", "/opt/cni/bin/azure-vnet", "azure-vnet-telemetry", "-o", "/opt/cni/bin/azure-vnet-telemetry", "azure-swift.conflist", "-o", "/etc/cni/net.d/10-azure.conflist"]
-          volumeMounts:
-            - name: cni-bin
-              mountPath: /opt/cni/bin
-            - name: cni-conflist
-              mountPath: /etc/cni/net.d
-      containers:
-        - name: cns-container
-          image: mcr.microsoft.com/containernetworking/azure-cns:v1.4.32
-          imagePullPolicy: IfNotPresent
-          args: [ "-c", "tcp://$(CNSIpAddress):$(CNSPort)", "-t", "$(CNSLogTarget)"]
-          volumeMounts:
-            - name: log
-              mountPath: /var/log
-            - name: cns-state
-              mountPath: /var/lib/azure-network
-            - name: azure-endpoints
-              mountPath: /var/run/azure-cns/
-            - name: cns-config
-              mountPath: /etc/azure-cns
-            - name: cni-bin
-              mountPath: /opt/cni/bin
-            - name: azure-vnet
-              mountPath: /var/run/azure-vnet
-            - name: legacy-cni-state
-              mountPath: /var/run/azure-vnet.json
-          ports:
-            - containerPort: 10090
-          env:
-            - name: CNSIpAddress
-              value: "127.0.0.1"
-            - name: CNSPort
-              value: "10090"
-            - name: CNSLogTarget
-              value: "stdoutfile"
-            - name: CNS_CONFIGURATION_PATH
-              value: /etc/azure-cns/cns_config.json
-            - name: NODENAME
-              valueFrom:
-                  fieldRef:
-                    apiVersion: v1
-                    fieldPath: spec.nodeName 
-      hostNetwork: true
-      volumes:
-        - name: azure-endpoints
-          hostPath:
-            path: /var/run/azure-cns/
-            type: DirectoryOrCreate
-        - name: log
-          hostPath:
-            path: /var/log
-            type: Directory
-        - name: cns-state
-          hostPath:
-            path: /var/lib/azure-network
-            type: DirectoryOrCreate
-        - name: cni-bin
-          hostPath:
-            path: /opt/cni/bin
-            type: Directory
-        - name: azure-vnet
-          hostPath:
-            path: /var/run/azure-vnet
-            type: DirectoryOrCreate
-        - name: legacy-cni-state
-          hostPath:
-            path: /var/run/azure-vnet.json
-            type: FileOrCreate
-        - name: cni-conflist
-          hostPath:
-            path: /etc/cni/net.d
-            type: Directory
-        - name: cns-config
-          configMap:
-            name: cns-config
-      serviceAccountName: azure-cns
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: cns-config
-  namespace: kube-system
-data:
-  cns_config.json: |
-    {
-      "TelemetrySettings": {
-          "TelemetryBatchSizeBytes": 16384,
-          "TelemetryBatchIntervalInSecs": 15,
-          "RefreshIntervalInSecs": 15,
-          "DisableAll": false,
-          "HeartBeatIntervalInMins": 30,
-          "DebugMode": false,
-          "SnapshotIntervalInMins": 60
-      },
-      "ManagedSettings": {
-          "PrivateEndpoint": "",
-          "InfrastructureNetworkID": "",
-          "NodeID": "",
-          "NodeSyncIntervalInSeconds": 30
-      },
-      "ChannelMode": "CRD",
-      "InitializeFromCNI": true,
-      "ManageEndpointState": false,
-      "ProgramSNATIPTables" : false
-    }
-# Toggle ManageEndpointState and ProgramSNATIPTables to true for delegated IPAM use case.
diff --git a/.pipelines/mdnc/azure-cns-cni-1.5.28.yaml b/.pipelines/mdnc/azure-cns-cni-1.5.28.yaml
deleted file mode 100644
index e6678c47de..0000000000
--- a/.pipelines/mdnc/azure-cns-cni-1.5.28.yaml
+++ /dev/null
@@ -1,207 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: azure-cns
-  namespace: kube-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  namespace: kube-system
-  name: nodeNetConfigEditor
-rules:
-- apiGroups: ["acn.azure.com"]
-  resources: ["nodenetworkconfigs"]
-  verbs: ["get", "list", "watch", "patch", "update"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: pod-reader-all-namespaces
-rules:
-- apiGroups: [""]
-  resources: ["pods"]
-  verbs: ["get", "watch", "list"]
-- apiGroups: [""]
-  resources: ["nodes"]
-  verbs: ["get"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: nodeNetConfigEditorRoleBinding
-  namespace: kube-system
-subjects:
-- kind: ServiceAccount
-  name: azure-cns
-  namespace: kube-system
-roleRef:
-  kind: Role
-  name: nodeNetConfigEditor
-  apiGroup: rbac.authorization.k8s.io
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: pod-reader-all-namespaces-binding
-subjects:
-- kind: ServiceAccount
-  name: azure-cns
-  namespace: kube-system
-roleRef:
-  kind: ClusterRole
-  name: pod-reader-all-namespaces
-  apiGroup: rbac.authorization.k8s.io
----
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  name: azure-cns
-  namespace: kube-system
-  labels:
-    app: azure-cns
-spec:
-  selector:
-    matchLabels:
-      k8s-app: azure-cns
-  template:
-    metadata:
-      labels:
-        k8s-app: azure-cns
-      annotations:
-        cluster-autoscaler.kubernetes.io/daemonset-pod: "true"
-    spec:
-      affinity:
-        nodeAffinity:
-          requiredDuringSchedulingIgnoredDuringExecution:
-            nodeSelectorTerms:
-            - matchExpressions:
-              - key: kubernetes.azure.com/cluster
-                operator: Exists
-              - key: type
-                operator: NotIn
-                values:
-                - virtual-kubelet
-              - key: kubernetes.io/os
-                operator: In
-                values:
-                - linux
-      priorityClassName: system-node-critical
-      tolerations:
-        - key: CriticalAddonsOnly
-          operator: Exists
-        - operator: "Exists"
-          effect: NoExecute
-        - operator: "Exists"
-          effect: NoSchedule
-      initContainers:
-        - name: init-cni-dropgz
-          image: "mcr.microsoft.com/containernetworking/azure-cni:v1.5.28"
-          imagePullPolicy: IfNotPresent
-          command: ["/dropgz"]
-          args: ["deploy" , "azure-vnet", "-o", "/opt/cni/bin/azure-vnet", "azure-vnet-telemetry", "-o", "/opt/cni/bin/azure-vnet-telemetry", "azure-swift.conflist", "-o", "/etc/cni/net.d/10-azure.conflist"]
-          volumeMounts:
-            - name: cni-bin
-              mountPath: /opt/cni/bin
-            - name: cni-conflist
-              mountPath: /etc/cni/net.d
-      containers:
-        - name: cns-container
-          image: mcr.microsoft.com/containernetworking/azure-cns:v1.5.28
-          imagePullPolicy: IfNotPresent
-          args: [ "-c", "tcp://$(CNSIpAddress):$(CNSPort)", "-t", "$(CNSLogTarget)"]
-          volumeMounts:
-            - name: log
-              mountPath: /var/log
-            - name: cns-state
-              mountPath: /var/lib/azure-network
-            - name: azure-endpoints
-              mountPath: /var/run/azure-cns/
-            - name: cns-config
-              mountPath: /etc/azure-cns
-            - name: cni-bin
-              mountPath: /opt/cni/bin
-            - name: azure-vnet
-              mountPath: /var/run/azure-vnet
-            - name: legacy-cni-state
-              mountPath: /var/run/azure-vnet.json
-          ports:
-            - containerPort: 10090
-          env:
-            - name: CNSIpAddress
-              value: "127.0.0.1"
-            - name: CNSPort
-              value: "10090"
-            - name: CNSLogTarget
-              value: "stdoutfile"
-            - name: CNS_CONFIGURATION_PATH
-              value: /etc/azure-cns/cns_config.json
-            - name: NODENAME
-              valueFrom:
-                  fieldRef:
-                    apiVersion: v1
-                    fieldPath: spec.nodeName 
-      hostNetwork: true
-      volumes:
-        - name: azure-endpoints
-          hostPath:
-            path: /var/run/azure-cns/
-            type: DirectoryOrCreate
-        - name: log
-          hostPath:
-            path: /var/log
-            type: Directory
-        - name: cns-state
-          hostPath:
-            path: /var/lib/azure-network
-            type: DirectoryOrCreate
-        - name: cni-bin
-          hostPath:
-            path: /opt/cni/bin
-            type: Directory
-        - name: azure-vnet
-          hostPath:
-            path: /var/run/azure-vnet
-            type: DirectoryOrCreate
-        - name: legacy-cni-state
-          hostPath:
-            path: /var/run/azure-vnet.json
-            type: FileOrCreate
-        - name: cni-conflist
-          hostPath:
-            path: /etc/cni/net.d
-            type: Directory
-        - name: cns-config
-          configMap:
-            name: cns-config
-      serviceAccountName: azure-cns
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: cns-config
-  namespace: kube-system
-data:
-  cns_config.json: |
-    {
-      "TelemetrySettings": {
-          "TelemetryBatchSizeBytes": 16384,
-          "TelemetryBatchIntervalInSecs": 15,
-          "RefreshIntervalInSecs": 15,
-          "DisableAll": false,
-          "HeartBeatIntervalInMins": 30,
-          "DebugMode": false,
-          "SnapshotIntervalInMins": 60
-      },
-      "ManagedSettings": {
-          "PrivateEndpoint": "",
-          "InfrastructureNetworkID": "",
-          "NodeID": "",
-          "NodeSyncIntervalInSeconds": 30
-      },
-      "ChannelMode": "CRD",
-      "InitializeFromCNI": true,
-      "ManageEndpointState": false,
-      "ProgramSNATIPTables" : false
-    }
-# Toggle ManageEndpointState and ProgramSNATIPTables to true for delegated IPAM use case.
diff --git a/.pipelines/mdnc/azure-cns-cni-1.5.4.yaml b/.pipelines/mdnc/azure-cns-cni-1.5.4.yaml
deleted file mode 100644
index 6a7729974a..0000000000
--- a/.pipelines/mdnc/azure-cns-cni-1.5.4.yaml
+++ /dev/null
@@ -1,207 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: azure-cns
-  namespace: kube-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  namespace: kube-system
-  name: nodeNetConfigEditor
-rules:
-- apiGroups: ["acn.azure.com"]
-  resources: ["nodenetworkconfigs"]
-  verbs: ["get", "list", "watch", "patch", "update"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: pod-reader-all-namespaces
-rules:
-- apiGroups: [""]
-  resources: ["pods"]
-  verbs: ["get", "watch", "list"]
-- apiGroups: [""]
-  resources: ["nodes"]
-  verbs: ["get"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: nodeNetConfigEditorRoleBinding
-  namespace: kube-system
-subjects:
-- kind: ServiceAccount
-  name: azure-cns
-  namespace: kube-system
-roleRef:
-  kind: Role
-  name: nodeNetConfigEditor
-  apiGroup: rbac.authorization.k8s.io
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: pod-reader-all-namespaces-binding
-subjects:
-- kind: ServiceAccount
-  name: azure-cns
-  namespace: kube-system
-roleRef:
-  kind: ClusterRole
-  name: pod-reader-all-namespaces
-  apiGroup: rbac.authorization.k8s.io
----
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  name: azure-cns
-  namespace: kube-system
-  labels:
-    app: azure-cns
-spec:
-  selector:
-    matchLabels:
-      k8s-app: azure-cns
-  template:
-    metadata:
-      labels:
-        k8s-app: azure-cns
-      annotations:
-        cluster-autoscaler.kubernetes.io/daemonset-pod: "true"
-    spec:
-      affinity:
-        nodeAffinity:
-          requiredDuringSchedulingIgnoredDuringExecution:
-            nodeSelectorTerms:
-            - matchExpressions:
-              - key: kubernetes.azure.com/cluster
-                operator: Exists
-              - key: type
-                operator: NotIn
-                values:
-                - virtual-kubelet
-              - key: kubernetes.io/os
-                operator: In
-                values:
-                - linux
-      priorityClassName: system-node-critical
-      tolerations:
-        - key: CriticalAddonsOnly
-          operator: Exists
-        - operator: "Exists"
-          effect: NoExecute
-        - operator: "Exists"
-          effect: NoSchedule
-      initContainers:
-        - name: init-cni-dropgz
-          image: "mcr.microsoft.com/containernetworking/cni-dropgz:v0.0.9" # CNI 1.5.4
-          imagePullPolicy: IfNotPresent
-          command: ["/dropgz"]
-          args: ["deploy" , "azure-vnet", "-o", "/opt/cni/bin/azure-vnet", "azure-vnet-telemetry", "-o", "/opt/cni/bin/azure-vnet-telemetry", "azure-swift.conflist", "-o", "/etc/cni/net.d/10-azure.conflist"]
-          volumeMounts:
-            - name: cni-bin
-              mountPath: /opt/cni/bin
-            - name: cni-conflist
-              mountPath: /etc/cni/net.d
-      containers:
-        - name: cns-container
-          image: mcr.microsoft.com/containernetworking/azure-cns:v1.5.4
-          imagePullPolicy: IfNotPresent
-          args: [ "-c", "tcp://$(CNSIpAddress):$(CNSPort)", "-t", "$(CNSLogTarget)"]
-          volumeMounts:
-            - name: log
-              mountPath: /var/log
-            - name: cns-state
-              mountPath: /var/lib/azure-network
-            - name: azure-endpoints
-              mountPath: /var/run/azure-cns/
-            - name: cns-config
-              mountPath: /etc/azure-cns
-            - name: cni-bin
-              mountPath: /opt/cni/bin
-            - name: azure-vnet
-              mountPath: /var/run/azure-vnet
-            - name: legacy-cni-state
-              mountPath: /var/run/azure-vnet.json
-          ports:
-            - containerPort: 10090
-          env:
-            - name: CNSIpAddress
-              value: "127.0.0.1"
-            - name: CNSPort
-              value: "10090"
-            - name: CNSLogTarget
-              value: "stdoutfile"
-            - name: CNS_CONFIGURATION_PATH
-              value: /etc/azure-cns/cns_config.json
-            - name: NODENAME
-              valueFrom:
-                  fieldRef:
-                    apiVersion: v1
-                    fieldPath: spec.nodeName 
-      hostNetwork: true
-      volumes:
-        - name: azure-endpoints
-          hostPath:
-            path: /var/run/azure-cns/
-            type: DirectoryOrCreate
-        - name: log
-          hostPath:
-            path: /var/log
-            type: Directory
-        - name: cns-state
-          hostPath:
-            path: /var/lib/azure-network
-            type: DirectoryOrCreate
-        - name: cni-bin
-          hostPath:
-            path: /opt/cni/bin
-            type: Directory
-        - name: azure-vnet
-          hostPath:
-            path: /var/run/azure-vnet
-            type: DirectoryOrCreate
-        - name: legacy-cni-state
-          hostPath:
-            path: /var/run/azure-vnet.json
-            type: FileOrCreate
-        - name: cni-conflist
-          hostPath:
-            path: /etc/cni/net.d
-            type: Directory
-        - name: cns-config
-          configMap:
-            name: cns-config
-      serviceAccountName: azure-cns
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: cns-config
-  namespace: kube-system
-data:
-  cns_config.json: |
-    {
-      "TelemetrySettings": {
-          "TelemetryBatchSizeBytes": 16384,
-          "TelemetryBatchIntervalInSecs": 15,
-          "RefreshIntervalInSecs": 15,
-          "DisableAll": false,
-          "HeartBeatIntervalInMins": 30,
-          "DebugMode": false,
-          "SnapshotIntervalInMins": 60
-      },
-      "ManagedSettings": {
-          "PrivateEndpoint": "",
-          "InfrastructureNetworkID": "",
-          "NodeID": "",
-          "NodeSyncIntervalInSeconds": 30
-      },
-      "ChannelMode": "CRD",
-      "InitializeFromCNI": true,
-      "ManageEndpointState": false,
-      "ProgramSNATIPTables" : false
-    }
-# Toggle ManageEndpointState and ProgramSNATIPTables to true for delegated IPAM use case.
diff --git a/.pipelines/mdnc/azure-cns-cni.yaml b/.pipelines/mdnc/azure-cns-cni.yaml
deleted file mode 100644
index f3ecdac9c0..0000000000
--- a/.pipelines/mdnc/azure-cns-cni.yaml
+++ /dev/null
@@ -1,207 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: azure-cns
-  namespace: kube-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  namespace: kube-system
-  name: nodeNetConfigEditor
-rules:
-- apiGroups: ["acn.azure.com"]
-  resources: ["nodenetworkconfigs"]
-  verbs: ["get", "list", "watch", "patch", "update"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: pod-reader-all-namespaces
-rules:
-- apiGroups: [""]
-  resources: ["pods"]
-  verbs: ["get", "watch", "list"]
-- apiGroups: [""]
-  resources: ["nodes"]
-  verbs: ["get"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: nodeNetConfigEditorRoleBinding
-  namespace: kube-system
-subjects:
-- kind: ServiceAccount
-  name: azure-cns
-  namespace: kube-system
-roleRef:
-  kind: Role
-  name: nodeNetConfigEditor
-  apiGroup: rbac.authorization.k8s.io
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: pod-reader-all-namespaces-binding
-subjects:
-- kind: ServiceAccount
-  name: azure-cns
-  namespace: kube-system
-roleRef:
-  kind: ClusterRole
-  name: pod-reader-all-namespaces
-  apiGroup: rbac.authorization.k8s.io
----
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  name: azure-cns
-  namespace: kube-system
-  labels:
-    app: azure-cns
-spec:
-  selector:
-    matchLabels:
-      k8s-app: azure-cns
-  template:
-    metadata:
-      labels:
-        k8s-app: azure-cns
-      annotations:
-        cluster-autoscaler.kubernetes.io/daemonset-pod: "true"
-    spec:
-      affinity:
-        nodeAffinity:
-          requiredDuringSchedulingIgnoredDuringExecution:
-            nodeSelectorTerms:
-            - matchExpressions:
-              - key: kubernetes.azure.com/cluster
-                operator: Exists
-              - key: type
-                operator: NotIn
-                values:
-                - virtual-kubelet
-              - key: kubernetes.io/os
-                operator: In
-                values:
-                - linux
-      priorityClassName: system-node-critical
-      tolerations:
-        - key: CriticalAddonsOnly
-          operator: Exists
-        - operator: "Exists"
-          effect: NoExecute
-        - operator: "Exists"
-          effect: NoSchedule
-      initContainers:
-        - name: init-cni-dropgz
-          image: "acnpublic.azurecr.io/containernetworking/mdnc-cni-dropgz:cni_v1_4_35"
-          imagePullPolicy: IfNotPresent
-          command: ["/dropgz"]
-          args: ["deploy" , "azure-vnet", "-o", "/opt/cni/bin/azure-vnet", "azure-vnet-telemetry", "-o", "/opt/cni/bin/azure-vnet-telemetry", "azure-swift.conflist", "-o", "/etc/cni/net.d/10-azure.conflist"]
-          volumeMounts:
-            - name: cni-bin
-              mountPath: /opt/cni/bin
-            - name: cni-conflist
-              mountPath: /etc/cni/net.d
-      containers:
-        - name: cns-container
-          image: mcr.microsoft.com/containernetworking/azure-cns:v1.4.32
-          imagePullPolicy: IfNotPresent
-          args: [ "-c", "tcp://$(CNSIpAddress):$(CNSPort)", "-t", "$(CNSLogTarget)"]
-          volumeMounts:
-            - name: log
-              mountPath: /var/log
-            - name: cns-state
-              mountPath: /var/lib/azure-network
-            - name: azure-endpoints
-              mountPath: /var/run/azure-cns/
-            - name: cns-config
-              mountPath: /etc/azure-cns
-            - name: cni-bin
-              mountPath: /opt/cni/bin
-            - name: azure-vnet
-              mountPath: /var/run/azure-vnet
-            - name: legacy-cni-state
-              mountPath: /var/run/azure-vnet.json
-          ports:
-            - containerPort: 10090
-          env:
-            - name: CNSIpAddress
-              value: "127.0.0.1"
-            - name: CNSPort
-              value: "10090"
-            - name: CNSLogTarget
-              value: "stdoutfile"
-            - name: CNS_CONFIGURATION_PATH
-              value: /etc/azure-cns/cns_config.json
-            - name: NODENAME
-              valueFrom:
-                  fieldRef:
-                    apiVersion: v1
-                    fieldPath: spec.nodeName 
-      hostNetwork: true
-      volumes:
-        - name: azure-endpoints
-          hostPath:
-            path: /var/run/azure-cns/
-            type: DirectoryOrCreate
-        - name: log
-          hostPath:
-            path: /var/log
-            type: Directory
-        - name: cns-state
-          hostPath:
-            path: /var/lib/azure-network
-            type: DirectoryOrCreate
-        - name: cni-bin
-          hostPath:
-            path: /opt/cni/bin
-            type: Directory
-        - name: azure-vnet
-          hostPath:
-            path: /var/run/azure-vnet
-            type: DirectoryOrCreate
-        - name: legacy-cni-state
-          hostPath:
-            path: /var/run/azure-vnet.json
-            type: FileOrCreate
-        - name: cni-conflist
-          hostPath:
-            path: /etc/cni/net.d
-            type: Directory
-        - name: cns-config
-          configMap:
-            name: cns-config
-      serviceAccountName: azure-cns
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: cns-config
-  namespace: kube-system
-data:
-  cns_config.json: |
-    {
-      "TelemetrySettings": {
-          "TelemetryBatchSizeBytes": 16384,
-          "TelemetryBatchIntervalInSecs": 15,
-          "RefreshIntervalInSecs": 15,
-          "DisableAll": false,
-          "HeartBeatIntervalInMins": 30,
-          "DebugMode": false,
-          "SnapshotIntervalInMins": 60
-      },
-      "ManagedSettings": {
-          "PrivateEndpoint": "",
-          "InfrastructureNetworkID": "",
-          "NodeID": "",
-          "NodeSyncIntervalInSeconds": 30
-      },
-      "ChannelMode": "CRD",
-      "InitializeFromCNI": true,
-      "ManageEndpointState": false,
-      "ProgramSNATIPTables" : false
-    }
-# Toggle ManageEndpointState and ProgramSNATIPTables to true for delegated IPAM use case.
diff --git a/cns/azure-cns-windows.yaml b/cns/azure-cns-windows.yaml
index 24d24c5932..94e12c7437 100644
--- a/cns/azure-cns-windows.yaml
+++ b/cns/azure-cns-windows.yaml
@@ -30,13 +30,13 @@ spec:
           hostProcess: true
           runAsUserName: "NT AUTHORITY\\SYSTEM"
       containers:
-        - name: cns-container
+        - name: cns-container # <does this need to be updated?>
           image: acnpublic.azurecr.io/azure-cns:v1.4.26-9-gc40fb852
           imagePullPolicy: IfNotPresent
           securityContext:
             privileged: true
           command: "azure-cns.exe"
-          args: 
+          args:
             [
               '-c', "tcp://$(CNSIpAddress):$(CNSPort)",
               '-t', "$(CNSLogTarget)",
@@ -71,7 +71,7 @@ spec:
               valueFrom:
                 fieldRef:
                   apiVersion: v1
-                  fieldPath: spec.nodeName 
+                  fieldPath: spec.nodeName
       hostNetwork: true
       volumes:
         - name: log
diff --git a/cns/azure-cns.yaml b/cns/azure-cns.yaml
index afb5b128a6..f3e8491d57 100644
--- a/cns/azure-cns.yaml
+++ b/cns/azure-cns.yaml
@@ -96,7 +96,7 @@ spec:
           effect: NoSchedule
       containers:
         - name: cns-container
-          image: mcr.microsoft.com/containernetworking/azure-cns:v1.4.7
+          image: mcr.microsoft.com/containernetworking/azure-cns:v1.4.7 # <does this need to be updated?>
           imagePullPolicy: IfNotPresent
           args: [ "-c", "tcp://$(CNSIpAddress):$(CNSPort)", "-t", "$(CNSLogTarget)"]
           volumeMounts:
@@ -129,7 +129,7 @@ spec:
               valueFrom:
                   fieldRef:
                     apiVersion: v1
-                    fieldPath: spec.nodeName 
+                    fieldPath: spec.nodeName
       hostNetwork: true
       volumes:
         - name: azure-endpoints
diff --git a/npm/azure-npm.yaml b/npm/azure-npm.yaml
index a19a1b974e..29e6ef2a18 100644
--- a/npm/azure-npm.yaml
+++ b/npm/azure-npm.yaml
@@ -79,7 +79,7 @@ spec:
           operator: Exists
       containers:
         - name: azure-npm
-          image: mcr.microsoft.com/containernetworking/azure-npm:v1.4.45.3
+          image: mcr.microsoft.com/containernetworking/azure-npm:v1.4.45.3 # <does this need to be updated?>
           resources:
             limits:
               cpu: 250m
diff --git a/npm/deploy/kustomize/overlays/controller/deployment.yaml b/npm/deploy/kustomize/overlays/controller/deployment.yaml
index d09ac36cc8..4feb25c213 100644
--- a/npm/deploy/kustomize/overlays/controller/deployment.yaml
+++ b/npm/deploy/kustomize/overlays/controller/deployment.yaml
@@ -36,7 +36,7 @@ spec:
             containerPort: 10091
           - name: http
             containerPort: 10092
-          image:  mcr.microsoft.com/containernetworking/azure-npm:v1.4.1
+          image:  mcr.microsoft.com/containernetworking/azure-npm:v1.4.1 # <does this need to be updated?>
           command: ["azure-npm"]
           args: ["controlplane"]
           resources:
diff --git a/npm/deploy/kustomize/overlays/daemon/deployment.yaml b/npm/deploy/kustomize/overlays/daemon/deployment.yaml
index 33387f7c8c..ba6f87acff 100644
--- a/npm/deploy/kustomize/overlays/daemon/deployment.yaml
+++ b/npm/deploy/kustomize/overlays/daemon/deployment.yaml
@@ -34,7 +34,7 @@ spec:
           ports:
           - name: metrics
             containerPort: 10091
-          image:  mcr.microsoft.com/containernetworking/azure-npm:v1.4.1
+          image:  mcr.microsoft.com/containernetworking/azure-npm:v1.4.1 # <does this need to be updated?>
           command: ["azure-npm"]
           args: ["daemon"]
           resources:
diff --git a/npm/deploy/manifests/controller/azure-npm.yaml b/npm/deploy/manifests/controller/azure-npm.yaml
index bd6df97018..181146f65b 100644
--- a/npm/deploy/manifests/controller/azure-npm.yaml
+++ b/npm/deploy/manifests/controller/azure-npm.yaml
@@ -84,7 +84,7 @@ metadata:
   namespace: kube-system
 spec:
   ports:
-  - name: http 
+  - name: http
     port: 9001
     targetPort: 10092
   selector:
@@ -133,12 +133,12 @@ spec:
     spec:
       containers:
       - args:
-        - controlplane 
+        - controlplane
         ports:
         - name: metrics
-          containerPort: 10091 
+          containerPort: 10091
         - name: http
-          containerPort: 10092 
+          containerPort: 10092
         command:
         - azure-npm
         env:
@@ -149,7 +149,7 @@ spec:
               fieldPath: spec.nodeName
         - name: NPM_CONFIG
           value: /etc/azure-npm/azure-npm.json
-        image:  mcr.microsoft.com/containernetworking/azure-npm:v1.4.1
+        image:  mcr.microsoft.com/containernetworking/azure-npm:v1.4.1 # <does this need to be updated?>
         name: azure-npm
         resources:
           limits:
diff --git a/npm/deploy/manifests/daemon/azure-npm.yaml b/npm/deploy/manifests/daemon/azure-npm.yaml
index 2abf2c4c1c..053ca923ff 100644
--- a/npm/deploy/manifests/daemon/azure-npm.yaml
+++ b/npm/deploy/manifests/daemon/azure-npm.yaml
@@ -135,7 +135,7 @@ spec:
               valueFrom:
                 fieldRef:
                   fieldPath: spec.nodeName
-          image:  mcr.microsoft.com/containernetworking/azure-npm:v1.4.1
+          image:  mcr.microsoft.com/containernetworking/azure-npm:v1.4.1 # <does this need to be updated?>
           name: azure-npm
           ports:
             - name: metrics
diff --git a/npm/deploy/npm/azure-npm.yaml b/npm/deploy/npm/azure-npm.yaml
index bf4be6d675..2d446a08ee 100644
--- a/npm/deploy/npm/azure-npm.yaml
+++ b/npm/deploy/npm/azure-npm.yaml
@@ -34,7 +34,7 @@ rules:
       - watch
 ---
 apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding  
+kind: ClusterRoleBinding
 metadata:
   name: azure-npm-binding
   namespace: kube-system
@@ -79,7 +79,7 @@ spec:
         operator: Exists
       containers:
         - name: azure-npm
-          image: mcr.microsoft.com/containernetworking/azure-npm:v1.4.1
+          image: mcr.microsoft.com/containernetworking/azure-npm:v1.4.1 # <does this need to be updated?>
           resources:
             limits:
               cpu: 250m
diff --git a/npm/examples/azure-npm-lite.yaml b/npm/examples/azure-npm-lite.yaml
index cbd8666536..def7a30c45 100644
--- a/npm/examples/azure-npm-lite.yaml
+++ b/npm/examples/azure-npm-lite.yaml
@@ -79,7 +79,7 @@ spec:
           operator: Exists
       containers:
         - name: azure-npm
-          image: mcr.microsoft.com/containernetworking/azure-npm:v1.4.45.3
+          image: mcr.microsoft.com/containernetworking/azure-npm:v1.4.45.3 # <does this need to be updated?>
           resources:
             limits:
               cpu: 250m
diff --git a/test/kubemark/aks-e/azure-npm-with-kubemark.yaml b/test/kubemark/aks-e/azure-npm-with-kubemark.yaml
index 9255863c69..44aebba78e 100644
--- a/test/kubemark/aks-e/azure-npm-with-kubemark.yaml
+++ b/test/kubemark/aks-e/azure-npm-with-kubemark.yaml
@@ -81,7 +81,7 @@ spec:
         kubernetes.azure.com/role: agent
       containers:
         - name: azure-npm
-          image: mcr.microsoft.com/containernetworking/azure-npm:v1.4.9
+          image: mcr.microsoft.com/containernetworking/azure-npm:v1.4.9 # <does this need to be updated?>
           resources:
             limits:
               cpu: 250m
@@ -158,4 +158,4 @@ data:
             "EnableV2NPM":             false,
             "PlaceAzureChainFirst":    false
         }
-    }
\ No newline at end of file
+    }