Microsoft.ContainerService managedClusters 2017-08-31
- Latest
- 2024-09-02-preview
- 2024-09-01
- 2024-08-01
- 2024-07-02-preview
- 2024-07-01
- 2024-06-02-preview
- 2024-05-01
- 2024-04-02-preview
- 2024-03-02-preview
- 2024-02-01
- 2024-01-02-preview
- 2024-01-01
- 2023-11-02-preview
- 2023-11-01
- 2023-10-02-preview
- 2023-10-01
- 2023-09-02-preview
- 2023-09-01
- 2023-08-02-preview
- 2023-08-01
- 2023-07-02-preview
- 2023-07-01
- 2023-06-02-preview
- 2023-06-01
- 2023-05-02-preview
- 2023-05-01
- 2023-04-02-preview
- 2023-04-01
- 2023-03-02-preview
- 2023-03-01
- 2023-02-02-preview
- 2023-02-01
- 2023-01-02-preview
- 2023-01-01
- 2022-11-02-preview
- 2022-11-01
- 2022-10-02-preview
- 2022-09-01
- 2022-08-03-preview
- 2022-08-02-preview
- 2022-07-01
- 2022-06-01
- 2022-05-02-preview
- 2022-04-02-preview
- 2022-04-01
- 2022-03-02-preview
- 2022-03-01
- 2022-02-02-preview
- 2022-02-01
- 2022-01-02-preview
- 2022-01-01
- 2021-11-01-preview
- 2021-10-01
- 2021-09-01
- 2021-08-01
- 2021-07-01
- 2021-05-01
- 2021-03-01
- 2021-02-01
- 2020-12-01
- 2020-11-01
- 2020-09-01
- 2020-07-01
- 2020-06-01
- 2020-04-01
- 2020-03-01
- 2020-02-01
- 2020-01-01
- 2019-11-01
- 2019-10-01
- 2019-08-01
- 2019-06-01
- 2019-04-01
- 2019-02-01
- 2018-08-01-preview
- 2018-03-31
- 2017-08-31
Remarks
For information about available add-ons, see Add-ons, extensions, and other integrations with Azure Kubernetes Service.
Bicep resource definition
The managedClusters resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.ContainerService/managedClusters resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.ContainerService/managedClusters@2017-08-31' = {
location: 'string'
name: 'string'
properties: {
agentPoolProfiles: [
{
count: int
dnsPrefix: 'string'
name: 'string'
osDiskSizeGB: int
osType: 'string'
ports: [
int
]
storageProfile: 'string'
vmSize: 'string'
vnetSubnetID: 'string'
}
]
dnsPrefix: 'string'
kubernetesVersion: 'string'
linuxProfile: {
adminUsername: 'string'
ssh: {
publicKeys: [
{
keyData: 'string'
}
]
}
}
servicePrincipalProfile: {
clientId: 'string'
keyVaultSecretRef: {
secretName: 'string'
vaultID: 'string'
version: 'string'
}
secret: 'string'
}
}
tags: {
{customized property}: 'string'
}
}
Property values
ContainerServiceAgentPoolProfile
| Name | Description | Value |
|---|---|---|
| count | Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. | int Constraints: Min value = 1 Max value = 100 |
| dnsPrefix | DNS prefix to be used to create the FQDN for the agent pool. | string |
| name | Unique name of the agent pool profile in the context of the subscription and resource group. | string (required) |
| osDiskSizeGB | OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified. | int Constraints: Min value = 0 Max value = 1023 |
| osType | OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux. | 'Linux' 'Windows' |
| ports | Ports number array used to expose on this agent pool. The default opened ports are different based on your choice of orchestrator. | int Constraints: Min value = 1 Max value = 65535[] |
| storageProfile | Storage profile specifies what kind of storage used. Choose from StorageAccount and ManagedDisks. Leave it empty, we will choose for you based on the orchestrator choice. | 'ManagedDisks' 'StorageAccount' |
| vmSize | Size of agent VMs. | 'Standard_A1' 'Standard_A10' 'Standard_A11' 'Standard_A1_v2' 'Standard_A2' 'Standard_A2m_v2' 'Standard_A2_v2' 'Standard_A3' 'Standard_A4' 'Standard_A4m_v2' 'Standard_A4_v2' 'Standard_A5' 'Standard_A6' 'Standard_A7' 'Standard_A8' 'Standard_A8m_v2' 'Standard_A8_v2' 'Standard_A9' 'Standard_B2ms' 'Standard_B2s' 'Standard_B4ms' 'Standard_B8ms' 'Standard_D1' 'Standard_D11' 'Standard_D11_v2' 'Standard_D11_v2_Promo' 'Standard_D12' 'Standard_D12_v2' 'Standard_D12_v2_Promo' 'Standard_D13' 'Standard_D13_v2' 'Standard_D13_v2_Promo' 'Standard_D14' 'Standard_D14_v2' 'Standard_D14_v2_Promo' 'Standard_D15_v2' 'Standard_D16s_v3' 'Standard_D16_v3' 'Standard_D1_v2' 'Standard_D2' 'Standard_D2s_v3' 'Standard_D2_v2' 'Standard_D2_v2_Promo' 'Standard_D2_v3' 'Standard_D3' 'Standard_D32s_v3' 'Standard_D32_v3' 'Standard_D3_v2' 'Standard_D3_v2_Promo' 'Standard_D4' 'Standard_D4s_v3' 'Standard_D4_v2' 'Standard_D4_v2_Promo' 'Standard_D4_v3' 'Standard_D5_v2' 'Standard_D5_v2_Promo' 'Standard_D64s_v3' 'Standard_D64_v3' 'Standard_D8s_v3' 'Standard_D8_v3' 'Standard_DS1' 'Standard_DS11' 'Standard_DS11_v2' 'Standard_DS11_v2_Promo' 'Standard_DS12' 'Standard_DS12_v2' 'Standard_DS12_v2_Promo' 'Standard_DS13' 'Standard_DS13-2_v2' 'Standard_DS13-4_v2' 'Standard_DS13_v2' 'Standard_DS13_v2_Promo' 'Standard_DS14' 'Standard_DS14-4_v2' 'Standard_DS14-8_v2' 'Standard_DS14_v2' 'Standard_DS14_v2_Promo' 'Standard_DS15_v2' 'Standard_DS1_v2' 'Standard_DS2' 'Standard_DS2_v2' 'Standard_DS2_v2_Promo' 'Standard_DS3' 'Standard_DS3_v2' 'Standard_DS3_v2_Promo' 'Standard_DS4' 'Standard_DS4_v2' 'Standard_DS4_v2_Promo' 'Standard_DS5_v2' 'Standard_DS5_v2_Promo' 'Standard_E16s_v3' 'Standard_E16_v3' 'Standard_E2s_v3' 'Standard_E2_v3' 'Standard_E32-16s_v3' 'Standard_E32-8s_v3' 'Standard_E32s_v3' 'Standard_E32_v3' 'Standard_E4s_v3' 'Standard_E4_v3' 'Standard_E64-16s_v3' 'Standard_E64-32s_v3' 'Standard_E64s_v3' 'Standard_E64_v3' 'Standard_E8s_v3' 'Standard_E8_v3' 'Standard_F1' 'Standard_F16' 'Standard_F16s' 'Standard_F16s_v2' 'Standard_F1s' 'Standard_F2' 'Standard_F2s' 'Standard_F2s_v2' 'Standard_F32s_v2' 'Standard_F4' 'Standard_F4s' 'Standard_F4s_v2' 'Standard_F64s_v2' 'Standard_F72s_v2' 'Standard_F8' 'Standard_F8s' 'Standard_F8s_v2' 'Standard_G1' 'Standard_G2' 'Standard_G3' 'Standard_G4' 'Standard_G5' 'Standard_GS1' 'Standard_GS2' 'Standard_GS3' 'Standard_GS4' 'Standard_GS4-4' 'Standard_GS4-8' 'Standard_GS5' 'Standard_GS5-16' 'Standard_GS5-8' 'Standard_H16' 'Standard_H16m' 'Standard_H16mr' 'Standard_H16r' 'Standard_H8' 'Standard_H8m' 'Standard_L16s' 'Standard_L32s' 'Standard_L4s' 'Standard_L8s' 'Standard_M128-32ms' 'Standard_M128-64ms' 'Standard_M128ms' 'Standard_M128s' 'Standard_M64-16ms' 'Standard_M64-32ms' 'Standard_M64ms' 'Standard_M64s' 'Standard_NC12' 'Standard_NC12s_v2' 'Standard_NC12s_v3' 'Standard_NC24' 'Standard_NC24r' 'Standard_NC24rs_v2' 'Standard_NC24rs_v3' 'Standard_NC24s_v2' 'Standard_NC24s_v3' 'Standard_NC6' 'Standard_NC6s_v2' 'Standard_NC6s_v3' 'Standard_ND12s' 'Standard_ND24rs' 'Standard_ND24s' 'Standard_ND6s' 'Standard_NV12' 'Standard_NV24' 'Standard_NV6' (required) |
| vnetSubnetID | VNet SubnetID specifies the VNet's subnet identifier. | string |
ContainerServiceLinuxProfile
| Name | Description | Value |
|---|---|---|
| adminUsername | The administrator username to use for Linux VMs. | string Constraints: Pattern = ^[A-Za-z][-A-Za-z0-9_]*$ (required) |
| ssh | SSH configuration for Linux-based VMs running on Azure. | ContainerServiceSshConfiguration (required) |
ContainerServicePrincipalProfile
| Name | Description | Value |
|---|---|---|
| clientId | The ID for the service principal. | string (required) |
| keyVaultSecretRef | Reference to a secret stored in Azure Key Vault. | KeyVaultSecretRef |
| secret | The secret password associated with the service principal in plain text. | string |
ContainerServiceSshConfiguration
| Name | Description | Value |
|---|---|---|
| publicKeys | The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified. | ContainerServiceSshPublicKey[] (required) |
ContainerServiceSshPublicKey
| Name | Description | Value |
|---|---|---|
| keyData | Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers. | string (required) |
KeyVaultSecretRef
| Name | Description | Value |
|---|---|---|
| secretName | The secret name. | string (required) |
| vaultID | Key vault identifier. | string (required) |
| version | The secret version. | string |
ManagedClusterProperties
| Name | Description | Value |
|---|---|---|
| agentPoolProfiles | Properties of the agent pool. | ContainerServiceAgentPoolProfile[] |
| dnsPrefix | DNS prefix specified when creating the managed cluster. | string |
| kubernetesVersion | Version of Kubernetes specified when creating the managed cluster. | string |
| linuxProfile | Profile for Linux VMs in the container service cluster. | ContainerServiceLinuxProfile |
| servicePrincipalProfile | Information about a service principal identity for the cluster to use for manipulating Azure APIs. Either secret or keyVaultSecretRef must be specified. | ContainerServicePrincipalProfile |
Microsoft.ContainerService/managedClusters
| Name | Description | Value |
|---|---|---|
| location | Resource location | string (required) |
| name | The resource name | string (required) |
| properties | Properties of a managed cluster. | ManagedClusterProperties |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
ResourceTags
| Name | Description | Value |
|---|
Quickstart samples
The following quickstart samples deploy this resource type.
| Bicep File | Description |
|---|---|
| AKS Cluster with a NAT Gateway and an Application Gateway | This sample shows how to a deploy an AKS cluster with NAT Gateway for outbound connections and an Application Gateway for inbound connections. |
| AKS cluster with the Application Gateway Ingress Controller | This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault |
| Azure Container Service (AKS) | Deploy a managed cluster with Azure Container Service (AKS) using Azure Linux container hosts |
| Azure Container Service (AKS) | Deploy a managed cluster with Azure Container Service (AKS) |
| Azure Container Service (AKS) with Helm | Deploy a managed cluster with Azure Container Service (AKS) with Helm |
| Azure Kubernetes Service (AKS) | Deploys a managed Kubernetes cluster via Azure Kubernetes Service (AKS) |
| Azure Machine Learning end-to-end secure setup | This set of Bicep templates demonstrates how to set up Azure Machine Learning end-to-end in a secure set up. This reference implementation includes the Workspace, a compute cluster, compute instance and attached private AKS cluster. |
| Azure Machine Learning end-to-end secure setup (legacy) | This set of Bicep templates demonstrates how to set up Azure Machine Learning end-to-end in a secure set up. This reference implementation includes the Workspace, a compute cluster, compute instance and attached private AKS cluster. |
| Create a Private AKS Cluster | This sample shows how to create a private AKS cluster in a virtual network along with a jumpbox virtual machine. |
| Create AKS with Prometheus and Grafana with privae link | This will create an Azure grafana, AKS and install Prometheus, an open-source monitoring and alerting toolkit, on an Azure Kubernetes Service (AKS) cluster. Then you use Azure Managed Grafana's managed private endpoint to connect to this Prometheus server and display the Prometheus data in a Grafana dashboard |
ARM template resource definition
The managedClusters resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.ContainerService/managedClusters resource, add the following JSON to your template.
{
"type": "Microsoft.ContainerService/managedClusters",
"apiVersion": "2017-08-31",
"name": "string",
"location": "string",
"properties": {
"agentPoolProfiles": [
{
"count": "int",
"dnsPrefix": "string",
"name": "string",
"osDiskSizeGB": "int",
"osType": "string",
"ports": [ "int" ],
"storageProfile": "string",
"vmSize": "string",
"vnetSubnetID": "string"
}
],
"dnsPrefix": "string",
"kubernetesVersion": "string",
"linuxProfile": {
"adminUsername": "string",
"ssh": {
"publicKeys": [
{
"keyData": "string"
}
]
}
},
"servicePrincipalProfile": {
"clientId": "string",
"keyVaultSecretRef": {
"secretName": "string",
"vaultID": "string",
"version": "string"
},
"secret": "string"
}
},
"tags": {
"{customized property}": "string"
}
}
Property values
ContainerServiceAgentPoolProfile
| Name | Description | Value |
|---|---|---|
| count | Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. | int Constraints: Min value = 1 Max value = 100 |
| dnsPrefix | DNS prefix to be used to create the FQDN for the agent pool. | string |
| name | Unique name of the agent pool profile in the context of the subscription and resource group. | string (required) |
| osDiskSizeGB | OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified. | int Constraints: Min value = 0 Max value = 1023 |
| osType | OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux. | 'Linux' 'Windows' |
| ports | Ports number array used to expose on this agent pool. The default opened ports are different based on your choice of orchestrator. | int Constraints: Min value = 1 Max value = 65535[] |
| storageProfile | Storage profile specifies what kind of storage used. Choose from StorageAccount and ManagedDisks. Leave it empty, we will choose for you based on the orchestrator choice. | 'ManagedDisks' 'StorageAccount' |
| vmSize | Size of agent VMs. | 'Standard_A1' 'Standard_A10' 'Standard_A11' 'Standard_A1_v2' 'Standard_A2' 'Standard_A2m_v2' 'Standard_A2_v2' 'Standard_A3' 'Standard_A4' 'Standard_A4m_v2' 'Standard_A4_v2' 'Standard_A5' 'Standard_A6' 'Standard_A7' 'Standard_A8' 'Standard_A8m_v2' 'Standard_A8_v2' 'Standard_A9' 'Standard_B2ms' 'Standard_B2s' 'Standard_B4ms' 'Standard_B8ms' 'Standard_D1' 'Standard_D11' 'Standard_D11_v2' 'Standard_D11_v2_Promo' 'Standard_D12' 'Standard_D12_v2' 'Standard_D12_v2_Promo' 'Standard_D13' 'Standard_D13_v2' 'Standard_D13_v2_Promo' 'Standard_D14' 'Standard_D14_v2' 'Standard_D14_v2_Promo' 'Standard_D15_v2' 'Standard_D16s_v3' 'Standard_D16_v3' 'Standard_D1_v2' 'Standard_D2' 'Standard_D2s_v3' 'Standard_D2_v2' 'Standard_D2_v2_Promo' 'Standard_D2_v3' 'Standard_D3' 'Standard_D32s_v3' 'Standard_D32_v3' 'Standard_D3_v2' 'Standard_D3_v2_Promo' 'Standard_D4' 'Standard_D4s_v3' 'Standard_D4_v2' 'Standard_D4_v2_Promo' 'Standard_D4_v3' 'Standard_D5_v2' 'Standard_D5_v2_Promo' 'Standard_D64s_v3' 'Standard_D64_v3' 'Standard_D8s_v3' 'Standard_D8_v3' 'Standard_DS1' 'Standard_DS11' 'Standard_DS11_v2' 'Standard_DS11_v2_Promo' 'Standard_DS12' 'Standard_DS12_v2' 'Standard_DS12_v2_Promo' 'Standard_DS13' 'Standard_DS13-2_v2' 'Standard_DS13-4_v2' 'Standard_DS13_v2' 'Standard_DS13_v2_Promo' 'Standard_DS14' 'Standard_DS14-4_v2' 'Standard_DS14-8_v2' 'Standard_DS14_v2' 'Standard_DS14_v2_Promo' 'Standard_DS15_v2' 'Standard_DS1_v2' 'Standard_DS2' 'Standard_DS2_v2' 'Standard_DS2_v2_Promo' 'Standard_DS3' 'Standard_DS3_v2' 'Standard_DS3_v2_Promo' 'Standard_DS4' 'Standard_DS4_v2' 'Standard_DS4_v2_Promo' 'Standard_DS5_v2' 'Standard_DS5_v2_Promo' 'Standard_E16s_v3' 'Standard_E16_v3' 'Standard_E2s_v3' 'Standard_E2_v3' 'Standard_E32-16s_v3' 'Standard_E32-8s_v3' 'Standard_E32s_v3' 'Standard_E32_v3' 'Standard_E4s_v3' 'Standard_E4_v3' 'Standard_E64-16s_v3' 'Standard_E64-32s_v3' 'Standard_E64s_v3' 'Standard_E64_v3' 'Standard_E8s_v3' 'Standard_E8_v3' 'Standard_F1' 'Standard_F16' 'Standard_F16s' 'Standard_F16s_v2' 'Standard_F1s' 'Standard_F2' 'Standard_F2s' 'Standard_F2s_v2' 'Standard_F32s_v2' 'Standard_F4' 'Standard_F4s' 'Standard_F4s_v2' 'Standard_F64s_v2' 'Standard_F72s_v2' 'Standard_F8' 'Standard_F8s' 'Standard_F8s_v2' 'Standard_G1' 'Standard_G2' 'Standard_G3' 'Standard_G4' 'Standard_G5' 'Standard_GS1' 'Standard_GS2' 'Standard_GS3' 'Standard_GS4' 'Standard_GS4-4' 'Standard_GS4-8' 'Standard_GS5' 'Standard_GS5-16' 'Standard_GS5-8' 'Standard_H16' 'Standard_H16m' 'Standard_H16mr' 'Standard_H16r' 'Standard_H8' 'Standard_H8m' 'Standard_L16s' 'Standard_L32s' 'Standard_L4s' 'Standard_L8s' 'Standard_M128-32ms' 'Standard_M128-64ms' 'Standard_M128ms' 'Standard_M128s' 'Standard_M64-16ms' 'Standard_M64-32ms' 'Standard_M64ms' 'Standard_M64s' 'Standard_NC12' 'Standard_NC12s_v2' 'Standard_NC12s_v3' 'Standard_NC24' 'Standard_NC24r' 'Standard_NC24rs_v2' 'Standard_NC24rs_v3' 'Standard_NC24s_v2' 'Standard_NC24s_v3' 'Standard_NC6' 'Standard_NC6s_v2' 'Standard_NC6s_v3' 'Standard_ND12s' 'Standard_ND24rs' 'Standard_ND24s' 'Standard_ND6s' 'Standard_NV12' 'Standard_NV24' 'Standard_NV6' (required) |
| vnetSubnetID | VNet SubnetID specifies the VNet's subnet identifier. | string |
ContainerServiceLinuxProfile
| Name | Description | Value |
|---|---|---|
| adminUsername | The administrator username to use for Linux VMs. | string Constraints: Pattern = ^[A-Za-z][-A-Za-z0-9_]*$ (required) |
| ssh | SSH configuration for Linux-based VMs running on Azure. | ContainerServiceSshConfiguration (required) |
ContainerServicePrincipalProfile
| Name | Description | Value |
|---|---|---|
| clientId | The ID for the service principal. | string (required) |
| keyVaultSecretRef | Reference to a secret stored in Azure Key Vault. | KeyVaultSecretRef |
| secret | The secret password associated with the service principal in plain text. | string |
ContainerServiceSshConfiguration
| Name | Description | Value |
|---|---|---|
| publicKeys | The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified. | ContainerServiceSshPublicKey[] (required) |
ContainerServiceSshPublicKey
| Name | Description | Value |
|---|---|---|
| keyData | Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers. | string (required) |
KeyVaultSecretRef
| Name | Description | Value |
|---|---|---|
| secretName | The secret name. | string (required) |
| vaultID | Key vault identifier. | string (required) |
| version | The secret version. | string |
ManagedClusterProperties
| Name | Description | Value |
|---|---|---|
| agentPoolProfiles | Properties of the agent pool. | ContainerServiceAgentPoolProfile[] |
| dnsPrefix | DNS prefix specified when creating the managed cluster. | string |
| kubernetesVersion | Version of Kubernetes specified when creating the managed cluster. | string |
| linuxProfile | Profile for Linux VMs in the container service cluster. | ContainerServiceLinuxProfile |
| servicePrincipalProfile | Information about a service principal identity for the cluster to use for manipulating Azure APIs. Either secret or keyVaultSecretRef must be specified. | ContainerServicePrincipalProfile |
Microsoft.ContainerService/managedClusters
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2017-08-31' |
| location | Resource location | string (required) |
| name | The resource name | string (required) |
| properties | Properties of a managed cluster. | ManagedClusterProperties |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
| type | The resource type | 'Microsoft.ContainerService/managedClusters' |
ResourceTags
| Name | Description | Value |
|---|
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
AKS Cluster with a NAT Gateway and an Application Gateway |
This sample shows how to a deploy an AKS cluster with NAT Gateway for outbound connections and an Application Gateway for inbound connections. |
| AKS cluster with the Application Gateway Ingress Controller |
This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault |
| Azure Container Service (AKS) |
Deploy a managed cluster with Azure Container Service (AKS) using Azure Linux container hosts |
| Azure Container Service (AKS) |
Deploy a managed cluster with Azure Container Service (AKS) |
| Azure Container Service (AKS) with Helm |
Deploy a managed cluster with Azure Container Service (AKS) with Helm |
| Azure Kubernetes Service (AKS) |
Deploys a managed Kubernetes cluster via Azure Kubernetes Service (AKS) |
| Azure Machine Learning end-to-end secure setup |
This set of Bicep templates demonstrates how to set up Azure Machine Learning end-to-end in a secure set up. This reference implementation includes the Workspace, a compute cluster, compute instance and attached private AKS cluster. |
| Azure Machine Learning end-to-end secure setup (legacy) |
This set of Bicep templates demonstrates how to set up Azure Machine Learning end-to-end in a secure set up. This reference implementation includes the Workspace, a compute cluster, compute instance and attached private AKS cluster. |
| CI/CD using Jenkins on Azure Container Service (AKS) |
Containers make it very easy for you to continuously build and deploy your applications. By orchestrating deployment of those containers using Kubernetes in Azure Container Service, you can achieve replicable, manageable clusters of containers. By setting up a continuous build to produce your container images and orchestration, you can increase the speed and reliability of your deployment. |
| Create a Private AKS Cluster |
This sample shows how to create a private AKS cluster in a virtual network along with a jumpbox virtual machine. |
| Create a Private AKS Cluster with a Public DNS Zone |
This sample shows how to a deploy a private AKS cluster with a Public DNS Zone. |
| Create AKS with Prometheus and Grafana with privae link |
This will create an Azure grafana, AKS and install Prometheus, an open-source monitoring and alerting toolkit, on an Azure Kubernetes Service (AKS) cluster. Then you use Azure Managed Grafana's managed private endpoint to connect to this Prometheus server and display the Prometheus data in a Grafana dashboard |
| Deploy a managed Kubernetes Cluster (AKS) |
This ARM template demonstrates the deployment of an AKS instance with advanced networking features into an existing virtual network. Additionally, the chosen Service Principal is assigned the Network Contributor role against the subnet that contains the AKS cluster. |
| Deploy a managed Kubernetes Cluster with AAD (AKS) |
This ARM template demonstrates the deployment of an AKS instance with advanced networking features into an existing virtual network and Azure AD Integeration. Additionally, the chosen Service Principal is assigned the Network Contributor role against the subnet that contains the AKS cluster. |
| Deploy an AKS cluster for Azure ML |
This template allows you to deploy an entreprise compliant AKS cluster which can be attached to Azure ML |
| min.io Azure Gateway |
Fully private min.io Azure Gateway deployment to provide an S3 compliant storage API backed by blob storage |
Terraform (AzAPI provider) resource definition
The managedClusters resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.ContainerService/managedClusters resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.ContainerService/managedClusters@2017-08-31"
name = "string"
location = "string"
tags = {
{customized property} = "string"
}
body = jsonencode({
properties = {
agentPoolProfiles = [
{
count = int
dnsPrefix = "string"
name = "string"
osDiskSizeGB = int
osType = "string"
ports = [
int
]
storageProfile = "string"
vmSize = "string"
vnetSubnetID = "string"
}
]
dnsPrefix = "string"
kubernetesVersion = "string"
linuxProfile = {
adminUsername = "string"
ssh = {
publicKeys = [
{
keyData = "string"
}
]
}
}
servicePrincipalProfile = {
clientId = "string"
keyVaultSecretRef = {
secretName = "string"
vaultID = "string"
version = "string"
}
secret = "string"
}
}
})
}
Property values
ContainerServiceAgentPoolProfile
| Name | Description | Value |
|---|---|---|
| count | Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. | int Constraints: Min value = 1 Max value = 100 |
| dnsPrefix | DNS prefix to be used to create the FQDN for the agent pool. | string |
| name | Unique name of the agent pool profile in the context of the subscription and resource group. | string (required) |
| osDiskSizeGB | OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified. | int Constraints: Min value = 0 Max value = 1023 |
| osType | OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux. | 'Linux' 'Windows' |
| ports | Ports number array used to expose on this agent pool. The default opened ports are different based on your choice of orchestrator. | int Constraints: Min value = 1 Max value = 65535[] |
| storageProfile | Storage profile specifies what kind of storage used. Choose from StorageAccount and ManagedDisks. Leave it empty, we will choose for you based on the orchestrator choice. | 'ManagedDisks' 'StorageAccount' |
| vmSize | Size of agent VMs. | 'Standard_A1' 'Standard_A10' 'Standard_A11' 'Standard_A1_v2' 'Standard_A2' 'Standard_A2m_v2' 'Standard_A2_v2' 'Standard_A3' 'Standard_A4' 'Standard_A4m_v2' 'Standard_A4_v2' 'Standard_A5' 'Standard_A6' 'Standard_A7' 'Standard_A8' 'Standard_A8m_v2' 'Standard_A8_v2' 'Standard_A9' 'Standard_B2ms' 'Standard_B2s' 'Standard_B4ms' 'Standard_B8ms' 'Standard_D1' 'Standard_D11' 'Standard_D11_v2' 'Standard_D11_v2_Promo' 'Standard_D12' 'Standard_D12_v2' 'Standard_D12_v2_Promo' 'Standard_D13' 'Standard_D13_v2' 'Standard_D13_v2_Promo' 'Standard_D14' 'Standard_D14_v2' 'Standard_D14_v2_Promo' 'Standard_D15_v2' 'Standard_D16s_v3' 'Standard_D16_v3' 'Standard_D1_v2' 'Standard_D2' 'Standard_D2s_v3' 'Standard_D2_v2' 'Standard_D2_v2_Promo' 'Standard_D2_v3' 'Standard_D3' 'Standard_D32s_v3' 'Standard_D32_v3' 'Standard_D3_v2' 'Standard_D3_v2_Promo' 'Standard_D4' 'Standard_D4s_v3' 'Standard_D4_v2' 'Standard_D4_v2_Promo' 'Standard_D4_v3' 'Standard_D5_v2' 'Standard_D5_v2_Promo' 'Standard_D64s_v3' 'Standard_D64_v3' 'Standard_D8s_v3' 'Standard_D8_v3' 'Standard_DS1' 'Standard_DS11' 'Standard_DS11_v2' 'Standard_DS11_v2_Promo' 'Standard_DS12' 'Standard_DS12_v2' 'Standard_DS12_v2_Promo' 'Standard_DS13' 'Standard_DS13-2_v2' 'Standard_DS13-4_v2' 'Standard_DS13_v2' 'Standard_DS13_v2_Promo' 'Standard_DS14' 'Standard_DS14-4_v2' 'Standard_DS14-8_v2' 'Standard_DS14_v2' 'Standard_DS14_v2_Promo' 'Standard_DS15_v2' 'Standard_DS1_v2' 'Standard_DS2' 'Standard_DS2_v2' 'Standard_DS2_v2_Promo' 'Standard_DS3' 'Standard_DS3_v2' 'Standard_DS3_v2_Promo' 'Standard_DS4' 'Standard_DS4_v2' 'Standard_DS4_v2_Promo' 'Standard_DS5_v2' 'Standard_DS5_v2_Promo' 'Standard_E16s_v3' 'Standard_E16_v3' 'Standard_E2s_v3' 'Standard_E2_v3' 'Standard_E32-16s_v3' 'Standard_E32-8s_v3' 'Standard_E32s_v3' 'Standard_E32_v3' 'Standard_E4s_v3' 'Standard_E4_v3' 'Standard_E64-16s_v3' 'Standard_E64-32s_v3' 'Standard_E64s_v3' 'Standard_E64_v3' 'Standard_E8s_v3' 'Standard_E8_v3' 'Standard_F1' 'Standard_F16' 'Standard_F16s' 'Standard_F16s_v2' 'Standard_F1s' 'Standard_F2' 'Standard_F2s' 'Standard_F2s_v2' 'Standard_F32s_v2' 'Standard_F4' 'Standard_F4s' 'Standard_F4s_v2' 'Standard_F64s_v2' 'Standard_F72s_v2' 'Standard_F8' 'Standard_F8s' 'Standard_F8s_v2' 'Standard_G1' 'Standard_G2' 'Standard_G3' 'Standard_G4' 'Standard_G5' 'Standard_GS1' 'Standard_GS2' 'Standard_GS3' 'Standard_GS4' 'Standard_GS4-4' 'Standard_GS4-8' 'Standard_GS5' 'Standard_GS5-16' 'Standard_GS5-8' 'Standard_H16' 'Standard_H16m' 'Standard_H16mr' 'Standard_H16r' 'Standard_H8' 'Standard_H8m' 'Standard_L16s' 'Standard_L32s' 'Standard_L4s' 'Standard_L8s' 'Standard_M128-32ms' 'Standard_M128-64ms' 'Standard_M128ms' 'Standard_M128s' 'Standard_M64-16ms' 'Standard_M64-32ms' 'Standard_M64ms' 'Standard_M64s' 'Standard_NC12' 'Standard_NC12s_v2' 'Standard_NC12s_v3' 'Standard_NC24' 'Standard_NC24r' 'Standard_NC24rs_v2' 'Standard_NC24rs_v3' 'Standard_NC24s_v2' 'Standard_NC24s_v3' 'Standard_NC6' 'Standard_NC6s_v2' 'Standard_NC6s_v3' 'Standard_ND12s' 'Standard_ND24rs' 'Standard_ND24s' 'Standard_ND6s' 'Standard_NV12' 'Standard_NV24' 'Standard_NV6' (required) |
| vnetSubnetID | VNet SubnetID specifies the VNet's subnet identifier. | string |
ContainerServiceLinuxProfile
| Name | Description | Value |
|---|---|---|
| adminUsername | The administrator username to use for Linux VMs. | string Constraints: Pattern = ^[A-Za-z][-A-Za-z0-9_]*$ (required) |
| ssh | SSH configuration for Linux-based VMs running on Azure. | ContainerServiceSshConfiguration (required) |
ContainerServicePrincipalProfile
| Name | Description | Value |
|---|---|---|
| clientId | The ID for the service principal. | string (required) |
| keyVaultSecretRef | Reference to a secret stored in Azure Key Vault. | KeyVaultSecretRef |
| secret | The secret password associated with the service principal in plain text. | string |
ContainerServiceSshConfiguration
| Name | Description | Value |
|---|---|---|
| publicKeys | The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified. | ContainerServiceSshPublicKey[] (required) |
ContainerServiceSshPublicKey
| Name | Description | Value |
|---|---|---|
| keyData | Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers. | string (required) |
KeyVaultSecretRef
| Name | Description | Value |
|---|---|---|
| secretName | The secret name. | string (required) |
| vaultID | Key vault identifier. | string (required) |
| version | The secret version. | string |
ManagedClusterProperties
| Name | Description | Value |
|---|---|---|
| agentPoolProfiles | Properties of the agent pool. | ContainerServiceAgentPoolProfile[] |
| dnsPrefix | DNS prefix specified when creating the managed cluster. | string |
| kubernetesVersion | Version of Kubernetes specified when creating the managed cluster. | string |
| linuxProfile | Profile for Linux VMs in the container service cluster. | ContainerServiceLinuxProfile |
| servicePrincipalProfile | Information about a service principal identity for the cluster to use for manipulating Azure APIs. Either secret or keyVaultSecretRef must be specified. | ContainerServicePrincipalProfile |
Microsoft.ContainerService/managedClusters
| Name | Description | Value |
|---|---|---|
| location | Resource location | string (required) |
| name | The resource name | string (required) |
| properties | Properties of a managed cluster. | ManagedClusterProperties |
| tags | Resource tags | Dictionary of tag names and values. |
| type | The resource type | "Microsoft.ContainerService/managedClusters@2017-08-31" |
ResourceTags
| Name | Description | Value |
|---|