az aks

Manage Azure Kubernetes Services.

Commands

az aks browse Show the dashboard for a Kubernetes cluster in a web browser.
az aks create Create a new managed Kubernetes cluster.
az aks delete Delete a managed Kubernetes cluster.
az aks get-credentials Get access credentials for a managed Kubernetes cluster.
az aks get-upgrades Get the upgrade versions available for a managed Kubernetes cluster.
az aks get-versions Get the versions available for creating a managed Kubernetes cluster.
az aks install-cli Download and install kubectl, the Kubernetes command-line tool.
az aks install-connector (PREVIEW) Install the ACI Connector on a managed Kubernetes cluster.
az aks list List managed Kubernetes clusters.
az aks remove-connector (PREVIEW) Remove the ACI Connector from a managed Kubernetes cluster.
az aks remove-dev-spaces (PREVIEW) Remove Azure Dev Spaces from a managed Kubernetes cluster.
az aks scale Scale the node pool in a managed Kubernetes cluster.
az aks show Show the details for a managed Kubernetes cluster.
az aks upgrade Upgrade a managed Kubernetes cluster to a newer version.
az aks upgrade-connector (PREVIEW) Upgrade the ACI Connector on a managed Kubernetes cluster.
az aks use-dev-spaces (PREVIEW) Use Azure Dev Spaces with a managed Kubernetes cluster.
az aks wait Wait for a managed Kubernetes cluster to reach a desired state.

az aks browse

Show the dashboard for a Kubernetes cluster in a web browser.

az aks browse --name
--resource-group
[--disable-browser]

Required Parameters

--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--disable-browser

Don't launch a web browser after establishing port-forwarding.

az aks create

Create a new managed Kubernetes cluster.

az aks create --name
--resource-group
[--aad-client-app-id]
[--aad-server-app-id]
[--aad-server-app-secret]
[--aad-tenant-id]
[--admin-username]
[--client-secret]
[--dns-name-prefix]
[--dns-service-ip]
[--docker-bridge-address]
[--enable-addons]
[--enable-rbac]
[--generate-ssh-keys]
[--kubernetes-version]
[--location]
[--max-pods]
[--network-plugin]
[--no-ssh-key]
[--no-wait]
[--node-count]
[--node-osdisk-size]
[--node-vm-size]
[--pod-cidr]
[--service-cidr]
[--service-principal]
[--ssh-key-value]
[--tags]
[--vnet-subnet-id]
[--workspace-resource-id]

Examples

Create a Kubernetes cluster with an existing SSH public key.

az aks create -g MyResourceGroup -n MyManagedCluster --ssh-key-value /path/to/publickey

Create a Kubernetes cluster with a specific version.

az aks create -g MyResourceGroup -n MyManagedCluster --kubernetes-version 1.8.7

Create a Kubernetes cluster with a larger node pool.

az aks create -g MyResourceGroup -n MyManagedCluster --node-count 7

Required Parameters

--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--aad-client-app-id

(PREVIEW) The ID of an Azure Active Directory client application of type "Native". This application is for user login via kubectl.

--aad-server-app-id

(PREVIEW) The ID of an Azure Active Directory server application of type "Web app/API". This application represents the managed cluster's apiserver (Server application).

--aad-server-app-secret

(PREVIEW) The secret of an Azure Active Directory server application.

--aad-tenant-id

(PREVIEW) The ID of an Azure Active Directory tenant.

--admin-username -u

User account to create on node VMs for SSH access.

default value: azureuser
--client-secret

Secret associated with the service principal. This argument is required if --service-principal is specified.

--dns-name-prefix -p

Prefix for hostnames that are created. If not specified, generate a hostname using the managed cluster and resource group names.

--dns-service-ip

An IP address assigned to the Kubernetes DNS service.

--docker-bridge-address

An IP address and netmask assigned to the Docker bridge.

--enable-addons -a

Enable the Kubernetes addons in a comma-separated list.

--enable-rbac -r

Enable Kubernetes Role-Based Access Control.

--generate-ssh-keys

Generate SSH public and private key files if missing.

--kubernetes-version -k

Version of Kubernetes to use for creating the cluster, such as "1.7.12" or "1.8.7".

value from: `az aks get-versions`
--location -l

Location. You can configure the default location using az configure --defaults location=<location>.

--max-pods -m

The maximum number of pods deployable to a node.

--network-plugin

The Kubernetes network plugin to use.

--no-ssh-key -x

Do not use or create a local SSH key.

--no-wait

Do not wait for the long-running operation to finish.

--node-count -c

Number of nodes in the Kubernetes node pool. After creating a cluster, you can change the size of its node pool with az aks scale.

default value: 3
--node-osdisk-size

Size in GB of the OS disk for each node in the node pool.

--node-vm-size -s

Size of Virtual Machines to create as Kubernetes nodes.

default value: Standard_DS1_v2
--pod-cidr

A CIDR notation IP range from which to assign pod IPs when kubenet is used.

--service-cidr

A CIDR notation IP range from which to assign service cluster IPs.

--service-principal

Service principal used for authentication to Azure APIs.

--ssh-key-value

Public key path or key contents to install on node VMs for SSH access. For example, 'ssh-rsa AAAAB...snip...UcyupgH azureuser@linuxvm'.

default value: ~\.ssh\id_rsa.pub
--tags

Space-separated tags in 'key[=value]' format. Use "" to clear existing tags.

--vnet-subnet-id

The ID of a subnet in an existing VNet into which to deploy the cluster.

--workspace-resource-id

The resource ID of an existing Log Analytics Workspace to use for storing monitoring data.

az aks delete

Delete a managed Kubernetes cluster.

az aks delete --name
--resource-group
[--no-wait]
[--yes]

Required Parameters

--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--no-wait

Do not wait for the long-running operation to finish.

--yes -y

Do not prompt for confirmation.

az aks get-credentials

Get access credentials for a managed Kubernetes cluster.

az aks get-credentials --name
--resource-group
[--admin]
[--file]

Required Parameters

--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--admin -a

Get cluster administrator credentials. Default: cluster user credentials.

--file -f

Kubernetes configuration file to update. Use "-" to print YAML to stdout instead.

default value: ~/.kube/config

az aks get-upgrades

Get the upgrade versions available for a managed Kubernetes cluster.

az aks get-upgrades --name
--resource-group

Required Parameters

--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

az aks get-versions

Get the versions available for creating a managed Kubernetes cluster.

az aks get-versions --location

Required Parameters

--location -l

Location. You can configure the default location using az configure --defaults location=<location>.

az aks install-cli

Download and install kubectl, the Kubernetes command-line tool.

az aks install-cli [--client-version]
[--install-location]

Optional Parameters

--client-version
default value: latest
--install-location
default value: C:\Program Files\kubectl.exe

az aks install-connector

(PREVIEW) Install the ACI Connector on a managed Kubernetes cluster.

az aks install-connector --name
--resource-group
[--aci-resource-group]
[--chart-url]
[--client-secret]
[--connector-name]
[--image-tag]
[--location]
[--os-type {Both, Linux, Windows}]
[--service-principal]

Examples

Install the ACI Connector for Linux to a managed Kubernetes cluster.

az aks install-connector --name MyManagedCluster --resource-group MyResourceGroup

Install the ACI Connector for Windows to a managed Kubernetes cluster.

az aks install-connector --name MyManagedCluster --resource-group MyResourceGroup \
                           --connector-name aci-connector --os-type Windows

Install the ACI Connector for both Windows and Linux to a managed Kubernetes cluster.

az aks install-connector --name MyManagedCluster --resource-group MyResourceGroup \
                          --connector-name aci-connector --os-type Both

Install the ACI Connector using a specific service principal in a specific resource group.

az aks install-connector --name MyManagedCluster --resource-group MyResourceGroup \
                          --connector-name aci-connector --service-principal <SPN_ID> --client-secret <SPN_SECRET> \
                          --aci-resource-group <ACI resource group>

Install the ACI Connector from a custom Helm chart with custom tag.

az aks install-connector --name MyManagedCluster --resource-group MyResourceGroup \
                          --connector-name aci-connector --chart-url <CustomURL> --image-tag <VirtualKubeletImageTag>

Required Parameters

--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--aci-resource-group

The resource group to create the ACI container groups. Use the MC_* resource group if it is not specified.

--chart-url

URL of a Helm chart that installs ACI Connector.

default value: <a href="https://github.com/virtual-kubelet/virtual-kubelet/raw/master/charts/virtual-kubelet-for-aks-0.1.3.tgz">https://github.com/virtual-kubelet/virtual-kubelet/raw/master/charts/virtual-kubelet-for-aks-0.1.3.tgz</a>
--client-secret

Secret associated with the service principal. This argument is required if --service-principal is specified.

--connector-name

Name of the ACI Connector.

default value: aci-connector
--image-tag

The image tag of the virtual kubelet. Use 'latest' if it is not specified.

--location -l

The location to create the ACI container groups. Use the location of the MC_* resource group if it is not specified.

--os-type

Install support for deploying ACIs of this operating system type.

accepted values: Both, Linux, Windows
default value: Linux
--service-principal

Service principal used for authentication to Azure APIs.

az aks list

List managed Kubernetes clusters.

az aks list [--resource-group]

Optional Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

az aks remove-connector

(PREVIEW) Remove the ACI Connector from a managed Kubernetes cluster.

az aks remove-connector --name
--resource-group
[--connector-name]
[--graceful]
[--location]
[--os-type {Both, Linux, Windows}]

Examples

Remove the ACI Connector from a cluster using the graceful mode.

az aks remove-connector --name MyManagedCluster --resource-group MyResourceGroup \
                          --connector-name MyConnector --graceful

Required Parameters

--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--connector-name

Name of the ACI Connector.

default value: aci-connector
--graceful

Use a "cordon and drain" strategy to evict pods safely before removing the ACI node.

--location -l

Location. You can configure the default location using az configure --defaults location=<location>.

--os-type

Remove support for deploying ACIs of this operating system type.

accepted values: Both, Linux, Windows
default value: Linux

az aks remove-dev-spaces

(PREVIEW) Remove Azure Dev Spaces from a managed Kubernetes cluster.

az aks remove-dev-spaces --name
--resource-group
[--yes]

Examples

Remove Azure Dev Spaces from a managed Kubernetes cluster.

az aks remove-dev-spaces -g my-aks-group -n my-aks

Remove Azure Dev Spaces from a managed Kubernetes cluster without prompting.

az aks remove-dev-spaces -g my-aks-group -n my-aks --yes

Required Parameters

--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--yes -y

Do not prompt for confirmation.

az aks scale

Scale the node pool in a managed Kubernetes cluster.

az aks scale --name
--node-count
--resource-group
[--no-wait]

Required Parameters

--name -n

Name of the managed cluster.

--node-count -c

Number of nodes in the Kubernetes node pool.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--no-wait

Do not wait for the long-running operation to finish.

az aks show

Show the details for a managed Kubernetes cluster.

az aks show --name
--resource-group

Required Parameters

--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

az aks upgrade

Upgrade a managed Kubernetes cluster to a newer version.

az aks upgrade --kubernetes-version
--name
--resource-group
[--no-wait]
[--yes]

Required Parameters

--kubernetes-version -k

Version of Kubernetes to upgrade the cluster to, such as "1.7.12" or "1.8.7".

value from: `az aks get-upgrades`
--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--no-wait

Do not wait for the long-running operation to finish.

--yes -y

Do not prompt for confirmation.

az aks upgrade-connector

(PREVIEW) Upgrade the ACI Connector on a managed Kubernetes cluster.

az aks upgrade-connector --name
--resource-group
[--aci-resource-group]
[--chart-url]
[--client-secret]
[--connector-name]
[--image-tag]
[--location]
[--os-type {Both, Linux, Windows}]
[--service-principal]

Examples

Upgrade the ACI Connector for Linux to a managed Kubernetes cluster.

az aks upgrade-connector --name MyManagedCluster --resource-group MyResourceGroup \
                          --connector-name aci-connector

Upgrade the ACI Connector for Windows to a managed Kubernetes cluster.

az aks upgrade-connector --name MyManagedCluster --resource-group MyResourceGroup \
                           --connector-name aci-connector --os-type Windows

Upgrade the ACI Connector for both Windows and Linux to a managed Kubernetes cluster.

az aks upgrade-connector --name MyManagedCluster --resource-group MyResourceGroup \
                          --connector-name aci-connector --os-type Both

Upgrade the ACI Connector to use a specific service principal in a specific resource group.

az aks upgrade-connector --name MyManagedCluster --resource-group MyResourceGroup \
                          --connector-name aci-connector --service-principal <SPN_ID> --client-secret <SPN_SECRET> \
                          --aci-resource-group <ACI resource group>

Upgrade the ACI Connector from a custom Helm chart with custom tag.

az aks upgrade-connector --name MyManagedCluster --resource-group MyResourceGroup \
                          --connector-name aci-connector --chart-url <CustomURL> --image-tag <VirtualKubeletImageTag>

Required Parameters

--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--aci-resource-group

The resource group to create the ACI container groups. Use the MC_* resource group if it is not specified.

--chart-url

URL of a Helm chart that installs ACI Connector.

default value: <a href="https://github.com/virtual-kubelet/virtual-kubelet/raw/master/charts/virtual-kubelet-for-aks-0.1.3.tgz">https://github.com/virtual-kubelet/virtual-kubelet/raw/master/charts/virtual-kubelet-for-aks-0.1.3.tgz</a>
--client-secret

Secret associated with the service principal. This argument is required if --service-principal is specified.

--connector-name

Name of the ACI Connector.

default value: aci-connector
--image-tag

The image tag of the virtual kubelet. Use 'latest' if it is not specified.

--location -l

The location to create the ACI container groups. Use the location of the MC_* resource group if it is not specified.

--os-type

Install support for deploying ACIs of this operating system type.

accepted values: Both, Linux, Windows
default value: Linux
--service-principal

Service principal used for authentication to Azure APIs.

az aks use-dev-spaces

(PREVIEW) Use Azure Dev Spaces with a managed Kubernetes cluster.

az aks use-dev-spaces --name
--resource-group
[--space]
[--update]
[--yes]

Examples

Use Azure Dev Spaces with a managed Kubernetes cluster, interactively selecting a dev space.

az aks use-dev-spaces -g my-aks-group -n my-aks

Use Azure Dev Spaces with a managed Kubernetes cluster, updating to the latest Azure Dev Spaces client components and selecting a new or existing dev space 'my-space'.

az aks use-dev-spaces -g my-aks-group -n my-aks --update --space my-space

Use Azure Dev Spaces with a managed Kubernetes cluster, selecting a new or existing dev space 'develop/my-space' without prompting for confirmation.

az aks use-dev-spaces -g my-aks-group -n my-aks -s develop/my-space -y

Required Parameters

--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--space -s

Name of the new or existing dev space to select. Defaults to an interactive selection experience.

--update

Update to the latest Azure Dev Spaces client components.

--yes -y

Do not prompt for confirmation. Requires --space.

az aks wait

Wait for a managed Kubernetes cluster to reach a desired state.

az aks wait --name
--resource-group
[--created]
[--custom]
[--deleted]
[--exists]
[--interval]
[--timeout]
[--updated]

Examples

Wait for a cluster to be upgraded, polling every minute for up to thirty minutes.

az aks wait -g MyResourceGroup -n MyManagedCluster --updated --interval 60 --timeout 1800

Required Parameters

--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--created

Wait until created with 'provisioningState' at 'Succeeded'.

--custom

Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].

--deleted

Wait until deleted.

--exists

Wait until the resource exists.

--interval

Polling interval in seconds.

default value: 30
--timeout

Maximum wait in seconds.

default value: 3600
--updated

Wait until updated with provisioningState at 'Succeeded'.