az aks

Manage Azure Kubernetes Services.

Commands

az aks create Create a new managed Kubernetes cluster.
az aks scale Scale the node pool in a managed Kubernetes cluster.
az aks show Show the details for a managed Kubernetes cluster.
az aks update Update a managed Kubernetes cluster to enable/disable cluster-autoscaler or change min-count or max-count.
az aks upgrade Upgrade a managed Kubernetes cluster to a newer version.
az aks wait Wait for a managed Kubernetes cluster to reach a desired state.

az aks create

Create a new managed Kubernetes cluster.

az aks create --name
--resource-group
[--aad-client-app-id]
[--aad-server-app-id]
[--aad-server-app-secret]
[--aad-tenant-id]
[--admin-username]
[--client-secret]
[--disable-rbac]
[--dns-name-prefix]
[--dns-service-ip]
[--docker-bridge-address]
[--enable-addons]
[--enable-cluster-autoscaler]
[--enable-rbac]
[--enable-vmss]
[--generate-ssh-keys]
[--kubernetes-version]
[--location]
[--max-count]
[--max-pods]
[--min-count]
[--network-plugin]
[--network-policy]
[--no-ssh-key]
[--no-wait]
[--node-count]
[--node-osdisk-size]
[--node-vm-size]
[--nodepool-name]
[--pod-cidr]
[--service-cidr]
[--service-principal]
[--skip-subnet-role-assignment]
[--ssh-key-value]
[--tags]
[--vnet-subnet-id]
[--workspace-resource-id]

Examples

Create a Kubernetes cluster with an existing SSH public key.

az aks create -g MyResourceGroup -n MyManagedCluster --ssh-key-value /path/to/publickey

Create a Kubernetes cluster with a specific version.

az aks create -g MyResourceGroup -n MyManagedCluster --kubernetes-version 1.11.2

Create a Kubernetes cluster with a larger node pool.

az aks create -g MyResourceGroup -n MyManagedCluster --node-count 7

Create a kubernetes cluster with preview api version and cluster autosclaler enabled.

az aks create -g MyResourceGroup -n MyManagedCluster --kubernetes-version 1.11.2 --node-count 3 --enable-cluster-autoscaler --min-count 1 --max-count 5

Required Parameters

--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--aad-client-app-id

(PREVIEW) The ID of an Azure Active Directory client application of type "Native". This application is for user login via kubectl.

--aad-server-app-id

(PREVIEW) The ID of an Azure Active Directory server application of type "Web app/API". This application represents the managed cluster's apiserver (Server application).

--aad-server-app-secret

(PREVIEW) The secret of an Azure Active Directory server application.

--aad-tenant-id

(PREVIEW) The ID of an Azure Active Directory tenant.

--admin-username -u

User account to create on node VMs for SSH access.

default value: azureuser
--client-secret

Secret associated with the service principal. This argument is required if --service-principal is specified.

--disable-rbac

Disable Kubernetes Role-Based Access Control.

--dns-name-prefix -p

Prefix for hostnames that are created. If not specified, generate a hostname using the managed cluster and resource group names.

--dns-service-ip

An IP address assigned to the Kubernetes DNS service.

--docker-bridge-address

A specific IP address and netmask for the Docker bridge, using standard CIDR notation.

--enable-addons -a

Enable the Kubernetes addons in a comma-separated list.

--enable-cluster-autoscaler

Enable cluster autoscaler, default value is false.

--enable-rbac -r

Enable Kubernetes Role-Based Access Control. Default: enabled.

--enable-vmss

(PREVIEW) Enable VMSS agent type.

--generate-ssh-keys

Generate SSH public and private key files if missing.

--kubernetes-version -k

Version of Kubernetes to use for creating the cluster, such as "1.7.12" or "1.8.7".

value from: `az aks get-versions`
--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.

--max-count

Maximum nodes count used for auto scaler, when "--enable-cluster-autoscaler" specified. Please specifying the value in the range of [1, 100].

--max-pods -m

The maximum number of pods deployable to a node.

--min-count

Minimun nodes count used for auto scaler, when "--enable-cluster-autoscaler" specified. Please specifying the value in the range of [1, 100].

--network-plugin

The Kubernetes network plugin to use.

--network-policy

(PREVIEW) The Kubernetes network policy to use.

--no-ssh-key -x

Do not use or create a local SSH key.

--no-wait

Do not wait for the long-running operation to finish.

--node-count -c

Number of nodes in the Kubernetes node pool. It is required when --enable-cluster-autoscaler specified. After creating a cluster, you can change the size of its node pool with az aks scale.

default value: 3
--node-osdisk-size

Size in GB of the OS disk for each node in the node pool. Minimum 30 GB.

--node-vm-size -s

Size of Virtual Machines to create as Kubernetes nodes.

default value: Standard_DS2_v2
--nodepool-name

Node pool name, upto 12 alphanumeric characters.

default value: nodepool1
--pod-cidr

A CIDR notation IP range from which to assign pod IPs when kubenet is used.

--service-cidr

A CIDR notation IP range from which to assign service cluster IPs.

--service-principal

Service principal used for authentication to Azure APIs.

--skip-subnet-role-assignment

Skip role assignment for subnet (advanced networking).

--ssh-key-value

Public key path or key contents to install on node VMs for SSH access. For example, 'ssh-rsa AAAAB...snip...UcyupgH azureuser@linuxvm'.

default value: ~\.ssh\id_rsa.pub
--tags

Space-separated tags in 'key[=value]' format. Use "" to clear existing tags.

--vnet-subnet-id

The ID of a subnet in an existing VNet into which to deploy the cluster.

--workspace-resource-id

The resource ID of an existing Log Analytics Workspace to use for storing monitoring data. If not specified, uses the default Log Analytics Workspace if it exists, otherwise creates one.

az aks scale

Scale the node pool in a managed Kubernetes cluster.

az aks scale --name
--node-count
--resource-group
[--no-wait]
[--nodepool-name]

Required Parameters

--name -n

Name of the managed cluster.

--node-count -c

Number of nodes in the Kubernetes node pool.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--no-wait

Do not wait for the long-running operation to finish.

--nodepool-name

Node pool name, upto 12 alphanumeric characters.

az aks show

Show the details for a managed Kubernetes cluster.

az aks show --name
--resource-group

Required Parameters

--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

az aks update

Update a managed Kubernetes cluster to enable/disable cluster-autoscaler or change min-count or max-count.

az aks update --name
--resource-group
[--api-server-authorized-ip-ranges]
[--disable-cluster-autoscaler]
[--enable-cluster-autoscaler]
[--max-count]
[--min-count]
[--no-wait]
[--update-cluster-autoscaler]

Examples

Enable cluster-autoscaler within node count range [1,5]

az aks update --enable-cluster-autoscaler --min-count 1 --max-count 5 -g MyResourceGroup -n MyManagedCluster

Disable cluster-autoscaler for an existing cluster

az aks update --disable-cluster-autoscaler -g MyResourceGroup -n MyManagedCluster

Update min-count or max-count for cluster auto-scaler.

az aks update --update-cluster-autoscaler --min-count 1 --max-count 10 -g MyResourceGroup -n MyManagedCluster

Enable authorized IP ranges for apiserver.

az aks update --api-server-authorized-ip-ranges 172.0.0.10/16,168.10.0.10/18 -g MyResourceGroup -n MyManagedCluster

Required Parameters

--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--api-server-authorized-ip-ranges

List of authorized IP ranges (separated by comma) for apiserver. Set to "" for disabling it.

--disable-cluster-autoscaler -d

Disable cluster autoscaler.

--enable-cluster-autoscaler -e

Enable cluster autoscaler.

--max-count

Maximum nodes count used for auto scaler, when "--enable-cluster-autoscaler" specified. Please specifying the value in the range of [1, 100].

--min-count

Minimun nodes count used for auto scaler, when "--enable-cluster-autoscaler" specified. Please specifying the value in the range of [1, 100].

--no-wait

Do not wait for the long-running operation to finish.

--update-cluster-autoscaler -u

Update min-count or max-count for cluser auto-scaler.

az aks upgrade

Upgrade a managed Kubernetes cluster to a newer version.

az aks upgrade --kubernetes-version
--name
--resource-group
[--no-wait]
[--yes]

Required Parameters

--kubernetes-version -k

Version of Kubernetes to upgrade the cluster to, such as "1.11.12".

value from: `az aks get-upgrades`
--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--no-wait

Do not wait for the long-running operation to finish.

--yes -y

Do not prompt for confirmation.

az aks wait

Wait for a managed Kubernetes cluster to reach a desired state.

az aks wait --name
--resource-group
[--created]
[--custom]
[--deleted]
[--exists]
[--interval]
[--timeout]
[--updated]

Examples

Wait for a cluster to be upgraded, polling every minute for up to thirty minutes.

az aks wait -g MyResourceGroup -n MyManagedCluster --updated --interval 60 --timeout 1800

Required Parameters

--name -n

Name of the managed cluster.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--created

Wait until created with 'provisioningState' at 'Succeeded'.

--custom

Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].

--deleted

Wait until deleted.

--exists

Wait until the resource exists.

--interval

Polling interval in seconds.

default value: 30
--timeout

Maximum wait in seconds.

default value: 3600
--updated

Wait until updated with provisioningState at 'Succeeded'.