Access Kubernetes resources from the Azure portal
The Azure portal includes a Kubernetes resource view for easy access to the Kubernetes resources in your Azure Kubernetes Service (AKS) cluster. Viewing Kubernetes resources from the Azure portal reduces context switching between the Azure portal and the
kubectl command-line tool, streamlining the experience for viewing and editing your Kubernetes resources. The resource viewer currently includes multiple resource types, such as deployments, pods, and replica sets.
The Kubernetes resource view from the Azure portal replaces the deprecated AKS dashboard add-on.
To view Kubernetes resources in the Azure portal, you need an AKS cluster. Any cluster is supported, but if you're using Azure Active Directory (Azure AD) integration, your cluster must use AKS-managed Azure AD integration. If your cluster uses legacy Azure AD, you can upgrade your cluster in the portal or with the Azure CLI. You can also use the Azure portal to create a new AKS cluster.
View Kubernetes resources
To see the Kubernetes resources, navigate to your AKS cluster in the Azure portal. The navigation pane on the left is used to access your resources. The resources include:
- Namespaces displays the namespaces of your cluster. The filter at the top of the namespace list provides a quick way to filter and display your namespace resources.
- Workloads shows information about deployments, pods, replica sets, stateful sets, daemon sets, jobs, and cron jobs deployed to your cluster. The screenshot below shows the default system pods in an example AKS cluster.
- Services and ingresses shows all of your cluster's service and ingress resources.
- Storage shows your Azure storage classes and persistent volume information.
- Configuration shows your cluster's config maps and secrets.
Deploy an application
In this example, we'll use our sample AKS cluster to deploy the Azure Vote application from the AKS quickstart.
- From the Services and ingresses resource view, select Create > Starter application.
- Under Create a basic web application, select Create.
- On the Application details page, select Next.
- On the Review YAML page, select Deploy.
Once the application is deployed, the resource view shows the two Kubernetes services:
- azure-vote-back: The internal service.
- azure-vote-front: The external service, which includes a linked external IP address so you can view the application in your browser.
Monitor deployment insights
AKS clusters with Container insights enabled can quickly view deployment and other insights. From the Kubernetes resources view, you can see the live status of individual deployments, including CPU and memory usage. You can also go to Azure Monitor for more in-depth information about specific nodes and containers.
Here's an example of deployment insights from a sample AKS cluster:
The Kubernetes resource view also includes a YAML editor. A built-in YAML editor means you can update or create services and deployments from within the portal and apply changes immediately.
To edit a YAML file for one of your resources, see the following steps:
- Navigate to your resource in the Azure portal.
- Select YAML and make your desired edits.
- Select Review + save > Confirm manifest changes > Save.
We don't recommend performing direct production changes via UI or CLI. Instead, you should leverage continuous integration (CI) and continuous deployment (CD) best practices. The Azure portal Kubernetes management capabilities, such as the YAML editor, are built for learning and flighting new deployments in a development and testing setting.
This section addresses common problems and troubleshooting steps.
To access the Kubernetes resources, you must have access to the AKS cluster, the Kubernetes API, and the Kubernetes objects. Ensure that you're either a cluster administrator or a user with the appropriate permissions to access the AKS cluster. For more information on cluster security, see Access and identity options for AKS.
The Kubernetes resource view in the Azure portal is only supported by managed-AAD enabled clusters or non-AAD enabled clusters. If you're using a managed-AAD enabled cluster, your AAD user or identity needs to have the respective roles/role bindings to access the Kubernetes API and the permission to pull the user
Enable resource view
For existing clusters, you may need to enable the Kubernetes resource view. To enable the resource view, follow the prompts in the portal for your cluster.
You can add the AKS feature for API server authorized IP ranges to limit API server access to only the firewall's public endpoint. Another option is to update the
-ApiServerAccessAuthorizedIpRange to include access for a local client computer or IP address range (from which portal is being browsed). To allow this access, you need the computer's public IPv4 address. You can find this address with the following command or you can search "what is my IP address" in your browser.
# Retrieve your IP address CURRENT_IP=$(dig +short myip.opendns.com @resolver1.opendns.com)
# Add to AKS approved list az aks update -g $RG -n $AKSNAME --api-server-authorized-ip-ranges $CURRENT_IP/32
This article showed you how to access Kubernetes resources from the Azure portal. For more information on cluster resources, see Deployments and YAML manifests.