Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
- Latest
- 2025-05-01
- 2025-04-02-preview
- 2025-04-01
- 2025-03-02-preview
- 2025-03-01
- 2025-02-02-preview
- 2025-02-01
- 2025-01-02-preview
- 2025-01-01
- 2024-10-02-preview
- 2024-10-01
- 2024-09-02-preview
- 2024-09-01
- 2024-08-01
- 2024-07-02-preview
- 2024-07-01
- 2024-06-02-preview
- 2024-05-02-preview
- 2024-05-01
- 2024-04-02-preview
- 2024-03-02-preview
- 2024-02-02-preview
- 2024-02-01
- 2024-01-02-preview
- 2024-01-01
- 2023-11-02-preview
- 2023-11-01
- 2023-10-02-preview
- 2023-10-01
- 2023-09-02-preview
- 2023-09-01
- 2023-08-02-preview
- 2023-08-01
- 2023-07-02-preview
- 2023-07-01
- 2023-06-02-preview
- 2023-06-01
- 2023-05-02-preview
- 2023-05-01
- 2023-04-02-preview
- 2023-04-01
- 2023-03-02-preview
- 2023-03-01
- 2023-02-02-preview
- 2023-02-01
- 2023-01-02-preview
- 2023-01-01
- 2022-11-02-preview
- 2022-11-01
- 2022-10-02-preview
- 2022-09-02-preview
- 2022-09-01
- 2022-08-03-preview
- 2022-08-02-preview
- 2022-07-02-preview
- 2022-07-01
- 2022-06-02-preview
- 2022-06-01
- 2022-05-02-preview
- 2022-04-02-preview
- 2022-04-01
- 2022-03-02-preview
- 2022-03-01
- 2022-02-02-preview
- 2022-02-01
- 2022-01-02-preview
- 2022-01-01
- 2021-11-01-preview
- 2021-10-01
- 2021-09-01
- 2021-08-01
- 2021-07-01
- 2021-05-01
- 2021-03-01
- 2021-02-01
- 2020-12-01
- 2020-11-01
- 2020-09-01
- 2020-07-01
- 2020-06-01
- 2020-04-01
- 2020-03-01
- 2020-02-01
- 2020-01-01
- 2019-11-01
- 2019-10-01
- 2019-08-01
- 2019-06-01
- 2019-04-01
- 2019-02-01
Bicep resource definition
The managedClusters/agentPools resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.ContainerService/managedClusters/agentPools resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.ContainerService/managedClusters/agentPools@2025-05-01' = {
parent: resourceSymbolicName
name: 'string'
properties: {
availabilityZones: [
'string'
]
capacityReservationGroupID: 'string'
count: int
creationData: {
sourceResourceId: 'string'
}
enableAutoScaling: bool
enableEncryptionAtHost: bool
enableFIPS: bool
enableNodePublicIP: bool
enableUltraSSD: bool
gatewayProfile: {
publicIPPrefixSize: int
}
gpuInstanceProfile: 'string'
gpuProfile: {
driver: 'string'
}
hostGroupID: 'string'
kubeletConfig: {
allowedUnsafeSysctls: [
'string'
]
containerLogMaxFiles: int
containerLogMaxSizeMB: int
cpuCfsQuota: bool
cpuCfsQuotaPeriod: 'string'
cpuManagerPolicy: 'string'
failSwapOn: bool
imageGcHighThreshold: int
imageGcLowThreshold: int
podMaxPids: int
topologyManagerPolicy: 'string'
}
kubeletDiskType: 'string'
linuxOSConfig: {
swapFileSizeMB: int
sysctls: {
fsAioMaxNr: int
fsFileMax: int
fsInotifyMaxUserWatches: int
fsNrOpen: int
kernelThreadsMax: int
netCoreNetdevMaxBacklog: int
netCoreOptmemMax: int
netCoreRmemDefault: int
netCoreRmemMax: int
netCoreSomaxconn: int
netCoreWmemDefault: int
netCoreWmemMax: int
netIpv4IpLocalPortRange: 'string'
netIpv4NeighDefaultGcThresh1: int
netIpv4NeighDefaultGcThresh2: int
netIpv4NeighDefaultGcThresh3: int
netIpv4TcpFinTimeout: int
netIpv4TcpkeepaliveIntvl: int
netIpv4TcpKeepaliveProbes: int
netIpv4TcpKeepaliveTime: int
netIpv4TcpMaxSynBacklog: int
netIpv4TcpMaxTwBuckets: int
netIpv4TcpTwReuse: bool
netNetfilterNfConntrackBuckets: int
netNetfilterNfConntrackMax: int
vmMaxMapCount: int
vmSwappiness: int
vmVfsCachePressure: int
}
transparentHugePageDefrag: 'string'
transparentHugePageEnabled: 'string'
}
maxCount: int
maxPods: int
messageOfTheDay: 'string'
minCount: int
mode: 'string'
networkProfile: {
allowedHostPorts: [
{
portEnd: int
portStart: int
protocol: 'string'
}
]
applicationSecurityGroups: [
'string'
]
nodePublicIPTags: [
{
ipTagType: 'string'
tag: 'string'
}
]
}
nodeLabels: {
{customized property}: 'string'
}
nodePublicIPPrefixID: 'string'
nodeTaints: [
'string'
]
orchestratorVersion: 'string'
osDiskSizeGB: int
osDiskType: 'string'
osSKU: 'string'
osType: 'string'
podIPAllocationMode: 'string'
podSubnetID: 'string'
powerState: {
code: 'string'
}
proximityPlacementGroupID: 'string'
scaleDownMode: 'string'
scaleSetEvictionPolicy: 'string'
scaleSetPriority: 'string'
securityProfile: {
enableSecureBoot: bool
enableVTPM: bool
}
spotMaxPrice: int
status: {}
tags: {
{customized property}: 'string'
}
type: 'string'
upgradeSettings: {
drainTimeoutInMinutes: int
maxSurge: 'string'
maxUnavailable: 'string'
nodeSoakDurationInMinutes: int
undrainableNodeBehavior: 'string'
}
virtualMachineNodesStatus: [
{
count: int
size: 'string'
}
]
virtualMachinesProfile: {
scale: {
manual: [
{
count: int
size: 'string'
}
]
}
}
vmSize: 'string'
vnetSubnetID: 'string'
windowsProfile: {
disableOutboundNat: bool
}
workloadRuntime: 'string'
}
}
Property Values
Microsoft.ContainerService/managedClusters/agentPools
Name | Description | Value |
---|---|---|
name | The resource name | string Constraints: Min length = 1 Max length = 12 Pattern = ^[a-z][a-z0-9]{0,11}$ (required) |
parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: managedClusters |
properties | Properties of an agent pool. | ManagedClusterAgentPoolProfileProperties |
AgentPoolGatewayProfile
Name | Description | Value |
---|---|---|
publicIPPrefixSize | The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. | int Constraints: Min value = 28 Max value = 31 |
AgentPoolNetworkProfile
Name | Description | Value |
---|---|---|
allowedHostPorts | The port ranges that are allowed to access. The specified ranges are allowed to overlap. | PortRange[] |
applicationSecurityGroups | The IDs of the application security groups which agent pool will associate when created. | string[] |
nodePublicIPTags | IPTags of instance-level public IPs. | IPTag[] |
AgentPoolSecurityProfile
Name | Description | Value |
---|---|---|
enableSecureBoot | Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. | bool |
enableVTPM | vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. | bool |
AgentPoolStatus
Name | Description | Value |
---|
AgentPoolUpgradeSettings
Name | Description | Value |
---|---|---|
drainTimeoutInMinutes | The drain timeout for a node. The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes. | int Constraints: Min value = 1 Max value = 1440 |
maxSurge | The maximum number or percentage of nodes that are surged during upgrade. This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 10%. For more information, including best practices, see: /azure/aks/upgrade-cluster | string |
maxUnavailable | The maximum number or percentage of nodes that can be simultaneously unavailable during upgrade. This can either be set to an integer (e.g. '1') or a percentage (e.g. '5%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 0. For more information, including best practices, see: /azure/aks/upgrade-cluster | string |
nodeSoakDurationInMinutes | The soak duration for a node. The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes. | int Constraints: Min value = 0 Max value = 30 |
undrainableNodeBehavior | Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. | 'Cordon' 'Schedule' |
AgentPoolWindowsProfile
Name | Description | Value |
---|---|---|
disableOutboundNat | Whether to disable OutboundNAT in windows nodes. The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled. | bool |
CreationData
Name | Description | Value |
---|---|---|
sourceResourceId | This is the ARM ID of the source object to be used to create the target object. | string |
GPUProfile
Name | Description | Value |
---|---|---|
driver | Whether to install GPU drivers. When it's not specified, default is Install. | 'Install' 'None' |
IPTag
Name | Description | Value |
---|---|---|
ipTagType | The IP tag type. Example: RoutingPreference. | string |
tag | The value of the IP tag associated with the public IP. Example: Internet. | string |
KubeletConfig
Name | Description | Value |
---|---|---|
allowedUnsafeSysctls | Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in * ). |
string[] |
containerLogMaxFiles | The maximum number of container log files that can be present for a container. The number must be ≥ 2. | int Constraints: Min value = 2 |
containerLogMaxSizeMB | The maximum size (e.g. 10Mi) of container log file before it is rotated. | int |
cpuCfsQuota | If CPU CFS quota enforcement is enabled for containers that specify CPU limits. The default is true. | bool |
cpuCfsQuotaPeriod | The CPU CFS quota period value. The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. | string |
cpuManagerPolicy | The CPU Manager policy to use. The default is 'none'. See Kubernetes CPU management policies for more information. Allowed values are 'none' and 'static'. | string |
failSwapOn | If set to true it will make the Kubelet fail to start if swap is enabled on the node. | bool |
imageGcHighThreshold | The percent of disk usage after which image garbage collection is always run. To disable image garbage collection, set to 100. The default is 85% | int |
imageGcLowThreshold | The percent of disk usage before which image garbage collection is never run. This cannot be set higher than imageGcHighThreshold. The default is 80% | int |
podMaxPids | The maximum number of processes per pod. | int |
topologyManagerPolicy | The Topology Manager policy to use. For more information see Kubernetes Topology Manager. The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'. | string |
LinuxOSConfig
Name | Description | Value |
---|---|---|
swapFileSizeMB | The size in MB of a swap file that will be created on each node. | int |
sysctls | Sysctl settings for Linux agent nodes. | SysctlConfig |
transparentHugePageDefrag | Whether the kernel should make aggressive use of memory compaction to make more hugepages available. Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see Transparent Hugepages. | string |
transparentHugePageEnabled | Whether transparent hugepages are enabled. Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see Transparent Hugepages. | string |
ManagedClusterAgentPoolProfileProperties
Name | Description | Value |
---|---|---|
availabilityZones | The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'. | string[] |
capacityReservationGroupID | AKS will associate the specified agent pool with the Capacity Reservation Group. | string |
count | Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. | int |
creationData | CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot. | CreationData |
enableAutoScaling | Whether to enable auto-scaler | bool |
enableEncryptionAtHost | Whether to enable host based OS and data drive encryption. This is only supported on certain VM sizes and in certain Azure regions. For more information, see: /azure/aks/enable-host-encryption | bool |
enableFIPS | Whether to use a FIPS-enabled OS. See Add a FIPS-enabled node pool for more details. | bool |
enableNodePublicIP | Whether each node is allocated its own public IP. Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false. | bool |
enableUltraSSD | Whether to enable UltraSSD | bool |
gatewayProfile | Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway. | AgentPoolGatewayProfile |
gpuInstanceProfile | GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU. | 'MIG1g' 'MIG2g' 'MIG3g' 'MIG4g' 'MIG7g' |
gpuProfile | GPU settings for the Agent Pool. | GPUProfile |
hostGroupID | The fully qualified resource ID of the Dedicated Host Group to provision virtual machines from, used only in creation scenario and not allowed to changed once set. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see Azure dedicated hosts. | string |
kubeletConfig | The Kubelet configuration on the agent pool nodes. | KubeletConfig |
kubeletDiskType | Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. | 'OS' 'Temporary' |
linuxOSConfig | The OS configuration of Linux agent nodes. | LinuxOSConfig |
maxCount | The maximum number of nodes for auto-scaling | int |
maxPods | The maximum number of pods that can run on a node. | int |
messageOfTheDay | Message of the day for Linux nodes, base64-encoded. A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script). | string |
minCount | The minimum number of nodes for auto-scaling | int |
mode | The mode of an agent pool. A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: /azure/aks/use-system-pools | 'Gateway' 'System' 'User' |
networkProfile | Network-related settings of an agent pool. | AgentPoolNetworkProfile |
nodeLabels | The node labels to be persisted across all nodes in agent pool. | ManagedClusterAgentPoolProfilePropertiesNodeLabels |
nodePublicIPPrefixID | The public IP prefix ID which VM nodes should use IPs from. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} | string |
nodeTaints | The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule. | string[] |
orchestratorVersion | The version of Kubernetes specified by the user. Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool. | string |
osDiskSizeGB | OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified. | int Constraints: Min value = 0 Max value = 2048 |
osDiskType | The OS disk type to be used for machines in the agent pool. The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see Ephemeral OS. | 'Ephemeral' 'Managed' |
osSKU | Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. | 'AzureLinux' 'CBLMariner' 'Ubuntu' 'Ubuntu2204' 'Windows2019' 'Windows2022' |
osType | The operating system type. The default is Linux. | 'Linux' 'Windows' |
podIPAllocationMode | Pod IP Allocation Mode. The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is 'DynamicIndividual'. | 'DynamicIndividual' 'StaticBlock' |
podSubnetID | The ID of the subnet which pods will join when launched. If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | string |
powerState | Whether the Agent Pool is running or stopped. When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded | PowerState |
proximityPlacementGroupID | The ID for Proximity Placement Group. | string |
scaleDownMode | The scale down mode to use when scaling the Agent Pool. This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete. | 'Deallocate' 'Delete' |
scaleSetEvictionPolicy | The Virtual Machine Scale Set eviction policy to use. This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'. | 'Deallocate' 'Delete' |
scaleSetPriority | The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'. | 'Regular' 'Spot' |
securityProfile | The security settings of an agent pool. | AgentPoolSecurityProfile |
spotMaxPrice | The max price (in US Dollars) you are willing to pay for spot instances. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand. Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing | int |
status | Contains read-only information about the Agent Pool. | AgentPoolStatus |
tags | The tags to be persisted on the agent pool virtual machine scale set. | ManagedClusterAgentPoolProfilePropertiesTags |
type | The type of Agent Pool. | 'AvailabilitySet' 'VirtualMachines' 'VirtualMachineScaleSets' |
upgradeSettings | Settings for upgrading the agentpool | AgentPoolUpgradeSettings |
virtualMachineNodesStatus | The status of nodes in a VirtualMachines agent pool. | VirtualMachineNodes[] |
virtualMachinesProfile | Specifications on VirtualMachines agent pool. | VirtualMachinesProfile |
vmSize | The size of the agent pool VMs. VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: /azure/aks/quotas-skus-regions | string |
vnetSubnetID | The ID of the subnet which agent pool nodes and optionally pods will join on startup. If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | string |
windowsProfile | The Windows agent pool's specific profile. | AgentPoolWindowsProfile |
workloadRuntime | Determines the type of workload a node can run. | 'OCIContainer' 'WasmWasi' |
ManagedClusterAgentPoolProfilePropertiesNodeLabels
Name | Description | Value |
---|
ManagedClusterAgentPoolProfilePropertiesTags
Name | Description | Value |
---|
ManualScaleProfile
Name | Description | Value |
---|---|---|
count | Number of nodes. | int |
size | VM size that AKS will use when creating and scaling e.g. 'Standard_E4s_v3', 'Standard_E16s_v3' or 'Standard_D16s_v5'. | string |
PortRange
Name | Description | Value |
---|---|---|
portEnd | The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart. | int Constraints: Min value = 1 Max value = 65535 |
portStart | The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd. | int Constraints: Min value = 1 Max value = 65535 |
protocol | The network protocol of the port. | 'TCP' 'UDP' |
PowerState
Name | Description | Value |
---|---|---|
code | Tells whether the cluster is Running or Stopped | 'Running' 'Stopped' |
ScaleProfile
Name | Description | Value |
---|---|---|
manual | Specifications on how to scale the VirtualMachines agent pool to a fixed size. | ManualScaleProfile[] |
SysctlConfig
Name | Description | Value |
---|---|---|
fsAioMaxNr | Sysctl setting fs.aio-max-nr. | int |
fsFileMax | Sysctl setting fs.file-max. | int |
fsInotifyMaxUserWatches | Sysctl setting fs.inotify.max_user_watches. | int |
fsNrOpen | Sysctl setting fs.nr_open. | int |
kernelThreadsMax | Sysctl setting kernel.threads-max. | int |
netCoreNetdevMaxBacklog | Sysctl setting net.core.netdev_max_backlog. | int |
netCoreOptmemMax | Sysctl setting net.core.optmem_max. | int |
netCoreRmemDefault | Sysctl setting net.core.rmem_default. | int |
netCoreRmemMax | Sysctl setting net.core.rmem_max. | int |
netCoreSomaxconn | Sysctl setting net.core.somaxconn. | int |
netCoreWmemDefault | Sysctl setting net.core.wmem_default. | int |
netCoreWmemMax | Sysctl setting net.core.wmem_max. | int |
netIpv4IpLocalPortRange | Sysctl setting net.ipv4.ip_local_port_range. | string |
netIpv4NeighDefaultGcThresh1 | Sysctl setting net.ipv4.neigh.default.gc_thresh1. | int |
netIpv4NeighDefaultGcThresh2 | Sysctl setting net.ipv4.neigh.default.gc_thresh2. | int |
netIpv4NeighDefaultGcThresh3 | Sysctl setting net.ipv4.neigh.default.gc_thresh3. | int |
netIpv4TcpFinTimeout | Sysctl setting net.ipv4.tcp_fin_timeout. | int |
netIpv4TcpkeepaliveIntvl | Sysctl setting net.ipv4.tcp_keepalive_intvl. | int Constraints: Min value = 10 Max value = 90 |
netIpv4TcpKeepaliveProbes | Sysctl setting net.ipv4.tcp_keepalive_probes. | int |
netIpv4TcpKeepaliveTime | Sysctl setting net.ipv4.tcp_keepalive_time. | int |
netIpv4TcpMaxSynBacklog | Sysctl setting net.ipv4.tcp_max_syn_backlog. | int |
netIpv4TcpMaxTwBuckets | Sysctl setting net.ipv4.tcp_max_tw_buckets. | int |
netIpv4TcpTwReuse | Sysctl setting net.ipv4.tcp_tw_reuse. | bool |
netNetfilterNfConntrackBuckets | Sysctl setting net.netfilter.nf_conntrack_buckets. | int Constraints: Min value = 65536 Max value = 524288 |
netNetfilterNfConntrackMax | Sysctl setting net.netfilter.nf_conntrack_max. | int Constraints: Min value = 131072 Max value = 2097152 |
vmMaxMapCount | Sysctl setting vm.max_map_count. | int |
vmSwappiness | Sysctl setting vm.swappiness. | int |
vmVfsCachePressure | Sysctl setting vm.vfs_cache_pressure. | int |
VirtualMachineNodes
Name | Description | Value |
---|---|---|
count | Number of nodes. | int |
size | The VM size of the agents used to host this group of nodes. | string |
VirtualMachinesProfile
Name | Description | Value |
---|---|---|
scale | Specifications on how to scale a VirtualMachines agent pool. | ScaleProfile |
ARM template resource definition
The managedClusters/agentPools resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.ContainerService/managedClusters/agentPools resource, add the following JSON to your template.
{
"type": "Microsoft.ContainerService/managedClusters/agentPools",
"apiVersion": "2025-05-01",
"name": "string",
"properties": {
"availabilityZones": [ "string" ],
"capacityReservationGroupID": "string",
"count": "int",
"creationData": {
"sourceResourceId": "string"
},
"enableAutoScaling": "bool",
"enableEncryptionAtHost": "bool",
"enableFIPS": "bool",
"enableNodePublicIP": "bool",
"enableUltraSSD": "bool",
"gatewayProfile": {
"publicIPPrefixSize": "int"
},
"gpuInstanceProfile": "string",
"gpuProfile": {
"driver": "string"
},
"hostGroupID": "string",
"kubeletConfig": {
"allowedUnsafeSysctls": [ "string" ],
"containerLogMaxFiles": "int",
"containerLogMaxSizeMB": "int",
"cpuCfsQuota": "bool",
"cpuCfsQuotaPeriod": "string",
"cpuManagerPolicy": "string",
"failSwapOn": "bool",
"imageGcHighThreshold": "int",
"imageGcLowThreshold": "int",
"podMaxPids": "int",
"topologyManagerPolicy": "string"
},
"kubeletDiskType": "string",
"linuxOSConfig": {
"swapFileSizeMB": "int",
"sysctls": {
"fsAioMaxNr": "int",
"fsFileMax": "int",
"fsInotifyMaxUserWatches": "int",
"fsNrOpen": "int",
"kernelThreadsMax": "int",
"netCoreNetdevMaxBacklog": "int",
"netCoreOptmemMax": "int",
"netCoreRmemDefault": "int",
"netCoreRmemMax": "int",
"netCoreSomaxconn": "int",
"netCoreWmemDefault": "int",
"netCoreWmemMax": "int",
"netIpv4IpLocalPortRange": "string",
"netIpv4NeighDefaultGcThresh1": "int",
"netIpv4NeighDefaultGcThresh2": "int",
"netIpv4NeighDefaultGcThresh3": "int",
"netIpv4TcpFinTimeout": "int",
"netIpv4TcpkeepaliveIntvl": "int",
"netIpv4TcpKeepaliveProbes": "int",
"netIpv4TcpKeepaliveTime": "int",
"netIpv4TcpMaxSynBacklog": "int",
"netIpv4TcpMaxTwBuckets": "int",
"netIpv4TcpTwReuse": "bool",
"netNetfilterNfConntrackBuckets": "int",
"netNetfilterNfConntrackMax": "int",
"vmMaxMapCount": "int",
"vmSwappiness": "int",
"vmVfsCachePressure": "int"
},
"transparentHugePageDefrag": "string",
"transparentHugePageEnabled": "string"
},
"maxCount": "int",
"maxPods": "int",
"messageOfTheDay": "string",
"minCount": "int",
"mode": "string",
"networkProfile": {
"allowedHostPorts": [
{
"portEnd": "int",
"portStart": "int",
"protocol": "string"
}
],
"applicationSecurityGroups": [ "string" ],
"nodePublicIPTags": [
{
"ipTagType": "string",
"tag": "string"
}
]
},
"nodeLabels": {
"{customized property}": "string"
},
"nodePublicIPPrefixID": "string",
"nodeTaints": [ "string" ],
"orchestratorVersion": "string",
"osDiskSizeGB": "int",
"osDiskType": "string",
"osSKU": "string",
"osType": "string",
"podIPAllocationMode": "string",
"podSubnetID": "string",
"powerState": {
"code": "string"
},
"proximityPlacementGroupID": "string",
"scaleDownMode": "string",
"scaleSetEvictionPolicy": "string",
"scaleSetPriority": "string",
"securityProfile": {
"enableSecureBoot": "bool",
"enableVTPM": "bool"
},
"spotMaxPrice": "int",
"status": {
},
"tags": {
"{customized property}": "string"
},
"type": "string",
"upgradeSettings": {
"drainTimeoutInMinutes": "int",
"maxSurge": "string",
"maxUnavailable": "string",
"nodeSoakDurationInMinutes": "int",
"undrainableNodeBehavior": "string"
},
"virtualMachineNodesStatus": [
{
"count": "int",
"size": "string"
}
],
"virtualMachinesProfile": {
"scale": {
"manual": [
{
"count": "int",
"size": "string"
}
]
}
},
"vmSize": "string",
"vnetSubnetID": "string",
"windowsProfile": {
"disableOutboundNat": "bool"
},
"workloadRuntime": "string"
}
}
Property Values
Microsoft.ContainerService/managedClusters/agentPools
Name | Description | Value |
---|---|---|
apiVersion | The api version | '2025-05-01' |
name | The resource name | string Constraints: Min length = 1 Max length = 12 Pattern = ^[a-z][a-z0-9]{0,11}$ (required) |
properties | Properties of an agent pool. | ManagedClusterAgentPoolProfileProperties |
type | The resource type | 'Microsoft.ContainerService/managedClusters/agentPools' |
AgentPoolGatewayProfile
Name | Description | Value |
---|---|---|
publicIPPrefixSize | The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. | int Constraints: Min value = 28 Max value = 31 |
AgentPoolNetworkProfile
Name | Description | Value |
---|---|---|
allowedHostPorts | The port ranges that are allowed to access. The specified ranges are allowed to overlap. | PortRange[] |
applicationSecurityGroups | The IDs of the application security groups which agent pool will associate when created. | string[] |
nodePublicIPTags | IPTags of instance-level public IPs. | IPTag[] |
AgentPoolSecurityProfile
Name | Description | Value |
---|---|---|
enableSecureBoot | Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. | bool |
enableVTPM | vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. | bool |
AgentPoolStatus
Name | Description | Value |
---|
AgentPoolUpgradeSettings
Name | Description | Value |
---|---|---|
drainTimeoutInMinutes | The drain timeout for a node. The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes. | int Constraints: Min value = 1 Max value = 1440 |
maxSurge | The maximum number or percentage of nodes that are surged during upgrade. This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 10%. For more information, including best practices, see: /azure/aks/upgrade-cluster | string |
maxUnavailable | The maximum number or percentage of nodes that can be simultaneously unavailable during upgrade. This can either be set to an integer (e.g. '1') or a percentage (e.g. '5%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 0. For more information, including best practices, see: /azure/aks/upgrade-cluster | string |
nodeSoakDurationInMinutes | The soak duration for a node. The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes. | int Constraints: Min value = 0 Max value = 30 |
undrainableNodeBehavior | Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. | 'Cordon' 'Schedule' |
AgentPoolWindowsProfile
Name | Description | Value |
---|---|---|
disableOutboundNat | Whether to disable OutboundNAT in windows nodes. The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled. | bool |
CreationData
Name | Description | Value |
---|---|---|
sourceResourceId | This is the ARM ID of the source object to be used to create the target object. | string |
GPUProfile
Name | Description | Value |
---|---|---|
driver | Whether to install GPU drivers. When it's not specified, default is Install. | 'Install' 'None' |
IPTag
Name | Description | Value |
---|---|---|
ipTagType | The IP tag type. Example: RoutingPreference. | string |
tag | The value of the IP tag associated with the public IP. Example: Internet. | string |
KubeletConfig
Name | Description | Value |
---|---|---|
allowedUnsafeSysctls | Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in * ). |
string[] |
containerLogMaxFiles | The maximum number of container log files that can be present for a container. The number must be ≥ 2. | int Constraints: Min value = 2 |
containerLogMaxSizeMB | The maximum size (e.g. 10Mi) of container log file before it is rotated. | int |
cpuCfsQuota | If CPU CFS quota enforcement is enabled for containers that specify CPU limits. The default is true. | bool |
cpuCfsQuotaPeriod | The CPU CFS quota period value. The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. | string |
cpuManagerPolicy | The CPU Manager policy to use. The default is 'none'. See Kubernetes CPU management policies for more information. Allowed values are 'none' and 'static'. | string |
failSwapOn | If set to true it will make the Kubelet fail to start if swap is enabled on the node. | bool |
imageGcHighThreshold | The percent of disk usage after which image garbage collection is always run. To disable image garbage collection, set to 100. The default is 85% | int |
imageGcLowThreshold | The percent of disk usage before which image garbage collection is never run. This cannot be set higher than imageGcHighThreshold. The default is 80% | int |
podMaxPids | The maximum number of processes per pod. | int |
topologyManagerPolicy | The Topology Manager policy to use. For more information see Kubernetes Topology Manager. The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'. | string |
LinuxOSConfig
Name | Description | Value |
---|---|---|
swapFileSizeMB | The size in MB of a swap file that will be created on each node. | int |
sysctls | Sysctl settings for Linux agent nodes. | SysctlConfig |
transparentHugePageDefrag | Whether the kernel should make aggressive use of memory compaction to make more hugepages available. Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see Transparent Hugepages. | string |
transparentHugePageEnabled | Whether transparent hugepages are enabled. Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see Transparent Hugepages. | string |
ManagedClusterAgentPoolProfileProperties
Name | Description | Value |
---|---|---|
availabilityZones | The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'. | string[] |
capacityReservationGroupID | AKS will associate the specified agent pool with the Capacity Reservation Group. | string |
count | Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. | int |
creationData | CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot. | CreationData |
enableAutoScaling | Whether to enable auto-scaler | bool |
enableEncryptionAtHost | Whether to enable host based OS and data drive encryption. This is only supported on certain VM sizes and in certain Azure regions. For more information, see: /azure/aks/enable-host-encryption | bool |
enableFIPS | Whether to use a FIPS-enabled OS. See Add a FIPS-enabled node pool for more details. | bool |
enableNodePublicIP | Whether each node is allocated its own public IP. Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false. | bool |
enableUltraSSD | Whether to enable UltraSSD | bool |
gatewayProfile | Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway. | AgentPoolGatewayProfile |
gpuInstanceProfile | GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU. | 'MIG1g' 'MIG2g' 'MIG3g' 'MIG4g' 'MIG7g' |
gpuProfile | GPU settings for the Agent Pool. | GPUProfile |
hostGroupID | The fully qualified resource ID of the Dedicated Host Group to provision virtual machines from, used only in creation scenario and not allowed to changed once set. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see Azure dedicated hosts. | string |
kubeletConfig | The Kubelet configuration on the agent pool nodes. | KubeletConfig |
kubeletDiskType | Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. | 'OS' 'Temporary' |
linuxOSConfig | The OS configuration of Linux agent nodes. | LinuxOSConfig |
maxCount | The maximum number of nodes for auto-scaling | int |
maxPods | The maximum number of pods that can run on a node. | int |
messageOfTheDay | Message of the day for Linux nodes, base64-encoded. A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script). | string |
minCount | The minimum number of nodes for auto-scaling | int |
mode | The mode of an agent pool. A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: /azure/aks/use-system-pools | 'Gateway' 'System' 'User' |
networkProfile | Network-related settings of an agent pool. | AgentPoolNetworkProfile |
nodeLabels | The node labels to be persisted across all nodes in agent pool. | ManagedClusterAgentPoolProfilePropertiesNodeLabels |
nodePublicIPPrefixID | The public IP prefix ID which VM nodes should use IPs from. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} | string |
nodeTaints | The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule. | string[] |
orchestratorVersion | The version of Kubernetes specified by the user. Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool. | string |
osDiskSizeGB | OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified. | int Constraints: Min value = 0 Max value = 2048 |
osDiskType | The OS disk type to be used for machines in the agent pool. The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see Ephemeral OS. | 'Ephemeral' 'Managed' |
osSKU | Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. | 'AzureLinux' 'CBLMariner' 'Ubuntu' 'Ubuntu2204' 'Windows2019' 'Windows2022' |
osType | The operating system type. The default is Linux. | 'Linux' 'Windows' |
podIPAllocationMode | Pod IP Allocation Mode. The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is 'DynamicIndividual'. | 'DynamicIndividual' 'StaticBlock' |
podSubnetID | The ID of the subnet which pods will join when launched. If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | string |
powerState | Whether the Agent Pool is running or stopped. When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded | PowerState |
proximityPlacementGroupID | The ID for Proximity Placement Group. | string |
scaleDownMode | The scale down mode to use when scaling the Agent Pool. This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete. | 'Deallocate' 'Delete' |
scaleSetEvictionPolicy | The Virtual Machine Scale Set eviction policy to use. This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'. | 'Deallocate' 'Delete' |
scaleSetPriority | The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'. | 'Regular' 'Spot' |
securityProfile | The security settings of an agent pool. | AgentPoolSecurityProfile |
spotMaxPrice | The max price (in US Dollars) you are willing to pay for spot instances. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand. Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing | int |
status | Contains read-only information about the Agent Pool. | AgentPoolStatus |
tags | The tags to be persisted on the agent pool virtual machine scale set. | ManagedClusterAgentPoolProfilePropertiesTags |
type | The type of Agent Pool. | 'AvailabilitySet' 'VirtualMachines' 'VirtualMachineScaleSets' |
upgradeSettings | Settings for upgrading the agentpool | AgentPoolUpgradeSettings |
virtualMachineNodesStatus | The status of nodes in a VirtualMachines agent pool. | VirtualMachineNodes[] |
virtualMachinesProfile | Specifications on VirtualMachines agent pool. | VirtualMachinesProfile |
vmSize | The size of the agent pool VMs. VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: /azure/aks/quotas-skus-regions | string |
vnetSubnetID | The ID of the subnet which agent pool nodes and optionally pods will join on startup. If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | string |
windowsProfile | The Windows agent pool's specific profile. | AgentPoolWindowsProfile |
workloadRuntime | Determines the type of workload a node can run. | 'OCIContainer' 'WasmWasi' |
ManagedClusterAgentPoolProfilePropertiesNodeLabels
Name | Description | Value |
---|
ManagedClusterAgentPoolProfilePropertiesTags
Name | Description | Value |
---|
ManualScaleProfile
Name | Description | Value |
---|---|---|
count | Number of nodes. | int |
size | VM size that AKS will use when creating and scaling e.g. 'Standard_E4s_v3', 'Standard_E16s_v3' or 'Standard_D16s_v5'. | string |
PortRange
Name | Description | Value |
---|---|---|
portEnd | The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart. | int Constraints: Min value = 1 Max value = 65535 |
portStart | The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd. | int Constraints: Min value = 1 Max value = 65535 |
protocol | The network protocol of the port. | 'TCP' 'UDP' |
PowerState
Name | Description | Value |
---|---|---|
code | Tells whether the cluster is Running or Stopped | 'Running' 'Stopped' |
ScaleProfile
Name | Description | Value |
---|---|---|
manual | Specifications on how to scale the VirtualMachines agent pool to a fixed size. | ManualScaleProfile[] |
SysctlConfig
Name | Description | Value |
---|---|---|
fsAioMaxNr | Sysctl setting fs.aio-max-nr. | int |
fsFileMax | Sysctl setting fs.file-max. | int |
fsInotifyMaxUserWatches | Sysctl setting fs.inotify.max_user_watches. | int |
fsNrOpen | Sysctl setting fs.nr_open. | int |
kernelThreadsMax | Sysctl setting kernel.threads-max. | int |
netCoreNetdevMaxBacklog | Sysctl setting net.core.netdev_max_backlog. | int |
netCoreOptmemMax | Sysctl setting net.core.optmem_max. | int |
netCoreRmemDefault | Sysctl setting net.core.rmem_default. | int |
netCoreRmemMax | Sysctl setting net.core.rmem_max. | int |
netCoreSomaxconn | Sysctl setting net.core.somaxconn. | int |
netCoreWmemDefault | Sysctl setting net.core.wmem_default. | int |
netCoreWmemMax | Sysctl setting net.core.wmem_max. | int |
netIpv4IpLocalPortRange | Sysctl setting net.ipv4.ip_local_port_range. | string |
netIpv4NeighDefaultGcThresh1 | Sysctl setting net.ipv4.neigh.default.gc_thresh1. | int |
netIpv4NeighDefaultGcThresh2 | Sysctl setting net.ipv4.neigh.default.gc_thresh2. | int |
netIpv4NeighDefaultGcThresh3 | Sysctl setting net.ipv4.neigh.default.gc_thresh3. | int |
netIpv4TcpFinTimeout | Sysctl setting net.ipv4.tcp_fin_timeout. | int |
netIpv4TcpkeepaliveIntvl | Sysctl setting net.ipv4.tcp_keepalive_intvl. | int Constraints: Min value = 10 Max value = 90 |
netIpv4TcpKeepaliveProbes | Sysctl setting net.ipv4.tcp_keepalive_probes. | int |
netIpv4TcpKeepaliveTime | Sysctl setting net.ipv4.tcp_keepalive_time. | int |
netIpv4TcpMaxSynBacklog | Sysctl setting net.ipv4.tcp_max_syn_backlog. | int |
netIpv4TcpMaxTwBuckets | Sysctl setting net.ipv4.tcp_max_tw_buckets. | int |
netIpv4TcpTwReuse | Sysctl setting net.ipv4.tcp_tw_reuse. | bool |
netNetfilterNfConntrackBuckets | Sysctl setting net.netfilter.nf_conntrack_buckets. | int Constraints: Min value = 65536 Max value = 524288 |
netNetfilterNfConntrackMax | Sysctl setting net.netfilter.nf_conntrack_max. | int Constraints: Min value = 131072 Max value = 2097152 |
vmMaxMapCount | Sysctl setting vm.max_map_count. | int |
vmSwappiness | Sysctl setting vm.swappiness. | int |
vmVfsCachePressure | Sysctl setting vm.vfs_cache_pressure. | int |
VirtualMachineNodes
Name | Description | Value |
---|---|---|
count | Number of nodes. | int |
size | The VM size of the agents used to host this group of nodes. | string |
VirtualMachinesProfile
Name | Description | Value |
---|---|---|
scale | Specifications on how to scale a VirtualMachines agent pool. | ScaleProfile |
Usage Examples
Azure Quickstart Templates
The following Azure Quickstart templates deploy this resource type.
Template | Description |
---|---|
Deploy an AKS cluster for Azure ML |
This template allows you to deploy an entreprise compliant AKS cluster which can be attached to Azure ML |
Terraform (AzAPI provider) resource definition
The managedClusters/agentPools resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.ContainerService/managedClusters/agentPools resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.ContainerService/managedClusters/agentPools@2025-05-01"
name = "string"
parent_id = "string"
body = {
properties = {
availabilityZones = [
"string"
]
capacityReservationGroupID = "string"
count = int
creationData = {
sourceResourceId = "string"
}
enableAutoScaling = bool
enableEncryptionAtHost = bool
enableFIPS = bool
enableNodePublicIP = bool
enableUltraSSD = bool
gatewayProfile = {
publicIPPrefixSize = int
}
gpuInstanceProfile = "string"
gpuProfile = {
driver = "string"
}
hostGroupID = "string"
kubeletConfig = {
allowedUnsafeSysctls = [
"string"
]
containerLogMaxFiles = int
containerLogMaxSizeMB = int
cpuCfsQuota = bool
cpuCfsQuotaPeriod = "string"
cpuManagerPolicy = "string"
failSwapOn = bool
imageGcHighThreshold = int
imageGcLowThreshold = int
podMaxPids = int
topologyManagerPolicy = "string"
}
kubeletDiskType = "string"
linuxOSConfig = {
swapFileSizeMB = int
sysctls = {
fsAioMaxNr = int
fsFileMax = int
fsInotifyMaxUserWatches = int
fsNrOpen = int
kernelThreadsMax = int
netCoreNetdevMaxBacklog = int
netCoreOptmemMax = int
netCoreRmemDefault = int
netCoreRmemMax = int
netCoreSomaxconn = int
netCoreWmemDefault = int
netCoreWmemMax = int
netIpv4IpLocalPortRange = "string"
netIpv4NeighDefaultGcThresh1 = int
netIpv4NeighDefaultGcThresh2 = int
netIpv4NeighDefaultGcThresh3 = int
netIpv4TcpFinTimeout = int
netIpv4TcpkeepaliveIntvl = int
netIpv4TcpKeepaliveProbes = int
netIpv4TcpKeepaliveTime = int
netIpv4TcpMaxSynBacklog = int
netIpv4TcpMaxTwBuckets = int
netIpv4TcpTwReuse = bool
netNetfilterNfConntrackBuckets = int
netNetfilterNfConntrackMax = int
vmMaxMapCount = int
vmSwappiness = int
vmVfsCachePressure = int
}
transparentHugePageDefrag = "string"
transparentHugePageEnabled = "string"
}
maxCount = int
maxPods = int
messageOfTheDay = "string"
minCount = int
mode = "string"
networkProfile = {
allowedHostPorts = [
{
portEnd = int
portStart = int
protocol = "string"
}
]
applicationSecurityGroups = [
"string"
]
nodePublicIPTags = [
{
ipTagType = "string"
tag = "string"
}
]
}
nodeLabels = {
{customized property} = "string"
}
nodePublicIPPrefixID = "string"
nodeTaints = [
"string"
]
orchestratorVersion = "string"
osDiskSizeGB = int
osDiskType = "string"
osSKU = "string"
osType = "string"
podIPAllocationMode = "string"
podSubnetID = "string"
powerState = {
code = "string"
}
proximityPlacementGroupID = "string"
scaleDownMode = "string"
scaleSetEvictionPolicy = "string"
scaleSetPriority = "string"
securityProfile = {
enableSecureBoot = bool
enableVTPM = bool
}
spotMaxPrice = int
status = {
}
tags = {
{customized property} = "string"
}
type = "string"
upgradeSettings = {
drainTimeoutInMinutes = int
maxSurge = "string"
maxUnavailable = "string"
nodeSoakDurationInMinutes = int
undrainableNodeBehavior = "string"
}
virtualMachineNodesStatus = [
{
count = int
size = "string"
}
]
virtualMachinesProfile = {
scale = {
manual = [
{
count = int
size = "string"
}
]
}
}
vmSize = "string"
vnetSubnetID = "string"
windowsProfile = {
disableOutboundNat = bool
}
workloadRuntime = "string"
}
}
}
Property Values
Microsoft.ContainerService/managedClusters/agentPools
Name | Description | Value |
---|---|---|
name | The resource name | string Constraints: Min length = 1 Max length = 12 Pattern = ^[a-z][a-z0-9]{0,11}$ (required) |
parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: managedClusters |
properties | Properties of an agent pool. | ManagedClusterAgentPoolProfileProperties |
type | The resource type | "Microsoft.ContainerService/managedClusters/agentPools@2025-05-01" |
AgentPoolGatewayProfile
Name | Description | Value |
---|---|---|
publicIPPrefixSize | The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 nodes/IPs, /28 = 16 nodes/IPs). The default value is 31. | int Constraints: Min value = 28 Max value = 31 |
AgentPoolNetworkProfile
Name | Description | Value |
---|---|---|
allowedHostPorts | The port ranges that are allowed to access. The specified ranges are allowed to overlap. | PortRange[] |
applicationSecurityGroups | The IDs of the application security groups which agent pool will associate when created. | string[] |
nodePublicIPTags | IPTags of instance-level public IPs. | IPTag[] |
AgentPoolSecurityProfile
Name | Description | Value |
---|---|---|
enableSecureBoot | Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. | bool |
enableVTPM | vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false. | bool |
AgentPoolStatus
Name | Description | Value |
---|
AgentPoolUpgradeSettings
Name | Description | Value |
---|---|---|
drainTimeoutInMinutes | The drain timeout for a node. The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes. | int Constraints: Min value = 1 Max value = 1440 |
maxSurge | The maximum number or percentage of nodes that are surged during upgrade. This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 10%. For more information, including best practices, see: /azure/aks/upgrade-cluster | string |
maxUnavailable | The maximum number or percentage of nodes that can be simultaneously unavailable during upgrade. This can either be set to an integer (e.g. '1') or a percentage (e.g. '5%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 0. For more information, including best practices, see: /azure/aks/upgrade-cluster | string |
nodeSoakDurationInMinutes | The soak duration for a node. The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes. | int Constraints: Min value = 0 Max value = 30 |
undrainableNodeBehavior | Defines the behavior for undrainable nodes during upgrade. The most common cause of undrainable nodes is Pod Disruption Budgets (PDBs), but other issues, such as pod termination grace period is exceeding the remaining per-node drain timeout or pod is still being in a running state, can also cause undrainable nodes. | 'Cordon' 'Schedule' |
AgentPoolWindowsProfile
Name | Description | Value |
---|---|---|
disableOutboundNat | Whether to disable OutboundNAT in windows nodes. The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled. | bool |
CreationData
Name | Description | Value |
---|---|---|
sourceResourceId | This is the ARM ID of the source object to be used to create the target object. | string |
GPUProfile
Name | Description | Value |
---|---|---|
driver | Whether to install GPU drivers. When it's not specified, default is Install. | 'Install' 'None' |
IPTag
Name | Description | Value |
---|---|---|
ipTagType | The IP tag type. Example: RoutingPreference. | string |
tag | The value of the IP tag associated with the public IP. Example: Internet. | string |
KubeletConfig
Name | Description | Value |
---|---|---|
allowedUnsafeSysctls | Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in * ). |
string[] |
containerLogMaxFiles | The maximum number of container log files that can be present for a container. The number must be ≥ 2. | int Constraints: Min value = 2 |
containerLogMaxSizeMB | The maximum size (e.g. 10Mi) of container log file before it is rotated. | int |
cpuCfsQuota | If CPU CFS quota enforcement is enabled for containers that specify CPU limits. The default is true. | bool |
cpuCfsQuotaPeriod | The CPU CFS quota period value. The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'. | string |
cpuManagerPolicy | The CPU Manager policy to use. The default is 'none'. See Kubernetes CPU management policies for more information. Allowed values are 'none' and 'static'. | string |
failSwapOn | If set to true it will make the Kubelet fail to start if swap is enabled on the node. | bool |
imageGcHighThreshold | The percent of disk usage after which image garbage collection is always run. To disable image garbage collection, set to 100. The default is 85% | int |
imageGcLowThreshold | The percent of disk usage before which image garbage collection is never run. This cannot be set higher than imageGcHighThreshold. The default is 80% | int |
podMaxPids | The maximum number of processes per pod. | int |
topologyManagerPolicy | The Topology Manager policy to use. For more information see Kubernetes Topology Manager. The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'. | string |
LinuxOSConfig
Name | Description | Value |
---|---|---|
swapFileSizeMB | The size in MB of a swap file that will be created on each node. | int |
sysctls | Sysctl settings for Linux agent nodes. | SysctlConfig |
transparentHugePageDefrag | Whether the kernel should make aggressive use of memory compaction to make more hugepages available. Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see Transparent Hugepages. | string |
transparentHugePageEnabled | Whether transparent hugepages are enabled. Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see Transparent Hugepages. | string |
ManagedClusterAgentPoolProfileProperties
Name | Description | Value |
---|---|---|
availabilityZones | The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'. | string[] |
capacityReservationGroupID | AKS will associate the specified agent pool with the Capacity Reservation Group. | string |
count | Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1. | int |
creationData | CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot. | CreationData |
enableAutoScaling | Whether to enable auto-scaler | bool |
enableEncryptionAtHost | Whether to enable host based OS and data drive encryption. This is only supported on certain VM sizes and in certain Azure regions. For more information, see: /azure/aks/enable-host-encryption | bool |
enableFIPS | Whether to use a FIPS-enabled OS. See Add a FIPS-enabled node pool for more details. | bool |
enableNodePublicIP | Whether each node is allocated its own public IP. Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see assigning a public IP per node. The default is false. | bool |
enableUltraSSD | Whether to enable UltraSSD | bool |
gatewayProfile | Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway. | AgentPoolGatewayProfile |
gpuInstanceProfile | GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU. | 'MIG1g' 'MIG2g' 'MIG3g' 'MIG4g' 'MIG7g' |
gpuProfile | GPU settings for the Agent Pool. | GPUProfile |
hostGroupID | The fully qualified resource ID of the Dedicated Host Group to provision virtual machines from, used only in creation scenario and not allowed to changed once set. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see Azure dedicated hosts. | string |
kubeletConfig | The Kubelet configuration on the agent pool nodes. | KubeletConfig |
kubeletDiskType | Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. | 'OS' 'Temporary' |
linuxOSConfig | The OS configuration of Linux agent nodes. | LinuxOSConfig |
maxCount | The maximum number of nodes for auto-scaling | int |
maxPods | The maximum number of pods that can run on a node. | int |
messageOfTheDay | Message of the day for Linux nodes, base64-encoded. A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script). | string |
minCount | The minimum number of nodes for auto-scaling | int |
mode | The mode of an agent pool. A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: /azure/aks/use-system-pools | 'Gateway' 'System' 'User' |
networkProfile | Network-related settings of an agent pool. | AgentPoolNetworkProfile |
nodeLabels | The node labels to be persisted across all nodes in agent pool. | ManagedClusterAgentPoolProfilePropertiesNodeLabels |
nodePublicIPPrefixID | The public IP prefix ID which VM nodes should use IPs from. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName} | string |
nodeTaints | The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule. | string[] |
orchestratorVersion | The version of Kubernetes specified by the user. Both patch version <major.minor.patch> (e.g. 1.20.13) and <major.minor> (e.g. 1.20) are supported. When <major.minor> is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same <major.minor> once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see upgrading a node pool. | string |
osDiskSizeGB | OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified. | int Constraints: Min value = 0 Max value = 2048 |
osDiskType | The OS disk type to be used for machines in the agent pool. The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see Ephemeral OS. | 'Ephemeral' 'Managed' |
osSKU | Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows. | 'AzureLinux' 'CBLMariner' 'Ubuntu' 'Ubuntu2204' 'Windows2019' 'Windows2022' |
osType | The operating system type. The default is Linux. | 'Linux' 'Windows' |
podIPAllocationMode | Pod IP Allocation Mode. The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is 'DynamicIndividual'. | 'DynamicIndividual' 'StaticBlock' |
podSubnetID | The ID of the subnet which pods will join when launched. If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | string |
powerState | Whether the Agent Pool is running or stopped. When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded | PowerState |
proximityPlacementGroupID | The ID for Proximity Placement Group. | string |
scaleDownMode | The scale down mode to use when scaling the Agent Pool. This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete. | 'Deallocate' 'Delete' |
scaleSetEvictionPolicy | The Virtual Machine Scale Set eviction policy to use. This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'. | 'Deallocate' 'Delete' |
scaleSetPriority | The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'. | 'Regular' 'Spot' |
securityProfile | The security settings of an agent pool. | AgentPoolSecurityProfile |
spotMaxPrice | The max price (in US Dollars) you are willing to pay for spot instances. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand. Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see spot VMs pricing | int |
status | Contains read-only information about the Agent Pool. | AgentPoolStatus |
tags | The tags to be persisted on the agent pool virtual machine scale set. | ManagedClusterAgentPoolProfilePropertiesTags |
type | The type of Agent Pool. | 'AvailabilitySet' 'VirtualMachines' 'VirtualMachineScaleSets' |
upgradeSettings | Settings for upgrading the agentpool | AgentPoolUpgradeSettings |
virtualMachineNodesStatus | The status of nodes in a VirtualMachines agent pool. | VirtualMachineNodes[] |
virtualMachinesProfile | Specifications on VirtualMachines agent pool. | VirtualMachinesProfile |
vmSize | The size of the agent pool VMs. VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: /azure/aks/quotas-skus-regions | string |
vnetSubnetID | The ID of the subnet which agent pool nodes and optionally pods will join on startup. If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName} | string |
windowsProfile | The Windows agent pool's specific profile. | AgentPoolWindowsProfile |
workloadRuntime | Determines the type of workload a node can run. | 'OCIContainer' 'WasmWasi' |
ManagedClusterAgentPoolProfilePropertiesNodeLabels
Name | Description | Value |
---|
ManagedClusterAgentPoolProfilePropertiesTags
Name | Description | Value |
---|
ManualScaleProfile
Name | Description | Value |
---|---|---|
count | Number of nodes. | int |
size | VM size that AKS will use when creating and scaling e.g. 'Standard_E4s_v3', 'Standard_E16s_v3' or 'Standard_D16s_v5'. | string |
PortRange
Name | Description | Value |
---|---|---|
portEnd | The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart. | int Constraints: Min value = 1 Max value = 65535 |
portStart | The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd. | int Constraints: Min value = 1 Max value = 65535 |
protocol | The network protocol of the port. | 'TCP' 'UDP' |
PowerState
Name | Description | Value |
---|---|---|
code | Tells whether the cluster is Running or Stopped | 'Running' 'Stopped' |
ScaleProfile
Name | Description | Value |
---|---|---|
manual | Specifications on how to scale the VirtualMachines agent pool to a fixed size. | ManualScaleProfile[] |
SysctlConfig
Name | Description | Value |
---|---|---|
fsAioMaxNr | Sysctl setting fs.aio-max-nr. | int |
fsFileMax | Sysctl setting fs.file-max. | int |
fsInotifyMaxUserWatches | Sysctl setting fs.inotify.max_user_watches. | int |
fsNrOpen | Sysctl setting fs.nr_open. | int |
kernelThreadsMax | Sysctl setting kernel.threads-max. | int |
netCoreNetdevMaxBacklog | Sysctl setting net.core.netdev_max_backlog. | int |
netCoreOptmemMax | Sysctl setting net.core.optmem_max. | int |
netCoreRmemDefault | Sysctl setting net.core.rmem_default. | int |
netCoreRmemMax | Sysctl setting net.core.rmem_max. | int |
netCoreSomaxconn | Sysctl setting net.core.somaxconn. | int |
netCoreWmemDefault | Sysctl setting net.core.wmem_default. | int |
netCoreWmemMax | Sysctl setting net.core.wmem_max. | int |
netIpv4IpLocalPortRange | Sysctl setting net.ipv4.ip_local_port_range. | string |
netIpv4NeighDefaultGcThresh1 | Sysctl setting net.ipv4.neigh.default.gc_thresh1. | int |
netIpv4NeighDefaultGcThresh2 | Sysctl setting net.ipv4.neigh.default.gc_thresh2. | int |
netIpv4NeighDefaultGcThresh3 | Sysctl setting net.ipv4.neigh.default.gc_thresh3. | int |
netIpv4TcpFinTimeout | Sysctl setting net.ipv4.tcp_fin_timeout. | int |
netIpv4TcpkeepaliveIntvl | Sysctl setting net.ipv4.tcp_keepalive_intvl. | int Constraints: Min value = 10 Max value = 90 |
netIpv4TcpKeepaliveProbes | Sysctl setting net.ipv4.tcp_keepalive_probes. | int |
netIpv4TcpKeepaliveTime | Sysctl setting net.ipv4.tcp_keepalive_time. | int |
netIpv4TcpMaxSynBacklog | Sysctl setting net.ipv4.tcp_max_syn_backlog. | int |
netIpv4TcpMaxTwBuckets | Sysctl setting net.ipv4.tcp_max_tw_buckets. | int |
netIpv4TcpTwReuse | Sysctl setting net.ipv4.tcp_tw_reuse. | bool |
netNetfilterNfConntrackBuckets | Sysctl setting net.netfilter.nf_conntrack_buckets. | int Constraints: Min value = 65536 Max value = 524288 |
netNetfilterNfConntrackMax | Sysctl setting net.netfilter.nf_conntrack_max. | int Constraints: Min value = 131072 Max value = 2097152 |
vmMaxMapCount | Sysctl setting vm.max_map_count. | int |
vmSwappiness | Sysctl setting vm.swappiness. | int |
vmVfsCachePressure | Sysctl setting vm.vfs_cache_pressure. | int |
VirtualMachineNodes
Name | Description | Value |
---|---|---|
count | Number of nodes. | int |
size | The VM size of the agents used to host this group of nodes. | string |
VirtualMachinesProfile
Name | Description | Value |
---|---|---|
scale | Specifications on how to scale a VirtualMachines agent pool. | ScaleProfile |