Quotas, virtual machine size restrictions, and region availability in Azure Kubernetes Service (AKS)
All Azure services set default limits and quotas for resources and features, including usage restrictions for certain virtual machine (VM) SKUs.
This article details the default resource limits for Azure Kubernetes Service (AKS) resources and the availability of AKS in Azure regions.
Service quotas and limits
| Resource | Limit |
|---|---|
| Maximum clusters per subscription globally | 5,000 |
| Maximum clusters per subscription per region 1 | 100 |
| Maximum nodes per cluster with Virtual Machine Scale Sets and Standard Load Balancer SKU | 5,000 across all node pools Note: If you're unable to scale up to 5,000 nodes per cluster, see Best Practices for Large Clusters. |
| Maximum nodes per node pool (Virtual Machine Scale Sets node pools) | 1000 |
| Maximum node pools per cluster | 100 |
| Maximum pods per node: with Kubenet networking plug-in1 | Maximum: 250 Azure CLI default: 110 Azure Resource Manager template default: 110 Azure portal deployment default: 30 |
| Maximum pods per node: with Azure Container Networking Interface (Azure CNI)2 | Maximum: 250 Maximum recommended for Windows Server containers: 110 Default: 30 |
| Open Service Mesh (OSM) AKS addon | Kubernetes Cluster Version: AKS Supported Versions OSM controllers per cluster: 1 Pods per OSM controller: 1600 Kubernetes service accounts managed by OSM: 160 |
| Maximum load-balanced kubernetes services per cluster with Standard Load Balancer SKU | 300 |
| Maximum nodes per cluster with Virtual Machine Availability Sets and Basic Load Balancer SKU | 100 |
1 More are allowed upon request.
2 Windows Server containers must use Azure CNI networking plug-in. Kubenet isn't supported for Windows Server containers.
| Kubernetes Control Plane tier | Limit |
|---|---|
| Standard tier | Automatically scales Kubernetes API server based on load. Larger control plane component limits and API server/etcd instances. |
| Free tier | Limited resources with inflight requests limit of 50 mutating and 100 read-only calls. Recommended node limit of 10 nodes per cluster. Best for experimenting, learning, and simple testing. Not advised for production/critical workloads. |
Throttling limits on AKS resource provider APIs
AKS uses the token bucket throttling algorithm to limit certain AKS resource provider APIs. This ensures the performance of the service and promotes fair usage of the service for all customers.
The buckets have a fixed size and refill over time at a fixed rate. Each throttling limit is in effect at the regional level for the specified resource in that region.
| API request | Bucket size | Refill rate | Resource |
|---|---|---|---|
| LIST | 500 requests | 1 requests / 1 second | Subscription |
| PUT | 20 requests | 1 request / 1 minute | AgentPools |
| PUT | 20 requests | 1 request / 1 minute | ManagedClusters |
Note
The ManagedClusters and AgentPools buckets are counted separately for the same AKS cluster.
If a request is throttled, the request will return HTTP response code 429 (Too Many Requests) and the error code will show as Throttled in the response. Each throttled request includes a Retry-After in the HTTP response header with the interval to wait before retrying, in seconds.
Provisioned infrastructure
All other network, compute, and storage limitations apply to the provisioned infrastructure. For the relevant limits, see Azure subscription and service limits.
Important
When you upgrade an AKS cluster, extra resources are temporarily consumed. These resources include available IP addresses in a virtual network subnet or virtual machine vCPU quota.
For Windows Server containers, you can perform an upgrade operation to apply the latest node updates. If you don't have the available IP address space or vCPU quota to handle these temporary resources, the cluster upgrade process will fail. For more information on the Windows Server node upgrade process, see Upgrade a node pool in AKS.
Supported VM sizes
The list of supported VM sizes in AKS is evolving with the release of new VM SKUs in Azure. Please follow the AKS release notes to stay informed of new supported SKUs.
Restricted VM sizes
VM sizes with fewer than two CPUs may not be used with AKS. Each node in an AKS cluster contains a fixed amount of compute resources such as vCPU and memory. If an AKS node contains insufficient compute resources, pods might fail to run correctly. To ensure that the required kube-system pods and your applications can reliably be scheduled, don't use B series VMs and the following VM SKUs in AKS on system node pools:
- Standard_A0
- Standard_A1
- Standard_A1_v2
- Standard_F1
- Standard_F1s
For more information on VM types and their compute resources, see Sizes for virtual machines in Azure.
Supported container image sizes
AKS doesn't set a limit on the container image size. However, it's important to understand that the larger the container image, the higher the memory demand. This could potentially exceed resource limits or the overall available memory of worker nodes. By default, memory for VM size Standard_DS2_v2 for an AKS cluster is set to 7 GiB.
When a container image is very large (1 TiB or more), kubelet might not be able to pull it from your container registry to a node due to lack of disk space.
Region availability
For the latest list of where you can deploy and run clusters, see AKS region availability.
Cluster configuration presets in the Azure portal
When you create a cluster using the Azure portal, you can choose a preset configuration to quickly customize based on your scenario. You can modify any of the preset values at any time.
| Preset | Description |
|---|---|
| Production Standard | Best for most applications serving production traffic with AKS recommended best practices. |
| Dev/Test | Best for developing new workloads or testing existing workloads. |
| Production Economy | Best for serving production traffic in a cost conscious way if your workloads can tolerate interruptions. |
| Production Enterprise | Best for serving production traffic with rigorous permissions and hardened security. |
| Production Standard | Dev/Test | Production Economy | Production Enterprise | |
|---|---|---|---|---|
| System node pool node size | Standard_D8ds_v5 | Standard_DS2_v2 | Standard_D8ds_v5 | Standard_D16ds_v5 |
| System node pool autoscaling range | 2-5 nodes | 2-100 nodes | 2-5 nodes | 2-5 nodes |
| User node pool node size | Standard_D8ds_v5 | - | Standard_D8as_v4 | Standard_D8ds_v5 |
| User node pool autoscaling range | 2-100 nodes | - | - | 2-100 nodes |
| Private cluster | - | - | - | 
|
| Availability zones |
|
- | - |
|
| Azure Policy |
|
- | - |
|
| Azure Monitor |
|
- | - |
|
| Secrets store CSI driver |
|
- | - |
|
| Network configuration | Azure CNI | Kubenet | Azure CNI | Azure CNI |
| Network configuration | Calico | Calico | Calico | Calico |
| Authentication and Authorization | Local accounts with Kubernetes RBAC | Local accounts with Kubernetes RBAC | Azure AD Authentication with Azure RBAC | Azure AD authentication with Azure RBAC |
Next steps
You can increase certain default limits and quotas. If your resource supports an increase, request the increase through an Azure support request (for Issue type, select Quota).
Azure Kubernetes Service