Troubleshoot the "SubnetIsFull" error code during an AKS cluster upgrade

This article discusses how to identify and resolve the "SubnetIsFull" error that occurs when you try to upgrade an Azure Kubernetes Service (AKS) cluster.

Here's an example of the error message:

Failed to scale node pool <AGENT POOL NAME>' in Kubernetes service '<NAME>'. Error: VMSSAgentPoolReconciler retry failed: Code='SubnetIsFull' Message='<SUBNET NAME>\ with address prefix <PREFIX>\ doesn't have enough capacity for IP addresses.' Details=[]

Prerequisites

This article requires Azure CLI version 2.0.65 or a later version. To find the version number, run az --version. If you have to install or upgrade Azure CLI, see How to install the Azure CLI.

For more detailed information about the upgrade process, see the "Upgrade an AKS cluster" section in Upgrade an Azure Kubernetes Service (AKS) cluster.

Symptoms

An AKS cluster upgrade fails, and you receive a "SubnetIsFull" error message.

Cause

This error occurs if your cluster doesn't have enough IP addresses to create a new node.

When you plan to do an upgrade or scaling operation, consider the number of required IP addresses. If the IP address range that you configured in the cluster supports only a fixed number of nodes, the upgrade or scaling operation will fail. For more information, see IP address planning for your Azure Kubernetes Service (AKS) clusters.

Solution

Reduce the cluster nodes to reserve IP addresses for the upgrade.

If scaling down isn't an option, and your virtual network CIDR has enough IP addresses, try to add a node pool that has a unique subnet:

  1. Add a new user node pool in the virtual network on a larger subnet.
  2. Switch the original node pool to a system node pool type.
  3. Scale up the user node pool.
  4. Scale down the original node pool.

More information

Contact us for help

If you have questions or need help, create a support request, or ask Azure community support. You can also submit product feedback to Azure feedback community.