แก้ไข

แชร์ผ่าน


Quotas, virtual machine size restrictions, and region availability in Azure Kubernetes Service (AKS)

All Azure services set default limits and quotas for resources and features, including usage restrictions for certain virtual machine (VM) SKUs.

This article details the default resource limits for Azure Kubernetes Service (AKS) resources and the availability of AKS in Azure regions.

Service quotas and limits

Resource Limit
Maximum clusters per subscription globally 5,000
Maximum clusters per subscription per region 1 100
Maximum nodes per cluster with Virtual Machine Scale Sets and Standard Load Balancer SKU 5,000 across all node pools
Note: If you're unable to scale up to 5,000 nodes per cluster, see Best Practices for Large Clusters.
Maximum nodes per node pool (Virtual Machine Scale Sets node pools) 1000
Maximum node pools per cluster 100
Maximum pods per node: with Kubenet networking plug-in1 Maximum: 250
Azure CLI default: 110
Azure Resource Manager template default: 110
Azure portal deployment default: 30
Maximum pods per node: with Azure Container Networking Interface (Azure CNI)2 Maximum: 250
Maximum recommended for Windows Server containers: 110
Default: 30
Open Service Mesh (OSM) AKS addon Kubernetes Cluster Version: AKS Supported Versions
OSM controllers per cluster: 1
Pods per OSM controller: 1600
Kubernetes service accounts managed by OSM: 160
Maximum load-balanced kubernetes services per cluster with Standard Load Balancer SKU 300
Maximum nodes per cluster with Virtual Machine Availability Sets and Basic Load Balancer SKU 100

1 More are allowed upon request.
2 Windows Server containers must use Azure CNI networking plug-in. Kubenet isn't supported for Windows Server containers.

Kubernetes Control Plane tier Limit
Standard tier Automatically scales Kubernetes API server based on load. Larger control plane component limits and API server/etcd instances.
Free tier Limited resources with inflight requests limit of 50 mutating and 100 read-only calls. Recommended node limit of 10 nodes per cluster. Best for experimenting, learning, and simple testing. Not advised for production/critical workloads.

Throttling limits on AKS resource provider APIs

AKS uses the token bucket throttling algorithm to limit certain AKS resource provider APIs. This ensures the performance of the service and promotes fair usage of the service for all customers.

The buckets have a fixed size and refill over time at a fixed rate. Each throttling limit is in effect at the regional level for the specified resource in that region.

API request Bucket size Refill rate Resource
LIST 500 requests 1 requests / 1 second Subscription
PUT 20 requests 1 request / 1 minute AgentPools
PUT 20 requests 1 request / 1 minute ManagedClusters

Note

The ManagedClusters and AgentPools buckets are counted separately for the same AKS cluster.

If a request is throttled, the request will return HTTP response code 429 (Too Many Requests) and the error code will show as Throttled in the response. Each throttled request includes a Retry-After in the HTTP response header with the interval to wait before retrying, in seconds.

Provisioned infrastructure

All other network, compute, and storage limitations apply to the provisioned infrastructure. For the relevant limits, see Azure subscription and service limits.

Important

When you upgrade an AKS cluster, extra resources are temporarily consumed. These resources include available IP addresses in a virtual network subnet or virtual machine vCPU quota.

For Windows Server containers, you can perform an upgrade operation to apply the latest node updates. If you don't have the available IP address space or vCPU quota to handle these temporary resources, the cluster upgrade process will fail. For more information on the Windows Server node upgrade process, see Upgrade a node pool in AKS.

Supported VM sizes

The list of supported VM sizes in AKS is evolving with the release of new VM SKUs in Azure. Please follow the AKS release notes to stay informed of new supported SKUs.

Restricted VM sizes

VM sizes with fewer than two CPUs may not be used with AKS. Each node in an AKS cluster contains a fixed amount of compute resources such as vCPU and memory. If an AKS node contains insufficient compute resources, pods might fail to run correctly. To ensure that the required kube-system pods and your applications can reliably be scheduled, don't use B series VMs and the following VM SKUs in AKS on system node pools:

  • Standard_A0
  • Standard_A1
  • Standard_A1_v2
  • Standard_F1
  • Standard_F1s

For more information on VM types and their compute resources, see Sizes for virtual machines in Azure.

Supported container image sizes

AKS doesn't set a limit on the container image size. However, it's important to understand that the larger the container image, the higher the memory demand. This could potentially exceed resource limits or the overall available memory of worker nodes. By default, memory for VM size Standard_DS2_v2 for an AKS cluster is set to 7 GiB.

When a container image is very large (1 TiB or more), kubelet might not be able to pull it from your container registry to a node due to lack of disk space.

Region availability

For the latest list of where you can deploy and run clusters, see AKS region availability.

Cluster configuration presets in the Azure portal

When you create a cluster using the Azure portal, you can choose a preset configuration to quickly customize based on your scenario. You can modify any of the preset values at any time.

Preset Description
Production Standard Best for most applications serving production traffic with AKS recommended best practices.
Dev/Test Best for developing new workloads or testing existing workloads.
Production Economy Best for serving production traffic in a cost conscious way if your workloads can tolerate interruptions.
Production Enterprise Best for serving production traffic with rigorous permissions and hardened security.
Production Standard Dev/Test Production Economy Production Enterprise
System node pool node size Standard_D8ds_v5 Standard_DS2_v2 Standard_D8ds_v5 Standard_D16ds_v5
System node pool autoscaling range 2-5 nodes 2-100 nodes 2-5 nodes 2-5 nodes
User node pool node size Standard_D8ds_v5 - Standard_D8as_v4 Standard_D8ds_v5
User node pool autoscaling range 2-100 nodes - - 2-100 nodes
Private cluster - - -
Availability zones - -
Azure Policy - -
Azure Monitor - -
Secrets store CSI driver - -
Network configuration Azure CNI Kubenet Azure CNI Azure CNI
Network configuration Calico Calico Calico Calico
Authentication and Authorization Local accounts with Kubernetes RBAC Local accounts with Kubernetes RBAC Azure AD Authentication with Azure RBAC Azure AD authentication with Azure RBAC

Next steps

You can increase certain default limits and quotas. If your resource supports an increase, request the increase through an Azure support request (for Issue type, select Quota).