Azure Kubernetes Service (AKS)

Have feedback for Azure Kubernetes Service (AKS)? Submit your idea or vote up an idea submitted by others. All of the feedback you share here will be monitored and reviewed by the AKS team. Remember that this site is only for feature suggestions and ideas. If you have technical questions or issues, please submit them to our GitHub issues page or on StackOverflow.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Native integration between AKS and Azure Key Vault

    It makes sense to have some sort of smart integration between kubernetes secrets and azure key vault.

    I.e.
    containers:

        env:
    
    - name: CLIENT_ID
    valueFrom:
    azureSecretKeyRef:
    name: client-details
    key: client-id

    215 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  2. Support zero node clusters

    The number of nodes in AKS can not be zero.

    A same request has been opened on GitHub.
    https://github.com/Azure/AKS/issues/52

    Managed Kubenetes services on both of AWS and GCP have the feature. Only Azure does not allow zero node clusters.

    EKS
    https://eksctl.io/usage/autoscaling/#scaling-up-from-0
    https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#how-can-i-scale-a-node-group-to-0

    GKE
    https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-autoscaler?hl=en

    We can manually deallocate nodes to save money from the Azure portal but in case that we want the capacity increased/decreased automatically as a job scheduler, we expect that the number of nodes is set to zero when there is no use and the size is expanded systematically on demand. Manual operation is not acceptable.

    79 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  3. Support PodPreset alpha feature

    https://kubernetes.io/docs/tasks/inject-data-application/podpreset/

    Some of my current workloads on acs-engine utilize PodPresets to add additional configuration to dynamically created Pods (e.g. by custom controllers which I'm not able to modify submission requests myself). It would be great if AKS would support this as well.

    The two steps required on the apiserver are:

    Adding "settings.k8s.io/v1alpha1=true" in the --runtime-config
    
    Adding PodPreset to --enable-admission-plugins.

    This feature request was moved from https://github.com/Azure/AKS/issues/450

    61 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  4. 54 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  5. Please add an option to deploy k8s cluster with cpuManagerPolicy static.

    https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#static-policy

    This option allows cpu pinning to be enabled on containers so that applications that are sensitive to context switches and require strong cpu isolation can benefit from this k8s feature.

    Please check my article regarding performance differences in ScyllaDB for a better understanding of the performance impact.

    https://www.scylladb.com/2018/08/09/cost-containerization-scylla/

    36 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add support for Kubernetes Federation

    Kubernetes Federation with support for Azure DNS and traffic manager. (similar to google and amazon support of k8i Federation)

    30 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →

    Kubernetes federation is not mature at this point. The v1 solution remains in an alpha state, with no path to GA. There is discussion around a V2 approach in sig-multicluster but it is still nascent. As a result, we have no near-term plans to enable it in AKS. If your goal is simply to run the same app across multiple clusters with traffic routing between them, you can mostly accomplish that with a good CI/CD pipeline and Azure Traffic Manager.

  7. IPv6 Container Support in AKS Cluster in Private Azure VNet

    Once K8s has a final release of IPv6 (https://github.com/kubernetes/features/issues/508) I would expect it can be packaged into Azure AKS with integration in CNI, but of this I am not certain.

    I wanted to put this request here formally to track a request to support IPv6 Containers inside an Azure Dual Stack VNet and Subnet.

    28 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  8. allow for changing the size of the default node size post cluster creation

    The default vm size is too small and it isn't possible to resize the default node from the docs etc.

    23 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  9. Enable AKS node memory swapping

    I know, for most k8s setups swap is not required and should not be. Working with pod resource requests/limits is the recommended way and the slogan is "the other nodes RAM is the new swap". Container applications should have control over memory allocation.

    Still, there are circumstances where swapping really could be a benefit, as in https://github.com/kubernetes/kubeadm/issues/610#issuecomment-368856831. Another example is to handle short burst of memory allocation without crashing the pod. Rescheduling on other node may result in the same result and you need to setup a complete new cluster with larger nodes => expensive and cumbersome.

    Requesting control-plane…

    18 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  10. There is no way to set api sever feature flags - fot SCTP support,

    i searched all along even az azure feature for microsoftcontainerservice namespace but no option. if it exists it is not clear in AKS documentation or FAQ or help notes.

    14 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  11. Enable apiserver metrics

    Enable apiserver metrics to monitor on prometheus

    14 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  12. Online resize of the PV/PVC for the kubernetes

    We dont have option of online resize of the PV/PVC when attached to the deployment and we can follow the below link for the same which requires scale down/up operations. But users need to resize the disk online while pod/deployment is running

    https://kubernetes.io/blog/2018/07/12/resizing-persistent-volumes-using-kubernetes/

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  13. Support to change kubelet config

    I've some pods using huge images, the image pulling was always timeout.
    To extend the timeout I need to update kubelet config but AKS doesn't support this feature.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  14. Consider adding ability to use custom CA cert

    We would like to provide the cluster with a specific CA cert to use instead of generating a new one when it's created. We have services outside AKS that needs to trust this CA and the cluster may be rebuilt and we would want to use the same CA when rebuilding it.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  15. Volume encryption for azure kubernetes service (AKS)

    Allow mounted volume encryption on AKS nodes out of the box including secret key integration with Azure key vault

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  16. Change the Time Zone in AKS Worker Nodes

    The current time zone of worker nodes is UTC by default. If customer wants to change it, then it is needed to change the time zone manually on each node. Also, such change will not take effect when customer scales up /upgrades cluster.

    It is not convenient when the pod time zone needs to sync with nodes.

    So could we add a feature that allows customer to configure the time zone of worker nodes?

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  17. Let kubernetes be aware of data disk attachment limitations or make the limit "soft"

    Currently there is a performance restraint on the data disks tied to a VM based on its size. https://blogs.technet.microsoft.com/uspartner_ts2team/2015/08/26/azure-vm-drive-attachment-limits/

    It will be good to either transform this limit to a "soft", one raising alerts instead of blocking the attachment and/or let kubernetes know that this node cannot attach new disks in order to schedule pods to different nodes.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  18. SLA for API Service

    A formal SLA for the AKS API that's not simply based on the worker nodes (VM SLA). The reason behind this is that in some cases the component of the service that is the slowest or can become unresponsive is the API, not the deployed nodes, at least during preview testing. Also, if the API is not accessible for an extended period of time, the inability to deploy or update services on the cluster could impact business.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  19. Support outbound IP Address per service

    I have an AKS deployed to a Virtual Network that is connected to on-premises environment. I have Firewall Appliance between the AKS cluster and on-premises in which I want to apply different allow/deny rules to.

    Today in AKS the outbound IP Address is always the first Frontend IP Address for the internal load balancer which makes it impossible to identify each service independently.

    I want to be able to have a outbound IP Address per service. In Enterprise scenarios that is what everyone is doing and AKS should support it.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add a customizable option to limit maximum PIDs limit used by container (pods-max-pids, SupportPodPidsLimit)

    There should be a way to protect node from runaway threads on single container - we've bit hit hard by this. We should be able to customize that limit and it should be customizable at least per cluster level.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Support for Kubernetes features  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3
  • Don't see your idea?

Feedback and Knowledge Base