Azure Kubernetes Service (AKS)

Have feedback for Azure Kubernetes Service (AKS)? Submit your idea or vote up an idea submitted by others. All of the feedback you share here will be monitored and reviewed by the AKS team. Remember that this site is only for feature suggestions and ideas. If you have technical questions or issues, please submit them to our GitHub issues page or on StackOverflow.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support OIDC parameters

    Support configuring auth for AKS cluster (oidc-issuer-url etc).

    Related issue: https://github.com/Azure/AKS/issues/10

    22 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  2. AKS - Customize routetable name

    Many companies have naming rules that don't allow users to use the routetable created (and updated) by AKS.

    So we need to copy the content of the AKS routetable to the subnet routetable (which is a waste of time)

    For every company with strict naming rules it will be very useful to be able to give AKS the name of the routetable to create or manage.

    Thanks

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  3. Support Glusterfs

    We need distributed file system which supports geo-replication accross multiple cloud vendors.
    We have managed to deploy glusterfs with heketi on AKS but provisioning heketi REST API works only to be exposed to internet via public ip.
    When PVC of glusterfs storage class is created, kube-controller-manager running on master node will try to call heketi REST API endpoing (as set in glusterfs storage class) but this call fails dues to network restrictions in AKS. It works only if public IP is used for heketi but it's not viable solution for production. As master node is out of out control, we…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  4. flannel

    along with kubenet, azure-cni etc but for those in need of flannel virtual networks would be nice to have aks start supporting it

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  5. I would like to see Kubeseal (sealed-secrets) added to the CLI docker container

    RUN release=$(curl --silent "https://api.github.com/repos/bitnami-labs/sealed-secrets/releases/latest" | sed -n 's/.*"tag_name": *"\([^"]*\)".*/\1/p') && wget https://github.com/bitnami-labs/sealed-secrets/releases/download/$release/kubeseal-linux-amd64 && install -m 755 kubeseal-linux-amd64 /usr/local/bin/kubeseal

    You could add this to the docker image or some similar functionality as for installing devops extension etc would be fabulous :)

    This would make the client part of sealed-secret kubeseal available inside docker container

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  6. Adreand bya

    Adreand bya

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  7. Adreand bya

    Adreand bya

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  8. AKS masters should use real TLS cert instead of "Kubernetes Ingress Controller Fake Certificate"

    Currently masters are using fake TLS (SSL) cert. This could probably be fixed easily.

    openssl s_client -connect cluster-whatever.hcp.westeurope.azmk8s.io:443
    CONNECTED(00000005)
    depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate
    verify error:num=20:unable to get local issuer certificate
    verify return:1
    depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate
    verify error:num=21:unable to verify the first certificate
    verify return:1
    ---
    Certificate chain
    0 s:/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate
    i:/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate
    ---
    Server certificate
    -----BEGIN CERTIFICATE-----
    MIIDcDCCAligAwIBAgIRAM4H3...
    ....

    A7Ika/pFFeZcS5K+sfGjKUX6Pl8=
    -----END CERTIFICATE-----
    subject=/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate
    issuer=/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate
    --- …

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  9. Reverse Technolgy

    How Strong i have become

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  • Don't see your idea?

Feedback and Knowledge Base