Azure Kubernetes Service (AKS)

Have feedback for Azure Kubernetes Service (AKS)? Submit your idea or vote up an idea submitted by others. All of the feedback you share here will be monitored and reviewed by the AKS team. Remember that this site is only for feature suggestions and ideas. If you have technical questions or issues, please submit them to our GitHub issues page or on StackOverflow.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support OIDC parameters

    Support configuring auth for AKS cluster (oidc-issuer-url etc).

    Related issue: https://github.com/Azure/AKS/issues/10

    27 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  2. AKS - Customize routetable name

    Many companies have naming rules that don't allow users to use the routetable created (and updated) by AKS.

    So we need to copy the content of the AKS routetable to the subnet routetable (which is a waste of time)

    For every company with strict naming rules it will be very useful to be able to give AKS the name of the routetable to create or manage.

    Thanks

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  3. Support Glusterfs

    We need distributed file system which supports geo-replication accross multiple cloud vendors.
    We have managed to deploy glusterfs with heketi on AKS but provisioning heketi REST API works only to be exposed to internet via public ip.
    When PVC of glusterfs storage class is created, kube-controller-manager running on master node will try to call heketi REST API endpoing (as set in glusterfs storage class) but this call fails dues to network restrictions in AKS. It works only if public IP is used for heketi but it's not viable solution for production. As master node is out of out control, we…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  4. flannel

    along with kubenet, azure-cni etc but for those in need of flannel virtual networks would be nice to have aks start supporting it

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  5. AKS masters should use real TLS cert instead of "Kubernetes Ingress Controller Fake Certificate"

    Currently masters are using fake TLS (SSL) cert. This could probably be fixed easily.

    openssl s_client -connect cluster-whatever.hcp.westeurope.azmk8s.io:443
    CONNECTED(00000005)
    depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate
    verify error:num=20:unable to get local issuer certificate
    verify return:1
    depth=0 O = Acme Co, CN = Kubernetes Ingress Controller Fake Certificate
    verify error:num=21:unable to verify the first certificate

    verify return:1

    Certificate chain
    0 s:/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate

    i:/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate

    Server certificate
    -----BEGIN CERTIFICATE-----
    MIIDcDCCAligAwIBAgIRAM4H3...
    ....

    A7Ika/pFFeZcS5K+sfGjKUX6Pl8=
    -----END CERTIFICATE-----
    subject=/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate

    issuer=/O=Acme Co/CN=Kubernetes Ingress Controller Fake Certificate

    No client certificate…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  6. Need a clear service policy on host OS updates

    Hello AKS team,

    Can you please explicit the AKS service policy for OS updates on nodes (patches AND major updates) ?

    My question regards Windows nodes.
    We have dockerized our Windows apps and we're loooking for a managed hosting services (AKS(K8s) and WebApp for containers are the 2 alternatives in Azure...).

    For now, if I create new Windows nodes in AKS, I have to use the "az aks nodepool add" command with the "--os-type Windows" parameter.
    Thus, I do not controll tightly the host OS version for my nodes...


    • How/when OS updates are pushed to existing nodes ?

    • If a…
    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  7. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  8. Add installation of Helm to az cli.

    I would like to have the ability to install and setup Helm through az cli, similar to installation of kubect through az aks install-cli.

    Here is feature request opened in Azure/azure-cli repo:

    https://github.com/Azure/azure-cli/issues/11278

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  9. I would like to see Kubeseal (sealed-secrets) added to the CLI docker container

    RUN release=$(curl --silent "https://api.github.com/repos/bitnami-labs/sealed-secrets/releases/latest" | sed -n 's/."tag_name": "([^"])"./\1/p') && wget https://github.com/bitnami-labs/sealed-secrets/releases/download/$release/kubeseal-linux-amd64 && install -m 755 kubeseal-linux-amd64 /usr/local/bin/kubeseal

    You could add this to the docker image or some similar functionality as for installing devops extension etc would be fabulous :)

    This would make the client part of sealed-secret kubeseal available inside docker container

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  10. Adreand bya

    Adreand bya

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  11. Adreand bya

    Adreand bya

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  12. Reverse Technolgy

    How Strong i have become

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

  • Don't see your idea?

Feedback and Knowledge Base