{ "description": "Generator information:\n- Generated from: /containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/managedClusters.json\n- ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/agentPools/{agentPoolName}", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "properties": { "availabilityZones": { "description": "AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType\nproperty is 'VirtualMachineScaleSets'.", "items": { "type": "string" }, "type": "array" }, "azureName": { "description": "AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it\ndoesn't have to be.", "maxLength": 12, "minLength": 1, "pattern": "^[a-z][a-z0-9]{0,11}$", "type": "string" }, "capacityReservationGroupReference": { "description": "CapacityReservationGroupReference: AKS will associate the specified agent pool with the Capacity Reservation Group.", "properties": { "armId": { "description": "ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.\nThe /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level\nARMID is mutually exclusive with Group, Kind, Namespace and Name.", "pattern": "(?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$)", "type": "string" }, "group": { "description": "Group is the Kubernetes group of the resource.", "type": "string" }, "kind": { "description": "Kind is the Kubernetes kind of the resource.", "type": "string" }, "name": { "description": "Name is the Kubernetes name of the resource.", "type": "string" } }, "type": "object", "additionalProperties": false }, "count": { "description": "Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive)\nfor user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", "type": "integer" }, "creationData": { "description": "CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using\na snapshot.", "properties": { "sourceResourceReference": { "description": "SourceResourceReference: This is the ARM ID of the source object to be used to create the target object.", "properties": { "armId": { "description": "ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.\nThe /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level\nARMID is mutually exclusive with Group, Kind, Namespace and Name.", "pattern": "(?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$)", "type": "string" }, "group": { "description": "Group is the Kubernetes group of the resource.", "type": "string" }, "kind": { "description": "Kind is the Kubernetes kind of the resource.", "type": "string" }, "name": { "description": "Name is the Kubernetes name of the resource.", "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object", "additionalProperties": false }, "enableAutoScaling": { "description": "EnableAutoScaling: Whether to enable auto-scaler", "type": "boolean" }, "enableEncryptionAtHost": { "description": "EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information,\nsee: https://docs.microsoft.com/azure/aks/enable-host-encryption", "type": "boolean" }, "enableFIPS": { "description": "EnableFIPS: See [Add a FIPS-enabled node\npool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more\ndetails.", "type": "boolean" }, "enableNodePublicIP": { "description": "EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses.\nA common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine\nto minimize hops. For more information see [assigning a public IP per\nnode](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The\ndefault is false.", "type": "boolean" }, "enableUltraSSD": { "description": "EnableUltraSSD: Whether to enable UltraSSD", "type": "boolean" }, "gpuInstanceProfile": { "description": "GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", "enum": [ "MIG1g", "MIG2g", "MIG3g", "MIG4g", "MIG7g" ], "type": "string" }, "hostGroupReference": { "description": "HostGroupReference: This is of the form:\n/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}.\nFor more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", "properties": { "armId": { "description": "ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.\nThe /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level\nARMID is mutually exclusive with Group, Kind, Namespace and Name.", "pattern": "(?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$)", "type": "string" }, "group": { "description": "Group is the Kubernetes group of the resource.", "type": "string" }, "kind": { "description": "Kind is the Kubernetes kind of the resource.", "type": "string" }, "name": { "description": "Name is the Kubernetes name of the resource.", "type": "string" } }, "type": "object", "additionalProperties": false }, "kubeletConfig": { "description": "KubeletConfig: The Kubelet configuration on the agent pool nodes.", "properties": { "allowedUnsafeSysctls": { "description": "AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", "items": { "type": "string" }, "type": "array" }, "containerLogMaxFiles": { "description": "ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be\n\u2265 2.", "minimum": 2, "type": "integer" }, "containerLogMaxSizeMB": { "description": "ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.", "type": "integer" }, "cpuCfsQuota": { "description": "CpuCfsQuota: The default is true.", "type": "boolean" }, "cpuCfsQuotaPeriod": { "description": "CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and\na unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", "type": "string" }, "cpuManagerPolicy": { "description": "CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management\npolicies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more\ninformation. Allowed values are 'none' and 'static'.", "type": "string" }, "failSwapOn": { "description": "FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.", "type": "boolean" }, "imageGcHighThreshold": { "description": "ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%", "type": "integer" }, "imageGcLowThreshold": { "description": "ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%", "type": "integer" }, "podMaxPids": { "description": "PodMaxPids: The maximum number of processes per pod.", "type": "integer" }, "topologyManagerPolicy": { "description": "TopologyManagerPolicy: For more information see [Kubernetes Topology\nManager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values\nare 'none', 'best-effort', 'restricted', and 'single-numa-node'.", "type": "string" } }, "type": "object", "additionalProperties": false }, "kubeletDiskType": { "description": "KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral\nstorage.", "enum": [ "OS", "Temporary" ], "type": "string" }, "linuxOSConfig": { "description": "LinuxOSConfig: The OS configuration of Linux agent nodes.", "properties": { "swapFileSizeMB": { "description": "SwapFileSizeMB: The size in MB of a swap file that will be created on each node.", "type": "integer" }, "sysctls": { "description": "Sysctls: Sysctl settings for Linux agent nodes.", "properties": { "fsAioMaxNr": { "description": "FsAioMaxNr: Sysctl setting fs.aio-max-nr.", "type": "integer" }, "fsFileMax": { "description": "FsFileMax: Sysctl setting fs.file-max.", "type": "integer" }, "fsInotifyMaxUserWatches": { "description": "FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.", "type": "integer" }, "fsNrOpen": { "description": "FsNrOpen: Sysctl setting fs.nr_open.", "type": "integer" }, "kernelThreadsMax": { "description": "KernelThreadsMax: Sysctl setting kernel.threads-max.", "type": "integer" }, "netCoreNetdevMaxBacklog": { "description": "NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.", "type": "integer" }, "netCoreOptmemMax": { "description": "NetCoreOptmemMax: Sysctl setting net.core.optmem_max.", "type": "integer" }, "netCoreRmemDefault": { "description": "NetCoreRmemDefault: Sysctl setting net.core.rmem_default.", "type": "integer" }, "netCoreRmemMax": { "description": "NetCoreRmemMax: Sysctl setting net.core.rmem_max.", "type": "integer" }, "netCoreSomaxconn": { "description": "NetCoreSomaxconn: Sysctl setting net.core.somaxconn.", "type": "integer" }, "netCoreWmemDefault": { "description": "NetCoreWmemDefault: Sysctl setting net.core.wmem_default.", "type": "integer" }, "netCoreWmemMax": { "description": "NetCoreWmemMax: Sysctl setting net.core.wmem_max.", "type": "integer" }, "netIpv4IpLocalPortRange": { "description": "NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.", "type": "string" }, "netIpv4NeighDefaultGcThresh1": { "description": "NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.", "type": "integer" }, "netIpv4NeighDefaultGcThresh2": { "description": "NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.", "type": "integer" }, "netIpv4NeighDefaultGcThresh3": { "description": "NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.", "type": "integer" }, "netIpv4TcpFinTimeout": { "description": "NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.", "type": "integer" }, "netIpv4TcpKeepaliveProbes": { "description": "NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.", "type": "integer" }, "netIpv4TcpKeepaliveTime": { "description": "NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.", "type": "integer" }, "netIpv4TcpMaxSynBacklog": { "description": "NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.", "type": "integer" }, "netIpv4TcpMaxTwBuckets": { "description": "NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.", "type": "integer" }, "netIpv4TcpTwReuse": { "description": "NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.", "type": "boolean" }, "netIpv4TcpkeepaliveIntvl": { "description": "NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.", "maximum": 90, "minimum": 10, "type": "integer" }, "netNetfilterNfConntrackBuckets": { "description": "NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.", "maximum": 524288, "minimum": 65536, "type": "integer" }, "netNetfilterNfConntrackMax": { "description": "NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.", "maximum": 2097152, "minimum": 131072, "type": "integer" }, "vmMaxMapCount": { "description": "VmMaxMapCount: Sysctl setting vm.max_map_count.", "type": "integer" }, "vmSwappiness": { "description": "VmSwappiness: Sysctl setting vm.swappiness.", "type": "integer" }, "vmVfsCachePressure": { "description": "VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.", "type": "integer" } }, "type": "object", "additionalProperties": false }, "transparentHugePageDefrag": { "description": "TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is\n'madvise'. For more information see [Transparent\nHugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", "type": "string" }, "transparentHugePageEnabled": { "description": "TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more\ninformation see [Transparent\nHugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", "type": "string" } }, "type": "object", "additionalProperties": false }, "maxCount": { "description": "MaxCount: The maximum number of nodes for auto-scaling", "type": "integer" }, "maxPods": { "description": "MaxPods: The maximum number of pods that can run on a node.", "type": "integer" }, "minCount": { "description": "MinCount: The minimum number of nodes for auto-scaling", "type": "integer" }, "mode": { "description": "Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool\nrestrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", "enum": [ "System", "User" ], "type": "string" }, "networkProfile": { "description": "NetworkProfile: Network-related settings of an agent pool.", "properties": { "allowedHostPorts": { "description": "AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.", "items": { "description": "The port range.", "properties": { "portEnd": { "description": "PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or\nequal to portStart.", "maximum": 65535, "minimum": 1, "type": "integer" }, "portStart": { "description": "PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or\nequal to portEnd.", "maximum": 65535, "minimum": 1, "type": "integer" }, "protocol": { "description": "Protocol: The network protocol of the port.", "enum": [ "TCP", "UDP" ], "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "applicationSecurityGroupsReferences": { "description": "ApplicationSecurityGroupsReferences: The IDs of the application security groups which agent pool will associate when\ncreated.", "items": { "description": "ResourceReference represents a resource reference, either to a Kubernetes resource or directly to an Azure resource via ARMID", "properties": { "armId": { "description": "ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.\nThe /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level\nARMID is mutually exclusive with Group, Kind, Namespace and Name.", "pattern": "(?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$)", "type": "string" }, "group": { "description": "Group is the Kubernetes group of the resource.", "type": "string" }, "kind": { "description": "Kind is the Kubernetes kind of the resource.", "type": "string" }, "name": { "description": "Name is the Kubernetes name of the resource.", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "nodePublicIPTags": { "description": "NodePublicIPTags: IPTags of instance-level public IPs.", "items": { "description": "Contains the IPTag associated with the object.", "properties": { "ipTagType": { "description": "IpTagType: The IP tag type. Example: RoutingPreference.", "type": "string" }, "tag": { "description": "Tag: The value of the IP tag associated with the public IP. Example: Internet.", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "nodeLabels": { "additionalProperties": { "type": "string" }, "description": "NodeLabels: The node labels to be persisted across all nodes in agent pool.", "type": "object" }, "nodePublicIPPrefixReference": { "description": "NodePublicIPPrefixReference: This is of the form:\n/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", "properties": { "armId": { "description": "ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.\nThe /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level\nARMID is mutually exclusive with Group, Kind, Namespace and Name.", "pattern": "(?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$)", "type": "string" }, "group": { "description": "Group is the Kubernetes group of the resource.", "type": "string" }, "kind": { "description": "Kind is the Kubernetes kind of the resource.", "type": "string" }, "name": { "description": "Name is the Kubernetes name of the resource.", "type": "string" } }, "type": "object", "additionalProperties": false }, "nodeTaints": { "description": "NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", "items": { "type": "string" }, "type": "array" }, "operatorSpec": { "description": "OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not\npassed directly to Azure", "properties": { "configMapExpressions": { "description": "ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).", "items": { "description": "DestinationExpression is a CEL expression and a destination to store the result in. The destination may\nbe a secret or a configmap. The value of the expression is stored at the specified location in\nthe destination.", "properties": { "key": { "description": "Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string\nthis is required to identify what key to write to. If the CEL expression in Value returns a map[string]string\nKey must not be set, instead the keys written will be determined dynamically based on the keys of the resulting\nmap[string]string.", "type": "string" }, "name": { "description": "Name is the name of the Kubernetes configmap or secret to write to.\nThe configmap or secret will be created in the same namespace as the resource.", "type": "string" }, "value": { "description": "Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information\non CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/", "type": "string" } }, "required": [ "name", "value" ], "type": "object", "additionalProperties": false }, "type": "array" }, "secretExpressions": { "description": "SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).", "items": { "description": "DestinationExpression is a CEL expression and a destination to store the result in. The destination may\nbe a secret or a configmap. The value of the expression is stored at the specified location in\nthe destination.", "properties": { "key": { "description": "Key is the key in the ConfigMap or Secret being written to. If the CEL expression in Value returns a string\nthis is required to identify what key to write to. If the CEL expression in Value returns a map[string]string\nKey must not be set, instead the keys written will be determined dynamically based on the keys of the resulting\nmap[string]string.", "type": "string" }, "name": { "description": "Name is the name of the Kubernetes configmap or secret to write to.\nThe configmap or secret will be created in the same namespace as the resource.", "type": "string" }, "value": { "description": "Value is a CEL expression. The CEL expression may return a string or a map[string]string. For more information\non CEL in ASO see https://azure.github.io/azure-service-operator/guide/expressions/", "type": "string" } }, "required": [ "name", "value" ], "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "orchestratorVersion": { "description": "OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported.\nWhen is specified, the latest supported GA patch version is chosen automatically. Updating the cluster\nwith the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer\npatch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same\nKubernetes version. The node pool version must have the same major version as the control plane. The node pool minor\nversion must be within two minor versions of the control plane version. The node pool version cannot be greater than the\ncontrol plane version. For more information see [upgrading a node\npool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", "type": "string" }, "osDiskSizeGB": { "maximum": 2048, "minimum": 0, "type": "integer" }, "osDiskType": { "description": "OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested\nOSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral\nOS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", "enum": [ "Ephemeral", "Managed" ], "type": "string" }, "osSKU": { "description": "OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019\nwhen Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", "enum": [ "AzureLinux", "CBLMariner", "Ubuntu", "Windows2019", "Windows2022" ], "type": "string" }, "osType": { "description": "OsType: The operating system type. The default is Linux.", "enum": [ "Linux", "Windows" ], "type": "string" }, "owner": { "description": "Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also\ncontrols the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a\nreference to a containerservice.azure.com/ManagedCluster resource", "properties": { "armId": { "pattern": "(?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$)", "type": "string" }, "name": { "description": "This is the name of the Kubernetes resource to reference.", "type": "string" } }, "type": "object", "additionalProperties": false }, "podSubnetReference": { "description": "PodSubnetReference: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details).\nThis is of the form:\n/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", "properties": { "armId": { "description": "ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.\nThe /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level\nARMID is mutually exclusive with Group, Kind, Namespace and Name.", "pattern": "(?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$)", "type": "string" }, "group": { "description": "Group is the Kubernetes group of the resource.", "type": "string" }, "kind": { "description": "Kind is the Kubernetes kind of the resource.", "type": "string" }, "name": { "description": "Name is the Kubernetes name of the resource.", "type": "string" } }, "type": "object", "additionalProperties": false }, "powerState": { "description": "PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this\nfield to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only\nbe stopped if it is Running and provisioning state is Succeeded", "properties": { "code": { "description": "Code: Tells whether the cluster is Running or Stopped", "enum": [ "Running", "Stopped" ], "type": "string" } }, "type": "object", "additionalProperties": false }, "proximityPlacementGroupReference": { "description": "ProximityPlacementGroupReference: The ID for Proximity Placement Group.", "properties": { "armId": { "description": "ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.\nThe /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level\nARMID is mutually exclusive with Group, Kind, Namespace and Name.", "pattern": "(?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$)", "type": "string" }, "group": { "description": "Group is the Kubernetes group of the resource.", "type": "string" }, "kind": { "description": "Kind is the Kubernetes kind of the resource.", "type": "string" }, "name": { "description": "Name is the Kubernetes name of the resource.", "type": "string" } }, "type": "object", "additionalProperties": false }, "scaleDownMode": { "description": "ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", "enum": [ "Deallocate", "Delete" ], "type": "string" }, "scaleSetEvictionPolicy": { "description": "ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is\n'Delete'.", "enum": [ "Deallocate", "Delete" ], "type": "string" }, "scaleSetPriority": { "description": "ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", "enum": [ "Regular", "Spot" ], "type": "string" }, "securityProfile": { "description": "SecurityProfile: The security settings of an agent pool.", "properties": { "enableSecureBoot": { "description": "EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and\ndrivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.", "type": "boolean" }, "enableVTPM": { "description": "EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held\nlocally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.", "type": "boolean" } }, "type": "object", "additionalProperties": false }, "spotMaxPrice": { "description": "SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any\non-demand price. For more details on spot pricing, see [spot VMs\npricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", "type": "number" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags: The tags to be persisted on the agent pool virtual machine scale set.", "type": "object" }, "type": { "description": "Type: The type of Agent Pool.", "enum": [ "AvailabilitySet", "VirtualMachineScaleSets" ], "type": "string" }, "upgradeSettings": { "description": "UpgradeSettings: Settings for upgrading the agentpool", "properties": { "drainTimeoutInMinutes": { "description": "DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node.\nThis eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not\nspecified, the default is 30 minutes.", "maximum": 1440, "minimum": 1, "type": "integer" }, "maxSurge": { "description": "MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it\nis the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded\nup. If not specified, the default is 1. For more information, including best practices, see:\nhttps://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", "type": "string" }, "nodeSoakDurationInMinutes": { "description": "NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and\nmoving on to next node. If not specified, the default is 0 minutes.", "maximum": 30, "minimum": 0, "type": "integer" } }, "type": "object", "additionalProperties": false }, "vmSize": { "description": "VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods\nmight fail to run correctly. For more details on restricted VM sizes, see:\nhttps://docs.microsoft.com/azure/aks/quotas-skus-regions", "type": "string" }, "vnetSubnetReference": { "description": "VnetSubnetReference: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is\nspecified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form:\n/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", "properties": { "armId": { "description": "ARMID is a string of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.\nThe /resourcegroups/{resourceGroupName} bit is optional as some resources are scoped at the subscription level\nARMID is mutually exclusive with Group, Kind, Namespace and Name.", "pattern": "(?i)(^(/subscriptions/([^/]+)(/resourcegroups/([^/]+))?)?/providers/([^/]+)/([^/]+/[^/]+)(/([^/]+/[^/]+))*$|^/subscriptions/([^/]+)(/resourcegroups/([^/]+))?$)", "type": "string" }, "group": { "description": "Group is the Kubernetes group of the resource.", "type": "string" }, "kind": { "description": "Kind is the Kubernetes kind of the resource.", "type": "string" }, "name": { "description": "Name is the Kubernetes name of the resource.", "type": "string" } }, "type": "object", "additionalProperties": false }, "windowsProfile": { "description": "WindowsProfile: The Windows agent pool's specific profile.", "properties": { "disableOutboundNat": { "description": "DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT\nGateway and the Windows agent pool does not have node public IP enabled.", "type": "boolean" } }, "type": "object", "additionalProperties": false }, "workloadRuntime": { "description": "WorkloadRuntime: Determines the type of workload a node can run.", "enum": [ "OCIContainer", "WasmWasi" ], "type": "string" } }, "required": [ "owner" ], "type": "object", "additionalProperties": false }, "status": { "properties": { "availabilityZones": { "description": "AvailabilityZones: The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType\nproperty is 'VirtualMachineScaleSets'.", "items": { "type": "string" }, "type": "array" }, "capacityReservationGroupID": { "description": "CapacityReservationGroupID: AKS will associate the specified agent pool with the Capacity Reservation Group.", "type": "string" }, "conditions": { "description": "Conditions: The observed state of the resource", "items": { "description": "Condition defines an extension to status (an observation) of a resource", "properties": { "lastTransitionTime": { "description": "LastTransitionTime is the last time the condition transitioned from one status to another.", "format": "date-time", "type": "string" }, "message": { "description": "Message is a human readable message indicating details about the transition. This field may be empty.", "type": "string" }, "observedGeneration": { "description": "ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if\n.metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "type": "integer" }, "reason": { "description": "Reason for the condition's last transition.\nReasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty.", "type": "string" }, "severity": { "description": "Severity with which to treat failures of this type of condition.\nFor conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True\nFor conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False.\nThis is omitted in all cases when Status == Unknown", "type": "string" }, "status": { "description": "Status of the condition, one of True, False, or Unknown.", "type": "string" }, "type": { "description": "Type of condition.", "type": "string" } }, "required": [ "lastTransitionTime", "reason", "status", "type" ], "type": "object", "additionalProperties": false }, "type": "array" }, "count": { "description": "Count: Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive)\nfor user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", "type": "integer" }, "creationData": { "description": "CreationData: CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using\na snapshot.", "properties": { "sourceResourceId": { "description": "SourceResourceId: This is the ARM ID of the source object to be used to create the target object.", "type": "string" } }, "type": "object", "additionalProperties": false }, "currentOrchestratorVersion": { "description": "CurrentOrchestratorVersion: If orchestratorVersion is a fully specified version , this field will be\nexactly equal to it. If orchestratorVersion is , this field will contain the full \nversion being used.", "type": "string" }, "eTag": { "description": "ETag: Unique read-only string used to implement optimistic concurrency. The eTag value will change when the resource is\nupdated. Specify an if-match or if-none-match header with the eTag value for a subsequent request to enable optimistic\nconcurrency per the normal etag convention.", "type": "string" }, "enableAutoScaling": { "description": "EnableAutoScaling: Whether to enable auto-scaler", "type": "boolean" }, "enableEncryptionAtHost": { "description": "EnableEncryptionAtHost: This is only supported on certain VM sizes and in certain Azure regions. For more information,\nsee: https://docs.microsoft.com/azure/aks/enable-host-encryption", "type": "boolean" }, "enableFIPS": { "description": "EnableFIPS: See [Add a FIPS-enabled node\npool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more\ndetails.", "type": "boolean" }, "enableNodePublicIP": { "description": "EnableNodePublicIP: Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses.\nA common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine\nto minimize hops. For more information see [assigning a public IP per\nnode](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The\ndefault is false.", "type": "boolean" }, "enableUltraSSD": { "description": "EnableUltraSSD: Whether to enable UltraSSD", "type": "boolean" }, "gpuInstanceProfile": { "description": "GpuInstanceProfile: GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", "type": "string" }, "hostGroupID": { "description": "HostGroupID: This is of the form:\n/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}.\nFor more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", "type": "string" }, "id": { "description": "Id: Resource ID.", "type": "string" }, "kubeletConfig": { "description": "KubeletConfig: The Kubelet configuration on the agent pool nodes.", "properties": { "allowedUnsafeSysctls": { "description": "AllowedUnsafeSysctls: Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", "items": { "type": "string" }, "type": "array" }, "containerLogMaxFiles": { "description": "ContainerLogMaxFiles: The maximum number of container log files that can be present for a container. The number must be\n\u2265 2.", "type": "integer" }, "containerLogMaxSizeMB": { "description": "ContainerLogMaxSizeMB: The maximum size (e.g. 10Mi) of container log file before it is rotated.", "type": "integer" }, "cpuCfsQuota": { "description": "CpuCfsQuota: The default is true.", "type": "boolean" }, "cpuCfsQuotaPeriod": { "description": "CpuCfsQuotaPeriod: The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and\na unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", "type": "string" }, "cpuManagerPolicy": { "description": "CpuManagerPolicy: The default is 'none'. See [Kubernetes CPU management\npolicies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more\ninformation. Allowed values are 'none' and 'static'.", "type": "string" }, "failSwapOn": { "description": "FailSwapOn: If set to true it will make the Kubelet fail to start if swap is enabled on the node.", "type": "boolean" }, "imageGcHighThreshold": { "description": "ImageGcHighThreshold: To disable image garbage collection, set to 100. The default is 85%", "type": "integer" }, "imageGcLowThreshold": { "description": "ImageGcLowThreshold: This cannot be set higher than imageGcHighThreshold. The default is 80%", "type": "integer" }, "podMaxPids": { "description": "PodMaxPids: The maximum number of processes per pod.", "type": "integer" }, "topologyManagerPolicy": { "description": "TopologyManagerPolicy: For more information see [Kubernetes Topology\nManager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values\nare 'none', 'best-effort', 'restricted', and 'single-numa-node'.", "type": "string" } }, "type": "object", "additionalProperties": false }, "kubeletDiskType": { "description": "KubeletDiskType: Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral\nstorage.", "type": "string" }, "linuxOSConfig": { "description": "LinuxOSConfig: The OS configuration of Linux agent nodes.", "properties": { "swapFileSizeMB": { "description": "SwapFileSizeMB: The size in MB of a swap file that will be created on each node.", "type": "integer" }, "sysctls": { "description": "Sysctls: Sysctl settings for Linux agent nodes.", "properties": { "fsAioMaxNr": { "description": "FsAioMaxNr: Sysctl setting fs.aio-max-nr.", "type": "integer" }, "fsFileMax": { "description": "FsFileMax: Sysctl setting fs.file-max.", "type": "integer" }, "fsInotifyMaxUserWatches": { "description": "FsInotifyMaxUserWatches: Sysctl setting fs.inotify.max_user_watches.", "type": "integer" }, "fsNrOpen": { "description": "FsNrOpen: Sysctl setting fs.nr_open.", "type": "integer" }, "kernelThreadsMax": { "description": "KernelThreadsMax: Sysctl setting kernel.threads-max.", "type": "integer" }, "netCoreNetdevMaxBacklog": { "description": "NetCoreNetdevMaxBacklog: Sysctl setting net.core.netdev_max_backlog.", "type": "integer" }, "netCoreOptmemMax": { "description": "NetCoreOptmemMax: Sysctl setting net.core.optmem_max.", "type": "integer" }, "netCoreRmemDefault": { "description": "NetCoreRmemDefault: Sysctl setting net.core.rmem_default.", "type": "integer" }, "netCoreRmemMax": { "description": "NetCoreRmemMax: Sysctl setting net.core.rmem_max.", "type": "integer" }, "netCoreSomaxconn": { "description": "NetCoreSomaxconn: Sysctl setting net.core.somaxconn.", "type": "integer" }, "netCoreWmemDefault": { "description": "NetCoreWmemDefault: Sysctl setting net.core.wmem_default.", "type": "integer" }, "netCoreWmemMax": { "description": "NetCoreWmemMax: Sysctl setting net.core.wmem_max.", "type": "integer" }, "netIpv4IpLocalPortRange": { "description": "NetIpv4IpLocalPortRange: Sysctl setting net.ipv4.ip_local_port_range.", "type": "string" }, "netIpv4NeighDefaultGcThresh1": { "description": "NetIpv4NeighDefaultGcThresh1: Sysctl setting net.ipv4.neigh.default.gc_thresh1.", "type": "integer" }, "netIpv4NeighDefaultGcThresh2": { "description": "NetIpv4NeighDefaultGcThresh2: Sysctl setting net.ipv4.neigh.default.gc_thresh2.", "type": "integer" }, "netIpv4NeighDefaultGcThresh3": { "description": "NetIpv4NeighDefaultGcThresh3: Sysctl setting net.ipv4.neigh.default.gc_thresh3.", "type": "integer" }, "netIpv4TcpFinTimeout": { "description": "NetIpv4TcpFinTimeout: Sysctl setting net.ipv4.tcp_fin_timeout.", "type": "integer" }, "netIpv4TcpKeepaliveProbes": { "description": "NetIpv4TcpKeepaliveProbes: Sysctl setting net.ipv4.tcp_keepalive_probes.", "type": "integer" }, "netIpv4TcpKeepaliveTime": { "description": "NetIpv4TcpKeepaliveTime: Sysctl setting net.ipv4.tcp_keepalive_time.", "type": "integer" }, "netIpv4TcpMaxSynBacklog": { "description": "NetIpv4TcpMaxSynBacklog: Sysctl setting net.ipv4.tcp_max_syn_backlog.", "type": "integer" }, "netIpv4TcpMaxTwBuckets": { "description": "NetIpv4TcpMaxTwBuckets: Sysctl setting net.ipv4.tcp_max_tw_buckets.", "type": "integer" }, "netIpv4TcpTwReuse": { "description": "NetIpv4TcpTwReuse: Sysctl setting net.ipv4.tcp_tw_reuse.", "type": "boolean" }, "netIpv4TcpkeepaliveIntvl": { "description": "NetIpv4TcpkeepaliveIntvl: Sysctl setting net.ipv4.tcp_keepalive_intvl.", "type": "integer" }, "netNetfilterNfConntrackBuckets": { "description": "NetNetfilterNfConntrackBuckets: Sysctl setting net.netfilter.nf_conntrack_buckets.", "type": "integer" }, "netNetfilterNfConntrackMax": { "description": "NetNetfilterNfConntrackMax: Sysctl setting net.netfilter.nf_conntrack_max.", "type": "integer" }, "vmMaxMapCount": { "description": "VmMaxMapCount: Sysctl setting vm.max_map_count.", "type": "integer" }, "vmSwappiness": { "description": "VmSwappiness: Sysctl setting vm.swappiness.", "type": "integer" }, "vmVfsCachePressure": { "description": "VmVfsCachePressure: Sysctl setting vm.vfs_cache_pressure.", "type": "integer" } }, "type": "object", "additionalProperties": false }, "transparentHugePageDefrag": { "description": "TransparentHugePageDefrag: Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is\n'madvise'. For more information see [Transparent\nHugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", "type": "string" }, "transparentHugePageEnabled": { "description": "TransparentHugePageEnabled: Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more\ninformation see [Transparent\nHugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", "type": "string" } }, "type": "object", "additionalProperties": false }, "maxCount": { "description": "MaxCount: The maximum number of nodes for auto-scaling", "type": "integer" }, "maxPods": { "description": "MaxPods: The maximum number of pods that can run on a node.", "type": "integer" }, "minCount": { "description": "MinCount: The minimum number of nodes for auto-scaling", "type": "integer" }, "mode": { "description": "Mode: A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool\nrestrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", "type": "string" }, "name": { "description": "Name: The name of the resource that is unique within a resource group. This name can be used to access the resource.", "type": "string" }, "networkProfile": { "description": "NetworkProfile: Network-related settings of an agent pool.", "properties": { "allowedHostPorts": { "description": "AllowedHostPorts: The port ranges that are allowed to access. The specified ranges are allowed to overlap.", "items": { "description": "The port range.", "properties": { "portEnd": { "description": "PortEnd: The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or\nequal to portStart.", "type": "integer" }, "portStart": { "description": "PortStart: The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or\nequal to portEnd.", "type": "integer" }, "protocol": { "description": "Protocol: The network protocol of the port.", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "applicationSecurityGroups": { "description": "ApplicationSecurityGroups: The IDs of the application security groups which agent pool will associate when created.", "items": { "type": "string" }, "type": "array" }, "nodePublicIPTags": { "description": "NodePublicIPTags: IPTags of instance-level public IPs.", "items": { "description": "Contains the IPTag associated with the object.", "properties": { "ipTagType": { "description": "IpTagType: The IP tag type. Example: RoutingPreference.", "type": "string" }, "tag": { "description": "Tag: The value of the IP tag associated with the public IP. Example: Internet.", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false }, "nodeImageVersion": { "description": "NodeImageVersion: The version of node image", "type": "string" }, "nodeLabels": { "additionalProperties": { "type": "string" }, "description": "NodeLabels: The node labels to be persisted across all nodes in agent pool.", "type": "object" }, "nodePublicIPPrefixID": { "description": "NodePublicIPPrefixID: This is of the form:\n/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", "type": "string" }, "nodeTaints": { "description": "NodeTaints: The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", "items": { "type": "string" }, "type": "array" }, "orchestratorVersion": { "description": "OrchestratorVersion: Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported.\nWhen is specified, the latest supported GA patch version is chosen automatically. Updating the cluster\nwith the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer\npatch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same\nKubernetes version. The node pool version must have the same major version as the control plane. The node pool minor\nversion must be within two minor versions of the control plane version. The node pool version cannot be greater than the\ncontrol plane version. For more information see [upgrading a node\npool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", "type": "string" }, "osDiskSizeGB": { "type": "integer" }, "osDiskType": { "description": "OsDiskType: The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested\nOSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral\nOS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", "type": "string" }, "osSKU": { "description": "OsSKU: Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019\nwhen Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", "type": "string" }, "osType": { "description": "OsType: The operating system type. The default is Linux.", "type": "string" }, "podSubnetID": { "description": "PodSubnetID: If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is\nof the form:\n/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", "type": "string" }, "powerState": { "description": "PowerState: When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this\nfield to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only\nbe stopped if it is Running and provisioning state is Succeeded", "properties": { "code": { "description": "Code: Tells whether the cluster is Running or Stopped", "type": "string" } }, "type": "object", "additionalProperties": false }, "properties_type": { "description": "PropertiesType: The type of Agent Pool.", "type": "string" }, "provisioningState": { "description": "ProvisioningState: The current deployment or provisioning state.", "type": "string" }, "proximityPlacementGroupID": { "description": "ProximityPlacementGroupID: The ID for Proximity Placement Group.", "type": "string" }, "scaleDownMode": { "description": "ScaleDownMode: This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", "type": "string" }, "scaleSetEvictionPolicy": { "description": "ScaleSetEvictionPolicy: This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is\n'Delete'.", "type": "string" }, "scaleSetPriority": { "description": "ScaleSetPriority: The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", "type": "string" }, "securityProfile": { "description": "SecurityProfile: The security settings of an agent pool.", "properties": { "enableSecureBoot": { "description": "EnableSecureBoot: Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and\ndrivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.", "type": "boolean" }, "enableVTPM": { "description": "EnableVTPM: vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held\nlocally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.", "type": "boolean" } }, "type": "object", "additionalProperties": false }, "spotMaxPrice": { "description": "SpotMaxPrice: Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any\non-demand price. For more details on spot pricing, see [spot VMs\npricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", "type": "number" }, "tags": { "additionalProperties": { "type": "string" }, "description": "Tags: The tags to be persisted on the agent pool virtual machine scale set.", "type": "object" }, "type": { "description": "Type: Resource type", "type": "string" }, "upgradeSettings": { "description": "UpgradeSettings: Settings for upgrading the agentpool", "properties": { "drainTimeoutInMinutes": { "description": "DrainTimeoutInMinutes: The amount of time (in minutes) to wait on eviction of pods and graceful termination per node.\nThis eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not\nspecified, the default is 30 minutes.", "type": "integer" }, "maxSurge": { "description": "MaxSurge: This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it\nis the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded\nup. If not specified, the default is 1. For more information, including best practices, see:\nhttps://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", "type": "string" }, "nodeSoakDurationInMinutes": { "description": "NodeSoakDurationInMinutes: The amount of time (in minutes) to wait after draining a node and before reimaging it and\nmoving on to next node. If not specified, the default is 0 minutes.", "type": "integer" } }, "type": "object", "additionalProperties": false }, "vmSize": { "description": "VmSize: VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods\nmight fail to run correctly. For more details on restricted VM sizes, see:\nhttps://docs.microsoft.com/azure/aks/quotas-skus-regions", "type": "string" }, "vnetSubnetID": { "description": "VnetSubnetID: If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified,\nthis applies to nodes and pods, otherwise it applies to just nodes. This is of the form:\n/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", "type": "string" }, "windowsProfile": { "description": "WindowsProfile: The Windows agent pool's specific profile.", "properties": { "disableOutboundNat": { "description": "DisableOutboundNat: The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT\nGateway and the Windows agent pool does not have node public IP enabled.", "type": "boolean" } }, "type": "object", "additionalProperties": false }, "workloadRuntime": { "description": "WorkloadRuntime: Determines the type of workload a node can run.", "type": "string" } }, "type": "object", "additionalProperties": false } }, "type": "object" }