Catégorie : Azure

AKS | Pricing Tiers


Azure Kubernetes Service (AKS) is now offering two pricing tiers for cluster management: the Free tier and the Standard tier.

Free tierStandard tier
When to use• You want to experiment with AKS at no extra cost
• You’re new to AKS and Kubernetes
• You’re running production or mission-critical workloads and need high availability and reliability
• You need a financially backed SLA
Supported cluster types• Development clusters or small scale testing environments
• Clusters with fewer than 10 nodes
• Enterprise-grade or production workloads
• Clusters with up to 5,000 nodes
Pricing• Free cluster management
• Pay-as-you-go for resources you consume
• Pay-as-you-go for resources you consume
Feature comparison• Recommended for clusters with fewer than 10 nodes, but can support up to 1,000 nodes
• Includes all current AKS features
• Uptime SLA is enabled by default
• Greater cluster reliability and resources
• Can support up to 5,000 nodes in a cluster
• Includes all current AKS features
# Create a new AKS cluster in the Free tier 
az aks create --resource-group myResourceGroup --name myAKSCluster --no-uptime-sla 

# Create a new AKS cluster in the Standard tier 
az aks create --resource-group myResourceGroup --name myAKSCluster --uptime-sla

# Update an existing cluster to the Free tier
az aks update --resource-group myResourceGroup --name myAKSCluster --no-uptime-sla

# Update an existing cluster to the Standard tier
az aks update --resource-group myResourceGroup --name myAKSCluster --uptime-sla



Azure Policy | Deny Action


In this new article, I will share with you a new Azure Policy action: « Deny Action ». DenyAction is used to block requests on intended action to resources. The only supported action today is DELETE. This effect will help prevent any accidental deletion of critical resources.

This new Azure Policy action could help you to remove the Lock Type « Delete » in place at the Resource Group level.

Please find below an example:

   "if": {
      "allOf": [
            "field": "type",
            "equals": "Microsoft.DocumentDb/accounts"
            "field": "tags.environment",
            "equals": "prod"
   "then": {
      "effect": "DenyAction",
      "details": {
         "actionNames": [ "delete" ],
         "cascadeBehaviors": { "resourceGroup": "deny" }


AKS | Mariner Container Optimized OS on AKS


Mariner is an open-source Linux distribution created by Microsoft and is now available for preview as a container host on Azure Kubernetes Service (AKS). Optimized for AKS, the Mariner container host provides reliability and consistency from cloud to edge across the AKS, AKS-HCI, and Arc products. You can deploy Mariner node pools in a new cluster, add Mariner node pools to your existing Ubuntu clusters, or migrate your Ubuntu nodes to Mariner nodes.

Key Capabilities Of CBL-Mariner:

CBL-Mariner provides many of the traditional benefits of using Linux. In addition to that, CBL-Mariner provides hardened security and efficient lifecycle management.

  • CBL-Mariner core

Minimal core system that supports a variety of profiles (Azure VM or on bare-metal x64 or ARM64) and allows the customer to build on top of it as needed.

Lightweight footprint: 450MB uncompressed.

  • Support & Updates

SLA for vulnerabilities.

Patches automatically available for the customer to update when most convenient for them.

dnf infrastructure used for upgrading packages.

  • Security hardened

The kernel and other aspects of the OS are built with an emphasis on security and follow the secure-by-default principle, compliant with Microsoft security standards and industry certifications.

  • Federated Builds

Enables teams to innovate on top by allowing the generation and maintenance of packages on top of the CBL-Mariner builds.

With over 6000 packages already built, teams can customize their image easily.

  • Robust Testing

Through a robust testing matrix of package, image and kernel tests, we allow for earlier issue detections and mitigations prior to the image being published.

  • Virtualization

CBL-Mariner supports a container host image that includes the Kubernetes infrastructure.

  • Efficient lifecycle management

CBL-Mariner supports both RPM package and image-based update mechanisms for releases – with an “evergreen” release alongside specific security-patched stable snaps. New releases are made available annually and each release is supported for 18 months.

If you want to replace your existing AKS Ubuntu Node Pool by Mariner, please follow this link: