Make sure your Azure subscription has at least the following resource limits:
- Go to Microsoft Azure Subscriptions and choose your subscription
- Choose Usage + quotas from the left sidebar
![]()
- If any of the resource limits below are insufficient, see the table as reference, use the link at the top to Request Quota Increase
![]()
| Component | Number of Components Required by Default | Default Azure Limit | Description |
|---|---|---|---|
| vCPUs |
|
20 per region | A default cluster requires 40 vCPUs, so you must increase the account limit. By default, each cluster creates the following instances: 1. 1 bootstrap machine, which is removed after installation. 2. 3 control plane machines. 3. 3 compute machines. As the bootstrap machine uses D4s_v3 machines with 4 vCPUs, the control plane machines use D8s_v3 virtual machines with 8 vCPUs and the worker machines use D4s_v3 machines with 4 vCPUs, a default cluster requires 40 vCPUs. The bootstrap node VM, which uses 4 vCPUs, is used only during installation. To deploy more worker nodes, enable autoscaling, deploy large workloads or use a different instance type, increase the vCPU limit to ensure that the cluster can deploy the machines required. By default, the installation program distributes control plane and compute machines across all availability zones within a region. To ensure high availability for the cluster, select a region with at least 3 availability zones. If the region contains fewer than 3 availability zones, the installation program places more than one control plane machine in the available zones. |
| Virtual Networks | 1 | 1000 per region | Each default cluster requires a Virtual Network (VNet), which contains 2 subnets |
| Network Interfaces | 6 | 65,536 per region | Each default cluster requires 6 network interfaces. If additional machines are created or workloads deployed create load balancers, the cluster uses more network interfaces. |
| Network Security Groups | 2 | 5000 | Each cluster creates network security groups for each subnet in the VNet. The default cluster creates network security groups for the control plane and for the compute node subnets: controlplane: Allows the control plane machines to be reached on port 6443 from anywhere. node: Allows worker nodes to be reached from the Internet on ports 80 and 443. |
| Network Load Balancers | 3 | 1000 per region | Each cluster creates the following load balancers: default – Public IP address that load balances requests to ports 80 and 443 across worker machines. internal – Private IP address that load balances requests to ports 6443 and 22623 across control plane machines. external – Public IP address that load balances requests to port 6443 across control plane machines. If applications create additional Kubernetes LoadBalancer service objects, the cluster will use additional load balancers. |
| Public IP Addresses | 3 | Each of the 2 public load balancers uses a public IP address. The bootstrap machine also uses a public IP address so that SSH can be used to troubleshoot issues during installation. The IP address for the bootstrap node is used only during installation. | |
| Private IP Addresses | 7 | The internal load balancer, each of the 3 control plane machines and each of the 3 worker machines each use a private IP address. |
Post your comment on this topic.