AKS Setup and Configuration: Clusters, Node Pools, and Networking

Calendar February 22, 2026
Kubernetes
Intermediate
Aks-Cluster-Creation, Node-Pool-Management, Azure-Networking
Aks, Azure, Terraform, Bicep, Node-Pools, Azure-Cni, Managed-Identity
Az, Terraform, Kubectl

AKS Setup and Configuration#

Azure Kubernetes Service handles the control plane for you – you pay nothing for it. What you configure is node pools, networking, identity, and add-ons. Getting these right at cluster creation matters because several choices (networking model, managed identity) cannot be changed later without rebuilding the cluster.

Creating a Cluster with az CLI#

The minimal command that produces a production-usable cluster:

az aks create \
  --resource-group myapp-rg \
  --name myapp-aks \
  --location eastus2 \
  --node-count 3 \
  --node-vm-size Standard_D4s_v5 \
  --network-plugin azure \
  --network-plugin-mode overlay \
  --vnet-subnet-id /subscriptions/<sub>/resourceGroups/myapp-rg/providers/Microsoft.Network/virtualNetworks/myapp-vnet/subnets/aks-subnet \
  --enable-managed-identity \
  --enable-aad \
  --aad-admin-group-object-ids <admin-group-id> \
  --generate-ssh-keys \
  --tier standard

Key flags: --network-plugin azure --network-plugin-mode overlay gives you Azure CNI Overlay, which avoids the IP exhaustion problems of classic Azure CNI. --tier standard enables the financially-backed SLA and uptime guarantees (the free tier has no SLA). --enable-aad integrates Entra ID (formerly Azure AD) for authentication.

Cloud Behavioral Divergence Guide: Where AWS, Azure, and GCP Actually Differ

Calendar February 22, 2026
Cloud-Services
Intermediate, Advanced
Multi-Cloud-Operations, Cloud-Migration-Planning, Infrastructure-Debugging, Cross-Cloud-Translation
Aws, Azure, Gcp, Multi-Cloud, Iam, Irsa, Workload-Identity, Managed-Identity, Vpc, Vnet, Networking, Storage, Ebs, Csi-Drivers, Rds, Cloud-Sql, Azure-Sql, Dns, Load-Balancers, Behavioral-Divergence
Aws-Cli, Gcloud, Az-Cli, Kubectl, Terraform

Cloud Behavioral Divergence Guide#

Running the “same” workload on AWS, Azure, and GCP does not produce the same behavior. The Kubernetes API is portable, application containers are portable, and SQL queries are portable. Everything else – identity, networking, storage, load balancing, DNS, and managed service behavior – diverges in ways that matter for production reliability.

This guide documents the specific divergence points with practical examples. Use it when translating infrastructure from one cloud to another, when debugging behavior that differs between environments, or when assessing migration risk.