Azure Kubernetes

Plan and deploy production-ready AKS clusters, focusing on critical Day-0 decisions (hard to change later) versus Day-1 features (configurable post-creation).

Initial Assessment

Gather requirements around:

• Environment type (dev/test vs. production)
• Target region
• Expected scale
• Networking requirements
• Security posture
• Observability needs

SKU Selection

Default to AKS Automatic for most workloads unless specific customization needs justify Standard SKU's additional management overhead.

Day-0 Decisions (Networking)

These are hard or impossible to change after cluster creation:

Security Framework

• Authentication: Microsoft Entra ID for all cluster authentication
• Secrets: Azure Key Vault via Secrets Store CSI Driver
• Policy: Azure Policy with Deployment Safeguards enabled
• Images: Signed image policies via Azure Policy and Ratify

Observability Stack

Reliability & Scale

• Deploy across 3 Availability Zones for HA
• Use Standard tier for 99.95% SLA
• Enable Ephemeral OS disks and Azure Linux for performance
• Use Node Auto Provisioning (NAP) for cost-efficient scaling

Cost Controls

• Spot node pools for batch workloads (up to 90% savings)
• Stop/start for dev/test clusters during off-hours

MCP Tools & CLI Fallback

The skill uses MCP tools to discover available AKS functionality and falls back to Azure CLI when needed. It never exposes secrets or subscription identifiers in output.

Installation

npx skills add https://github.com/microsoft/azure-skills --skill azure-kubernetes

Mirrored from https://github.com/microsoft/azure-skills — original author: microsoft, license: MIT. This is an unclaimed mirror. Content and ownership transfer to the author when they claim this account.