add subnet per pool and update limits

Author: Justin

articles/aks/use-multiple-node-pools.md

@@ -29,7 +29,7 @@ The following limitations apply when you create and manage AKS clusters that sup
 * The AKS cluster must use the Standard SKU load balancer to use multiple node pools, the feature is not supported with Basic SKU load balancers.
 * The AKS cluster must use virtual machine scale sets for the nodes.
 * The name of a node pool may only contain lowercase alphanumeric characters and must begin with a lowercase letter. For Linux node pools the length must be between 1 and 12 characters, for Windows node pools the length must be between 1 and 6 characters.
-* All node pools must reside in the same vnet and subnet.
+* All node pools must reside in the same virtual network.
 * When creating multiple node pools at cluster create time, all Kubernetes versions used by node pools must match the version set for the control plane. This can be updated after the cluster has been provisioned by using per node pool operations.
 
 ## Create an AKS cluster
@@ -119,6 +119,27 @@ $ az aks nodepool list --resource-group myResourceGroup --cluster-name myAKSClus
 > [!TIP]
 > If no *VmSize* is specified when you add a node pool, the default size is *Standard_DS2_v3* for Windows node pools and *Standard_DS2_v2* for Linux node pools. If no *OrchestratorVersion* is specified, it defaults to the same version as the control plane.
 
+### Add a node pool with a dedicated subnet
+
+> [!NOTE]
+> Assignment of a node pool in a unique subnet is limited to Azure CNI, with support for Kubenet coming in the future.
+
+Scenarios may require splitting up your cluster's nodes into separate pools for logical isolation and separate subnets dedicated to each node pool. This is common if your virtual network address space is not contiguous across all nodes. To address this a dedicated virtual network subnet can be passed to a given node pool.
+
+It is required that all nodes in a given cluster reside in the same virtual network and all subnets assigned to nodepools reside in the same virtual network. Critical system-pod components running your cluster must be able to communicate with all nodes hosting applications in order to provide core functionality such as DNS resolution via coreDNS.
+
+This is defined with an additional parameter added to the node pool add command shown previously.
+
+```azurecli-interactive
+az aks nodepool add \
+    --resource-group myResourceGroup \
+    --cluster-name myAKSCluster \
+    --name mynodepool \
+    --node-count 3 \
+    --kubernetes-version 1.15.5
+    --vnet-subnet-id <YOUR_SUBNET_RESOURCE_ID>
+```
+
 ## Upgrade a node pool
 
 > [!NOTE]