You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/aks/faq.md
+18-1Lines changed: 18 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -307,7 +307,24 @@ AKS nodes run the "chrony" service, which pulls time from the localhost. Contai
307
307
308
308
## How are AKS addons updated?
309
309
310
-
Any patch, including security patches, is automatically applied to the AKS cluster. Anything bigger than a patch, like major or minor version changes (which can have breaking changes to your deployed objects), is updated when you update your cluster if a new release is available. You can find when a new release is available by visiting the [AKS release notes](https://github.com/Azure/AKS/releases).
310
+
Any patch, including security patches, is automatically applied to the AKS cluster. Anything bigger than a patch, like major or minor version changes (which can have breaking changes to your deployed objects), is updated when you update your cluster if a new release is available. You can find when a new release is available by visiting the [AKS release notes](https://github.com/Azure/AKS/releases).
311
+
312
+
## What is the purpose of the AKS Linux Extension I see installed on my Linux VMSS instances?
313
+
314
+
The AKS Linux Extension is an Azure VM extension whose purpose is to install and configure monitoring tools on Kubernetes worker nodes. The extension is installed on all new and existing Linux nodes. It configures the following monitoring tools:
315
+
316
+
- [Node-exporter](https://github.com/prometheus/node_exporter): collects hardware telemetry from the virtual machine and makes it available via a metrics endpoint. These metrics are then able to be scraped by a monitoring tool such as Prometheus.
317
+
- [Node-problem-detector](https://github.com/kubernetes/node-problem-detector): aims to make various node problems visible to upstream layers in the cluster management stack. It is a systemd unit that runs on each node, detects node problems, and reports them to the cluster’s API server via Events and NodeConditions.
318
+
- [Local-gadget](https://www.inspektor-gadget.io/docs/latest/local-gadget/): uses in-kernel eBPF helper programs to monitor events mainly related to syscalls from userspace programs in a pod.
319
+
320
+
These tools assist in providing observability around many node health related problems such as:
321
+
322
+
- Infrastructure daemon issues: NTP service down
323
+
- Hardware issues: Bad CPU, memory or disk
324
+
- Kernel issues: Kernel deadlock, corrupted file system
The extension **does not** require any additional outbound access to any URLs, IP Address or Port beyond the AKS egress requirements that are documented [here](./limit-egress-traffic.md) nor does the extension require any special permissions at the Azure level. It uses kubeconfig to connect to the API server to send the information/telemetry.
0 commit comments