Routine Planned Maintenance Notifications Improvements for App Service
April 29, 2025A scalable and efficient approach for ingesting medical imaging data using DICOM data transformation
April 29, 2025
Â
This article shows a comparison of features available for the different deployment options under AKS enabled by Azure Arc. đ€©
– AKS on Azure Local
– AKS Edge Essential
– AKS on Windows Server (deprecated)
Â
đPlease note: AKS on Windows Server has been deprecated as of Aprilâ2025. Read more đRetirement of AKS architecture on Windows Server 2019 and Windows Server 2022 – AKS enabled by Azure Arc | Microsoft Learn
|
Feature |
AKS on Azure Local |
AKS Edge Essential |
AKS on Windows Server (Deprecated) |
|
Supported infrastructure for K8s cluster |
Azure Local, version 23H2 or later |
Windows 10/11 IoT Enterprise |
Windows Server 2019 Windows Server 2022 Â |
|
CNCF conformant |
Yes |
Yes |
Yes |
|
K8s cluster LCM tools |
Azure Portal Azure CLI ARM templates Bicep templates |
PowerShell |
PowerShell Windows Admin Center |
|
K8s cluster management |
Kubernetes clusters are managed through Arc Resource Bridge which is automatically created when Azure local gets deployed. |
Kubernetes clusters are self-managed, to preserve resources. |
Kubernetes clusters are managed using a âmanagement clusterâ, that is installed using PowerShell before Kubernetes workload clusters can be created. |
|
Support for Kubectl or other open source K8s tool |
Yes |
Yes |
Yes |
|
Supported K8s Versions |
Supports K8s only. For latest version support, run: az aks get-versions |
Supports K3s and K8s. For the latest K8s version support, visit steps to prepare your machine for AKS Edge Essentials. |
Supports K8s only. Continuous updates to supported Kubernetes versions. For latest version support, visit AKS hybrid releases on GitHub.  |
|
Azure Fleet Manager integration |
No |
No |
No |
|
Terraform integration |
Yes (Preview) |
No |
No |
|
Support for Taints and Label |
Yes |
Unvalidated â These settings will not persist when cluster is upgraded. |
Yes |
Â
Comparision between Monitoring and Diagnosability features for AKS enabled by Azure Arc deployment options:
|
Feature |
AKS on Azure Local |
AKS Edge Essential |
AKS on Windows Server (Deprecated) |
|
Azure Monitor Container Insights |
Yes, via arc Extensions |
Yes, via Arc Extensions |
Yes, via Arc Extensions |
|
Azure Monitor Managed Prometheus and Control plane metrics scraping |
Yes, via arc Extensions |
Yes, via arc Extensions |
Yes, via arc Extensions |
|
Control plane Audit Logs |
Yes, via arc Extensions |
No |
No |
|
Platform/Shoebox metrics |
Yes, via arc Extensions  |
No |
No |
|
Diagnostics log collection (local) |
Yes |
Yes |
Yes |
Comparison between Node pool capabilities for AKS enabled by Azure Arc deployment options:
|
Feature |
AKS on Azure Local |
AKS Edge Essential |
AKS on Windows Server (Deprecated) |
|
Windows nodepool support |
Yes Windows Server 2019 Datacenter Windows Server 2022 Datacenter  |
Yes Windows Server 2022 Datacenter (Core) Â |
Yes Windows Server 2019 Datacenter Windows Server 2022 Datacenter  |
|
Linux OS offerings |
|||
|
Container Runtime |
Containerd for Linux and Windows nodes |
Containerd for Linux and Windows nodes |
Containerd for Linux and Windows nodes |
|
Node pool auto-scaler |
Yes |
No (add nodes manually) |
Yes |
|
Horizontal pod scaler |
No |
No |
Yes |
|
Azure container registry |
Yes |
Yes |
Yes |
Comparison between networking features for AKS enabled by Azure Arc deployment options:
|
Feature |
AKS on Azure Local |
AKS Edge Essential |
AKS on Windows Server (Deprecated) |
|
Network creation and management |
Setting up networking parameters is a required prerequisite to deploy AKS on Azure Local. Network must have connectivity and IP address availability for successful operation of cluster |
You need to provide the IP address range for node IPs and Service IPs, that are available and have the right connection. The network configuration needed for the cluster is handled by AKS. Read AKS Edge Essentials networking. |
You need to create the network in Windows Server before creating an AKS cluster. |
|
Supported networking option |
Static IP networks with/without VLAN ID |
Static IP address or use reserved IPs when using DHCP |
DHCP networks with/without VLAN ID Static IP networks with/without VLAN ID Â |
|
SDN support |
No |
No |
Yes |
|
Support for Arc Gateway |
Yes |
Yes â (Support for AIO only) |
No |
|
Supported CNIs |
Calico |
Calico (K8s) Flannel (K3s) |
Calico |
|
Load Balancer |
Bring your own load balance (BYOLB) MetalLB Arc Extension |
KubeVIP Bring your own load balancer (BYOLB) Â |
HAProxy SDN load balancer Bring your own load balancer (BYOLB) Â |
Comparison between storage features for AKS enabled by Azure Arc deployment options:
|
Feature |
AKS on Azure Local |
AKS Edge Essential |
AKS on Windows Server (Deprecated) |
|
Types of supported persistent volumes |
VHDX â ReadWriteOnce SMB or NFS âReadWriteMany ACSA – ReadWriteMany |
PVC using local storage ACSA |
VHDX â ReadWriteOnce SMB or NFS -ReadWriteMany |
|
Container storage interface (CSI) support |
Yes |
Yes |
Yes |
|
CSI drivers |
Disk and Files (SMB and NFS) drivers installed by default. |
Support for SMB and NFS storage drivers. |
Support for SMB and NFS storage drivers. |
|
Dynamic provisioning support |
Yes |
Yes |
Yes |
|
Volume resizing support |
Yes |
Yes |
Yes |
Comparison between security and authentication options for AKS enabled by Azure Arc deployment options:
|
Feature |
AKS on Azure Local |
AKS Edge Essential |
AKS on Windows Server (Deprecated) |
|
Access to K8s cluster |
Kubectl |
Kubectl |
Kubectl |
|
K8s cluster authorization (RBAC) |
Kubernetes RBAC Azure RBAC |
Kubernetes RBAC |
Kubernetes RBAC |
|
K8s cluster authentication |
Certificate based Kubeconfig |
Certificate based Kubeconfig Microsoft Entra ID |
Certificate based Kubeconfig Microsoft Entra ID |
|
Support for network policies |
No |
No |
Yes â only for Linux containers |
|
Support for workload identity |
Yes |
Yes – (Support for AIO only) |
Yes |
|
Limit source networks that can access API server |
Yes |
Yes |
Yes |
|
Encrypt etcd secrets |
Yes |
Yes |
Yes |
|
Certificate rotation and encryption |
Yes |
Yes |
Yes |
|
Secrets store CSI driver |
Yes |
Yes |
Yes |
|
gMSA support |
No |
Yes |
Yes |
|
Azure Policy |
Yes, via Arc extensions |
Yes, via Arc extensions |
Yes, via Arc extensions |
|
Azure Defender |
Yes, via Arc extensions (preview) |
Yes, via Arc extensions (preview) |
Yes, via Arc extensions (preview) |
Comparison of Pricing and SLA for AKS enabled by Azure Arc deployment options:
|
Feature |
AKS on Azure Local |
AKS Edge Essential |
AKS on Windows Server (Deprecated) |
|
Pricing |
Included in Azure Local at no additional cost |
$2.50 per device per month. |
Pricing is based on the number of workload cluster vCPUs. Control plane nodes & load balancer VMs are free. |
|
Azure hybrid benefit support |
Not applicable – AKS already included at no additional cost. Â |
No |
Yes |
|
SLA |
No SLA offered as the K8s cluster is running on premises |
No SLA offered as the K8s cluster is running on premises |
No SLA offered as the K8s cluster is running on premises |
Comparison of AI/ML features for AKS enabled by Azure Arc deployment options:
|
Feature |
AKS on Azure Local |
AKS Edge Essential |
AKS on Windows Server (Deprecated) |
|
GPU support |
Yes |
Yes |
Yes |
|
KAITO (K8s AI toolchain operator) |
Yes, via Arc extensions |
No |
No |
|
Edge RAG |
Yes |
No |
No |
Â
Â
Attachments