Azure Monitor for containers is surprisingly good at telling you what’s happening inside your pods, not just on the nodes themselves.
Let’s see it in action. Imagine you’ve got a simple AKS cluster with a couple of pods running a web app. First, you need to enable the container insights solution. This usually involves deploying a specific Azure Monitor agent to your cluster.
Here’s a snippet of what that might look like, using Helm to deploy the agent:
helm upgrade --install azure-monitor-agent oci://mcr.microsoft.com/azure-monitor/containerinsights/agent --version <latest_version> \
--namespace kube-system \
--set clusterName=<your_aks_cluster_name> \
--set azureMonitorWorkspaceResourceId=<your_log_analytics_workspace_resource_id>
Once deployed, Azure Monitor for containers starts collecting metrics and logs from your Kubernetes cluster. You’ll see a new section in your Azure portal for your AKS cluster, labeled "Insights."
Clicking into "Insights" reveals a dashboard that consolidates a ton of information. You’ll see node utilization (CPU, memory, disk, network), cluster-wide pod counts, and crucially, performance metrics for individual pods and containers. This includes CPU and memory usage per pod, restarts, and network traffic.
The real power comes from its ability to correlate node-level performance with pod-level behavior. If a node is struggling, you can immediately drill down to see which pods are consuming the most resources.
The underlying mechanism involves a daemonset running on each AKS node. This daemonset deploys the Azure Monitor agent, which then collects data from the Kubelet and cAdvisor on each node. This data is then forwarded to a Log Analytics workspace for analysis and visualization.
You can query this data directly using Kusto Query Language (KQL) in the Log Analytics workspace. For example, to see the top 5 CPU-consuming pods in the last hour:
Perf
| where ObjectName == "KUBERNETESCONTAINER" and CounterName == "cpu_usage_percentage"
| summarize avg(CounterValue) by bin(TimeGenerated, 5m), PodName, Namespace
| top 5 by avg_CounterValue desc
This allows for deep, custom analysis beyond the pre-built dashboards. You can create alerts based on these queries, for instance, to notify you if a specific pod’s memory usage consistently exceeds a threshold.
What most people miss is how granularly you can inspect network traffic between pods, not just to external services. By enabling network monitoring and querying KubeNetworkTraffic or KubePodInventory tables, you can visualize communication flows and identify bottlenecks or security concerns within your cluster’s internal network.
The next step is often integrating this data with other Azure services, like Azure Security Center or Azure Sentinel, for broader security and operational intelligence.