Add-ons, extensions, and other integrations with Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS) provides extra functionality for your clusters using add-ons. Open-source projects and third parties provide by more integrations that are commonly used with AKS. The AKS support policy doesn't support the open-source and third-party integrations.
Add-ons
Add-ons are a fully supported way to provide extra capabilities for your AKS cluster. The installation, configuration, and lifecycle of add-ons are managed on AKS. You can use the az aks enable-addons
command to install an add-on or manage the add-ons for your cluster.
AKS uses the following rules for applying updates to installed add-ons:
- Only an add-on's patch version can be upgraded within a Kubernetes minor version. The add-on's major/minor version isn't upgraded within the same Kubernetes minor version.
- The major/minor version of the add-on is only upgraded when moving to a later Kubernetes minor version.
- Any breaking or behavior changes to the add-on are announced well before, usually 60 days, for a GA minor version of Kubernetes on AKS.
- You can patch add-ons weekly with every new release of AKS, which is announced in the release notes. You can control AKS releases using the maintenance windows and release tracker.
Exceptions
- Add-ons are upgraded to a new major/minor version (or breaking change) within a Kubernetes minor version if either the cluster's Kubernetes version or the add-on version are in preview.
- There can be unavoidable circumstances, such as CVE security patches or critical bug fixes, when you need to update an add-on within a GA minor version.
Available add-ons
Name | Description | Articles | GitHub |
---|---|---|---|
web_application_routing | Use a managed NGINX ingress controller with your AKS cluster. | Application Routing Overview | GitHub |
ingress-appgw | Use Application Gateway Ingress Controller with your AKS cluster. | What is Application Gateway Ingress Controller? | GitHub |
keda | Use event-driven autoscaling for the applications on your AKS cluster. | Simplified application autoscaling with Kubernetes Event-driven Autoscaling (KEDA) add-on | GitHub |
monitoring | Use Container Insights and Managed Prometheus monitoring with your AKS cluster. | Container insights overview Managed Prometheus overview |
GitHub GitHub |
azure-policy | Use Azure Policy for AKS, which enables at-scale enforcements and safeguards on your clusters in a centralized, consistent manner. | Understand Azure Policy for Kubernetes clusters | GitHub |
azure-keyvault-secrets-provider | Use Azure Keyvault Secrets Provider addon. | Use the Azure Key Vault Provider for Secrets Store CSI Driver in an AKS cluster | GitHub |
virtual-node | Use virtual nodes with your AKS cluster. | Use virtual nodes | GitHub |
open-service-mesh | Use Open Service Mesh with your AKS cluster (retired). | Open Service Mesh AKS add-on (retired) | GitHub |
GitHub Actions
GitHub Actions help you automate your software development workflows from within GitHub.
Open-source and third-party integrations
There are many open-source and third-party integrations you can install on your AKS cluster. The AKS support policy doesn't cover self-managed installations of the following projects. Some of these projects have managed experiences built on top of them (for example in the case of Prometheus, Grafana, and Istio). These managed experiences are noted in the 'More Details' column.
Important
Open-source software is mentioned throughout AKS documentation and samples. Software that you deploy is excluded from AKS service-level agreements, limited warranty, and Azure support. As you use open-source technology alongside AKS, consult the support options available from the respective communities and project maintainers to develop a plan.
For example, the Ray GitHub repository describes several platforms that vary in response time, purpose, and support level.
Microsoft takes responsibility for building the open-source packages that we deploy on AKS. That responsibility includes having complete ownership of the build, scan, sign, validate, and hotfix process, along with control over the binaries in container images. For more information, see Vulnerability management for AKS and AKS support coverage.
Name | Description | More details |
---|---|---|
Helm | An open-source packaging tool that helps you install and manage the lifecycle of Kubernetes applications. | Quickstart: Develop on Azure Kubernetes Service (AKS) with Helm |
Prometheus | Monitoring and alerting toolkit. | Managed experience - Azure Monitor managed service for Prometheus; Self-managed experience - Prometheus operator |
Grafana | Dashboards for observability. | Managed experience - [Azure Managed Grafana][managed-grafana]; Self-managed experience - Deploy Grafana on Kubernetes. |
Couchbase | A distributed NoSQL cloud database. | Install Couchbase and the Operator on AKS |
OpenFaaS | An open-source framework for building serverless functions by using containers. | Use OpenFaaS with AKS |
Apache Spark | An open-source, fast engine for large-scale data processing. | Running Apache Spark jobs requires a minimum node size of Standard_D3_v2. For more information on running Spark jobs on Kubernetes, see the running Spark on Kubernetes guide. |
Istio | Service mesh | Managed experience - Istio add-on for AKS; Self-managed experience - Istio open-source installation |
Linkerd | An open-source service mesh. | Linkerd Getting Started |
Consul | An open-source, identity-based networking solution. | Getting Started with Consul Service Mesh for Kubernetes |
Third-party integrations for Windows containers
Microsoft collaborates with partners to ensure the build, test, deployment, configuration, and monitoring of your applications perform optimally with Windows containers on AKS.
For more information, see Windows AKS partner solutions.