Add-ons, extensions, and other integrations with Azure Kubernetes Service (AKS)

Azure Kubernetes Service (AKS) provides extra functionality for your clusters using add-ons. Open-source projects and third parties provide by more integrations that are commonly used with AKS. The AKS support policy doesn't support the open-source and third-party integrations.

Add-ons

Add-ons are a fully supported way to provide extra capabilities for your AKS cluster. The installation, configuration, and lifecycle of add-ons are managed on AKS. You can use the az aks enable-addons command to install an add-on or manage the add-ons for your cluster.

AKS uses the following rules for applying updates to installed add-ons:

  • Only an add-on's patch version can be upgraded within a Kubernetes minor version. The add-on's major/minor version isn't upgraded within the same Kubernetes minor version.
  • The major/minor version of the add-on is only upgraded when moving to a later Kubernetes minor version.
  • Any breaking or behavior changes to the add-on are announced well before, usually 60 days, for a GA minor version of Kubernetes on AKS.
  • You can patch add-ons weekly with every new release of AKS, which is announced in the release notes. You can control AKS releases using the maintenance windows and release tracker.

Exceptions

  • Add-ons are upgraded to a new major/minor version (or breaking change) within a Kubernetes minor version if either the cluster's Kubernetes version or the add-on version are in preview.
  • There can be unavoidable circumstances, such as CVE security patches or critical bug fixes, when you need to update an add-on within a GA minor version.

Available add-ons

Name Description Articles GitHub
web_application_routing Use a managed NGINX ingress controller with your AKS cluster. Application Routing Overview GitHub
ingress-appgw Use Application Gateway Ingress Controller with your AKS cluster. What is Application Gateway Ingress Controller? GitHub
keda Use event-driven autoscaling for the applications on your AKS cluster. Simplified application autoscaling with Kubernetes Event-driven Autoscaling (KEDA) add-on GitHub
monitoring Use Container Insights and Managed Prometheus monitoring with your AKS cluster. Container insights overview
Managed Prometheus overview
GitHub
GitHub
azure-policy Use Azure Policy for AKS, which enables at-scale enforcements and safeguards on your clusters in a centralized, consistent manner. Understand Azure Policy for Kubernetes clusters GitHub
azure-keyvault-secrets-provider Use Azure Keyvault Secrets Provider addon. Use the Azure Key Vault Provider for Secrets Store CSI Driver in an AKS cluster GitHub
virtual-node Use virtual nodes with your AKS cluster. Use virtual nodes GitHub
open-service-mesh Use Open Service Mesh with your AKS cluster (retired). Open Service Mesh AKS add-on (retired) GitHub

GitHub Actions

GitHub Actions help you automate your software development workflows from within GitHub.

Open-source and third-party integrations

There are many open-source and third-party integrations you can install on your AKS cluster. The AKS support policy doesn't cover self-managed installations of the following projects. Some of these projects have managed experiences built on top of them (for example in the case of Prometheus, Grafana, and Istio). These managed experiences are noted in the 'More Details' column.

Important

Open-source software is mentioned throughout AKS documentation and samples. Software you deploy is excluded from AKS service-level agreements, limited warranty, and Azure support. As you utilize open-source technology alongside AKS, consult the support options available from the respective communities and project maintainers to develop a plan.

For example, Ray's GitHub repository describes several platforms that vary in response time, purpose, and support level.

Microsoft takes responsibility for building the open-source packages we deploy on AKS. That responsibility includes having complete ownership of the build, scan, sign, validate, and hotfix process, as well as control over the binaries in container images. For more information, see Vulnerability management for AKS and AKS support coverage.

Name Description More details
Helm An open-source packaging tool that helps you install and manage the lifecycle of Kubernetes applications. Quickstart: Develop on Azure Kubernetes Service (AKS) with Helm
Prometheus Monitoring and alerting toolkit. Managed experience - Azure Monitor managed service for Prometheus; Self-managed experience - Prometheus operator
Grafana Dashboards for observability. Managed experience - [Azure Managed Grafana][managed-grafana]; Self-managed experience - Deploy Grafana on Kubernetes.
Couchbase A distributed NoSQL cloud database. Install Couchbase and the Operator on AKS
OpenFaaS An open-source framework for building serverless functions by using containers. Use OpenFaaS with AKS
Apache Spark An open-source, fast engine for large-scale data processing. Running Apache Spark jobs requires a minimum node size of Standard_D3_v2. For more information on running Spark jobs on Kubernetes, see the running Spark on Kubernetes guide.
Istio Service mesh Managed experience - Istio add-on for AKS; Self-managed experience - Istio open-source installation
Linkerd An open-source service mesh. Linkerd Getting Started
Consul An open-source, identity-based networking solution. Getting Started with Consul Service Mesh for Kubernetes

Third-party integrations for Windows containers

Microsoft collaborates with partners to ensure the build, test, deployment, configuration, and monitoring of your applications perform optimally with Windows containers on AKS.

For more information, see Windows AKS partner solutions.