Add-ons, extensions, and other integrations with Azure Kubernetes Service
Azure Kubernetes Service (AKS) provides additional, supported functionality for your cluster using add-ons and extensions. There are also many more integrations provided by open-source projects and third parties that are commonly used with AKS. These open-source and third-party integrations are not covered by the AKS support policy.
Add-ons are a fully supported way to provide extra capabilities for your AKS cluster. Add-ons' installation, configuration, and lifecycle is managed by AKS. Use
az aks enable-addons to install an add-on or manage the add-ons for your cluster.
The following rules are used by AKS for applying updates to installed add-ons:
- Only an add-on's patch version can be upgraded within a Kubernetes minor version. The add-on's major/minor version will not be upgraded within the same Kubernetes minor version.
- The major/minor version of the add-on will only be upgraded when moving to a later Kubernetes minor version.
- Any breaking or behavior changes to the add-on will be announced well before, usually 60 days, for a GA minor version of Kubernetes on AKS.
- Add-ons can be patched weekly with every new release of AKS which will be announced in the release notes. AKS releases can be controlled using maintenance windows and followed using release tracker.
- Add-ons will be upgraded to a new major/minor version (or breaking change) within a Kubernetes minor version if either the cluster's Kubernetes version or the add-on version are in preview.
- It is also possible, in unavoidable circumstances such as CVE security patches or critical bug fixes, that there may be times when an add-on needs to be updated within a GA minor version.
The below table shows the available add-ons.
|http_application_routing||Configure ingress with automatic public DNS name creation for your AKS cluster.||HTTP application routing add-on on Azure Kubernetes Service (AKS)|
|monitoring||Use Container Insights monitoring with your AKS cluster.||Container insights overview|
|virtual-node||Use virtual nodes with your AKS cluster.||Use virtual nodes|
|azure-policy||Use Azure Policy for AKS, which enables at-scale enforcements and safeguards on your clusters in a centralized, consistent manner.||Understand Azure Policy for Kubernetes clusters|
|ingress-appgw||Use Application Gateway Ingress Controller with your AKS cluster.||What is Application Gateway Ingress Controller?|
|open-service-mesh||Use Open Service Mesh with your AKS cluster.||Open Service Mesh AKS add-on|
|azure-keyvault-secrets-provider||Use Azure Keyvault Secrets Provider addon.||Use the Azure Key Vault Provider for Secrets Store CSI Driver in an AKS cluster|
|web_application_routing||Use a managed NGINX ingress Controller with your AKS cluster.||Web Application Routing Overview|
|keda||Event-driven autoscaling for the applications on your AKS cluster.||Simplified application autoscaling with Kubernetes Event-driven Autoscaling (KEDA) add-on|
Cluster extensions build on top of certain Helm charts and provide an Azure Resource Manager-driven experience for installation and lifecycle management of different Azure capabilities on top of your Kubernetes cluster. For more details on the specific cluster extensions for AKS, see Deploy and manage cluster extensions for Azure Kubernetes Service (AKS). For more details on the currently available cluster extensions, see Currently available extensions.
Difference between extensions and add-ons
Both extensions and add-ons are supported ways to add functionality to your AKS cluster. When you install an add-on, the functionality is added as part of the AKS resource provider in the Azure API. When you install an extension, the functionality is added as part of a separate resource provider in the Azure API.
GitHub Actions helps you automate your software development workflows from within GitHub. For more details on using GitHub Actions with Azure, see What is GitHub Actions for Azure. For an example of using GitHub Actions with an AKS cluster, see Build, test, and deploy containers to Azure Kubernetes Service using GitHub Actions.
Open source and third-party integrations
You can install many open source and third-party integrations on your AKS cluster, but these open-source and third-party integrations are not covered by the AKS support policy.
The below table shows a few examples of open-source and third-party integrations.
|Helm||An open-source packaging tool that helps you install and manage the lifecycle of Kubernetes applications.||Quickstart: Develop on Azure Kubernetes Service (AKS) with Helm|
|Prometheus||An open source monitoring and alerting toolkit.||Container insights with metrics in Prometheus format, Prometheus Helm chart|
|Grafana||An open-source dashboard for observability.||Deploy Grafana on Kubernetes or use Managed Grafana|
|Couchbase||A distributed NoSQL cloud database.||Install Couchbase and the Operator on AKS|
|OpenFaaS||An open-source framework for building serverless functions by using containers.||Use OpenFaaS with AKS|
|Apache Spark||An open source, fast engine for large-scale data processing.||Running Apache Spark jobs requires a minimum node size of Standard_D3_v2. See running Spark on Kubernetes for more details on running Spark jobs on Kubernetes.|
|Istio||An open-source service mesh.||Istio Installation Guides|
|Linkerd||An open-source service mesh.||Linkerd Getting Started|
|Consul||An open source, identity-based networking solution.||Getting Started with Consul Service Mesh for Kubernetes|