Add-ons, extensions, and other integrations with Azure Kubernetes Service

Azure Kubernetes Service (AKS) provides additional, supported functionality for your cluster using add-ons and extensions. There are also many more integrations provided by open-source projects and third parties that are commonly used with AKS. These open-source and third-party integrations are not covered by the AKS support policy.


Add-ons are a fully supported way to provide extra capabilities for your AKS cluster. Add-ons' installation, configuration, and lifecycle is managed by AKS. Use az aks enable-addons to install an add-on or manage the add-ons for your cluster.

The following rules are used by AKS for applying updates to installed add-ons:

  • Only an add-on's patch version can be upgraded within a Kubernetes minor version. The add-on's major/minor version will not be upgraded within the same Kubernetes minor version.
  • The major/minor version of the add-on will only be upgraded when moving to a later Kubernetes minor version.
  • Any breaking or behavior changes to the add-on will be announced well before, usually 60 days, for a GA minor version of Kubernetes on AKS.
  • Add-ons can be patched weekly with every new release of AKS which will be announced in the release notes. AKS releases can be controlled using maintenance windows and followed using release tracker.


  • Add-ons will be upgraded to a new major/minor version (or breaking change) within a Kubernetes minor version if either the cluster's Kubernetes version or the add-on version are in preview.
  • It is also possible, in unavoidable circumstances such as CVE security patches or critical bug fixes, that there may be times when an add-on needs to be updated within a GA minor version.

Available add-ons

The below table shows the available add-ons.

Name Description More details
http_application_routing Configure ingress with automatic public DNS name creation for your AKS cluster. HTTP application routing add-on on Azure Kubernetes Service (AKS)
monitoring Use Container Insights monitoring with your AKS cluster. Container insights overview
virtual-node Use virtual nodes with your AKS cluster. Use virtual nodes
azure-policy Use Azure Policy for AKS, which enables at-scale enforcements and safeguards on your clusters in a centralized, consistent manner. Understand Azure Policy for Kubernetes clusters
ingress-appgw Use Application Gateway Ingress Controller with your AKS cluster. What is Application Gateway Ingress Controller?
open-service-mesh Use Open Service Mesh with your AKS cluster. Open Service Mesh AKS add-on
azure-keyvault-secrets-provider Use Azure Keyvault Secrets Provider addon. Use the Azure Key Vault Provider for Secrets Store CSI Driver in an AKS cluster
web_application_routing Use a managed NGINX ingress Controller with your AKS cluster. Web Application Routing Overview
keda Event-driven autoscaling for the applications on your AKS cluster. Simplified application autoscaling with Kubernetes Event-driven Autoscaling (KEDA) add-on


Cluster extensions build on top of certain Helm charts and provide an Azure Resource Manager-driven experience for installation and lifecycle management of different Azure capabilities on top of your Kubernetes cluster. For more details on the specific cluster extensions for AKS, see Deploy and manage cluster extensions for Azure Kubernetes Service (AKS). For more details on the currently available cluster extensions, see Currently available extensions.

Difference between extensions and add-ons

Both extensions and add-ons are supported ways to add functionality to your AKS cluster. When you install an add-on, the functionality is added as part of the AKS resource provider in the Azure API. When you install an extension, the functionality is added as part of a separate resource provider in the Azure API.

GitHub Actions

GitHub Actions helps you automate your software development workflows from within GitHub. For more details on using GitHub Actions with Azure, see What is GitHub Actions for Azure. For an example of using GitHub Actions with an AKS cluster, see Build, test, and deploy containers to Azure Kubernetes Service using GitHub Actions.

Open source and third-party integrations

You can install many open source and third-party integrations on your AKS cluster, but these open-source and third-party integrations are not covered by the AKS support policy.

The below table shows a few examples of open-source and third-party integrations.

Name Description More details
Helm An open-source packaging tool that helps you install and manage the lifecycle of Kubernetes applications. Quickstart: Develop on Azure Kubernetes Service (AKS) with Helm
Prometheus An open source monitoring and alerting toolkit. Container insights with metrics in Prometheus format, Prometheus Helm chart
Grafana An open-source dashboard for observability. Deploy Grafana on Kubernetes or use Managed Grafana
Couchbase A distributed NoSQL cloud database. Install Couchbase and the Operator on AKS
OpenFaaS An open-source framework for building serverless functions by using containers. Use OpenFaaS with AKS
Apache Spark An open source, fast engine for large-scale data processing. Running Apache Spark jobs requires a minimum node size of Standard_D3_v2. See running Spark on Kubernetes for more details on running Spark jobs on Kubernetes.
Istio An open-source service mesh. Istio Installation Guides
Linkerd An open-source service mesh. Linkerd Getting Started
Consul An open source, identity-based networking solution. Getting Started with Consul Service Mesh for Kubernetes