Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Cluster extensions provide an Azure Resource Manager driven experience for installation and lifecycle management of services like Azure Machine Learning or Kubernetes applications on an AKS cluster. This feature enables:
- Azure Resource Manager-based deployment of extensions, including at-scale deployments across AKS clusters.
- Lifecycle management of the extension (Update, Delete) from Azure Resource Manager.
Categories of cluster extensions
There are two categories of cluster extensions, Core and Standard that can be deployed onto AKS clusters.
Core extensions
Core Kubernetes extensions have broader region availability, a more integrated AKS experience, and release alignment to AKS version releases. Azure Backup is a core extension.
AKS native experience
Core extensions can be managed using az aks CLI command.
az aks extension create \
--name <core extension name> \
--extension-type <type> \
--cluster-name <name> \
--resource-group <group>
For more information about the commands, see az aks.
Release policy
Minor and major upgrades of core extensions occur alongside AKS minor and major version updates to avoid introducing breaking changes and provide better reliability.
Standard extensions
For information about the other cluster extensions, see the table in Currently available extensions and the Kubernetes apps deployed via Azure Marketplace are of the Standard Extension type.
Standard extensions can be managed using the az k8s-extension CLI command. For more information, see Deploy and manage cluster extensions by using Azure CLI.
az k8s-extension create \
--name <standard extension name> \
--extension-type <extension-type> \
--scope cluster \
--cluster-name <clusterName> \
--resource-group <resourceGroupName> \
--cluster-type managedClusters
Cluster extension requirements
The cluster extensions platform is supported in all regions where AKS is deployed, except Qatar Central and US air gapped clouds. Although the platform is available in all regions, check the region availability for individual extensions.
Important
Ensure that your AKS cluster is created with a managed identity, as cluster extensions don't work with service principal-based clusters.
For new clusters created with az aks create, managed identity is configured by default. For existing service principal-based clusters that need to be switched over to managed identity, it can be enabled by running az aks update with the --enable-managed-identity flag. For more information, see Use managed identity.
Note
If you enabled Microsoft Entra pod-managed identity on your AKS cluster or are considering implementing it, we recommend you first review Workload identity overview to understand our recommendations and options to set up your cluster to use a Microsoft Entra Workload ID (preview). This authentication method replaces pod-managed identity (preview), which integrates with the Kubernetes native capabilities to federate with any external identity providers. The open source Microsoft Entra pod-managed identity (preview) in Azure Kubernetes Service was deprecated as of October 24, 2022.
Currently available extensions
| Extension | Description |
|---|---|
| Dapr | Dapr is a portable, event-driven runtime that makes it easy for any developer to build resilient, stateless, and stateful applications that run on cloud and edge. |
| Azure App Configuration | Use Azure App Configuration to centrally manage application settings and feature flags. |
| Azure Machine Learning | Use Azure Kubernetes Service clusters to train, inference, and manage machine learning models in Azure Machine Learning. |
| Flux (GitOps) | Use GitOps with Flux to manage cluster configuration and application deployment. See also supported versions of Flux (GitOps) and Tutorial: Deploy applications using GitOps with Flux v2. |
| Azure Container Storage | Use Azure Container Storage to manage block storage on AKS clusters to store data in persistent volumes. |
| Azure Backup for AKS | Use Azure Backup for AKS to protect your containerized applications and data stored in Persistent Volumes deployed in the AKS clusters. |
You can also select and deploy Kubernetes applications available through Marketplace.
Note
Cluster extensions provide a platform for different extensions to be installed and managed on an AKS cluster. If you're facing issues while using any of these extensions, open a support ticket with the respective service.
Next steps
- Learn how to deploy cluster extensions by using Azure CLI.
- Read about cluster extensions.
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
Azure Kubernetes Service