Dapr extension for Azure Kubernetes Service (AKS) and Arc-enabled Kubernetes

Dapr simplifies building resilient, stateless, and stateful applications that run on the cloud and edge and embrace the diversity of languages and developer frameworks. With Dapr's sidecar architecture, you can keep your code platform agnostic while tackling challenges around building microservices, like:

  • Calling other services reliably and securely
  • Building event-driven apps with pub/sub
  • Building applications that are portable across multiple cloud services and hosts (for example, Kubernetes vs. a VM)

Using the Dapr extension to provision Dapr on your AKS or Arc-enabled Kubernetes cluster eliminates the overhead of:

  • Downloading Dapr tooling
  • Manually installing and managing the runtime on your AKS cluster

Additionally, the extension offers support for all native Dapr configuration capabilities through simple command-line arguments.

Note

If you plan on installing Dapr in a Kubernetes production environment, see the Dapr guidelines for production usage documentation page.

How it works

The Dapr extension uses the Azure CLI to provision the Dapr control plane on your AKS or Arc-enabled Kubernetes cluster, creating the following Dapr services:

Dapr service Description
dapr-operator Manages component updates and Kubernetes services endpoints for Dapr (state stores, pub/subs, etc.)
dapr-sidecar-injector Injects Dapr into annotated deployment pods and adds the environment variables DAPR_HTTP_PORT and DAPR_GRPC_PORT to enable user-defined applications to easily communicate with Dapr without hard-coding Dapr port values.
dapr-placement Used for actors only. Creates mapping tables that map actor instances to pods.
dapr-sentry Manages mTLS between services and acts as a certificate authority. For more information, read the security overview.

Once Dapr is installed on your cluster, you can begin to develop using the Dapr building block APIs by adding a few annotations to your deployments. For a more in-depth overview of the building block APIs and how to best use them, see the Dapr building blocks overview.

Warning

If you install Dapr through the AKS or Arc-enabled Kubernetes extension, our recommendation is to continue using the extension for future management of Dapr instead of the Dapr CLI. Combining the two tools can cause conflicts and result in undesired behavior.

Currently supported

Dapr versions

The Dapr extension support varies depending on how you manage the runtime.

Self-managed
For self-managed runtime, the Dapr extension supports:

Self-managed runtime requires manual upgrade to remain in the support window. To upgrade Dapr via the extension, follow the Update extension instance instructions.

Auto-upgrade
Enabling auto-upgrade keeps your Dapr extension updated to the latest minor version. You may experience breaking changes between updates.

Components

Azure + open source components are supported. Alpha and beta components are supported via best effort.

Clouds/regions

Global Azure cloud is supported with Arc support on the following regions:

Region AKS support Arc for Kubernetes support
australiaeast ✔️ ✔️
australiasoutheast ✔️
brazilsouth ✔️
canadacentral ✔️ ✔️
canadaeast ✔️ ✔️
centralindia ✔️ ✔️
centralus ✔️ ✔️
eastasia ✔️ ✔️
eastus ✔️ ✔️
eastus2 ✔️ ✔️
eastus2euap ✔️
francecentral ✔️ ✔️
francesouth ✔️
germanywestcentral ✔️ ✔️
japaneast ✔️ ✔️
japanwest ✔️
koreacentral ✔️ ✔️
koreasouth ✔️
northcentralus ✔️ ✔️
northeurope ✔️ ✔️
norwayeast ✔️
southafricanorth ✔️
southcentralus ✔️ ✔️
southeastasia ✔️ ✔️
southindia ✔️
swedencentral ✔️ ✔️
switzerlandnorth ✔️ ✔️
uaenorth ✔️
uksouth ✔️ ✔️
ukwest ✔️
westcentralus ✔️ ✔️
westeurope ✔️ ✔️
westus ✔️ ✔️
westus2 ✔️ ✔️
westus3 ✔️ ✔️

Prerequisites

Set up the Azure CLI extension for cluster extensions

Install the k8s-extension Azure CLI extension by running the following commands:

az extension add --name k8s-extension

If the k8s-extension extension is already installed, you can update it to the latest version using the following command:

az extension update --name k8s-extension

Register the KubernetesConfiguration service provider

If you haven't previously used cluster extensions, you may need to register the service provider with your subscription. You can check the status of the provider registration using the [az provider list][az-provider-list] command, as shown in the following example:

az provider list --query "[?contains(namespace,'Microsoft.KubernetesConfiguration')]" -o table

The Microsoft.KubernetesConfiguration provider should report as Registered, as shown in the following example output:

Namespace                          RegistrationState    RegistrationPolicy
---------------------------------  -------------------  --------------------
Microsoft.KubernetesConfiguration  Registered           RegistrationRequired

If the provider shows as NotRegistered, register the provider using the az provider register as shown in the following example:

az provider register --namespace Microsoft.KubernetesConfiguration

Create the extension and install Dapr on your AKS or Arc-enabled Kubernetes cluster

When installing the Dapr extension, use the flag value that corresponds to your cluster type:

  • AKS cluster: --cluster-type managedClusters.
  • Arc-enabled Kubernetes cluster: --cluster-type connectedClusters.

Note

If you're using Dapr OSS on your AKS cluster and would like to install the Dapr extension for AKS, read more about how to successfully migrate to the Dapr extension.

Create the Dapr extension, which installs Dapr on your AKS or Arc-enabled Kubernetes cluster.

For example, install the latest version of Dapr via the Dapr extension on your AKS cluster:

az k8s-extension create --cluster-type managedClusters \
--cluster-name myAKSCluster \
--resource-group myResourceGroup \
--name dapr \
--extension-type Microsoft.Dapr \
--auto-upgrade-minor-version false

Targeting a specific Dapr version

Note

Dapr is supported with a rolling window, including only the current and previous versions. It is your operational responsibility to remain up to date with these supported versions. If you have an older version of Dapr, you may have to do intermediate upgrades to get to a supported version.

The same command-line argument is used for installing a specific version of Dapr or rolling back to a previous version. Set --auto-upgrade-minor-version to false and --version to the version of Dapr you wish to install. If the version parameter is omitted, the extension installs the latest version of Dapr. For example, to use Dapr X.X.X:

az k8s-extension create --cluster-type managedClusters \
--cluster-name myAKSCluster \
--resource-group myResourceGroup \
--name dapr \
--extension-type Microsoft.Dapr \
--auto-upgrade-minor-version false \
--version X.X.X

Configuring automatic updates to Dapr control plane

Warning

You can enable automatic updates to the Dapr control plane only in dev or test environments. Auto-upgrade is not suitable for production environments.

If you install Dapr without specifying a version, --auto-upgrade-minor-version is automatically enabled, configuring the Dapr control plane to automatically update its minor version on new releases. You can disable auto-update by specifying the --auto-upgrade-minor-version parameter and setting the value to false. Dapr versioning is in MAJOR.MINOR.PATCH format, which means 1.11.0 to 1.12.0 is a minor version upgrade.

--auto-upgrade-minor-version true

Choosing a release train

When configuring the extension, you can choose to install Dapr from a particular --release-train. Specify one of the two release train values:

Value Description
stable Default.
dev Early releases, can contain experimental features. Not suitable for production.

For example:

--release-train stable

Troubleshooting extension errors

If the extension fails to create or update, try suggestions and solutions in the Dapr extension troubleshooting guide.

Troubleshooting Dapr

Troubleshoot Dapr errors via the common Dapr issues and solutions guide.

Delete the extension

If you need to delete the extension and remove Dapr from your AKS cluster, you can use the following command:

az k8s-extension delete --resource-group myResourceGroup --cluster-name myAKSCluster --cluster-type managedClusters --name dapr

Next Steps