Overview of node auto-provisioning (NAP) in Azure Kubernetes Service (AKS)

This article provides an overview of node auto-provisioning (NAP) in Azure Kubernetes Service (AKS), including how it works, upgrade behavior, prerequisites, limitations, and resources to get started.

What is node auto-provisioning in AKS?

When you deploy workloads onto AKS, you need to select the appropriate virtual machine (VM) size as part of your node pool configuration. As your workloads become more complex, you might have different workloads with varying resource requirements, which makes it more difficult to design your VM configuration for numerous resource requests.

Node auto-provisioning (NAP) simplifies this process by automatically provisioning and managing the optimal VM configuration for your workloads. NAP uses pending pod resource requirements to decide the optimal VM configuration to run your workloads in the most efficient and cost-effective manner.

NAP automatically deploys, configures, and manages Karpenter on your AKS clusters and is based on the open-source Karpenter and AKS Karpenter provider projects.

How does node auto-provisioning work?

Node auto-provisioning provisions, scales, and manages VMs (nodes) in a cluster in response to pending pod pressure.

Key components of node auto-provisioning

NAP uses the following key components to help manage your cluster's nodes:

Component	Description
`NodePool` and `AKSNodeClass`	Custom Resource Definitions (CRDs) that you create and manage to define node provisioning policies, VM specifications, and constraints for your workloads.
`NodeClaims`	Managed by NAP to represent the current state of provisioned nodes that you can monitor.
Workload resource requirements	CPU, memory, and other specifications from your Pods, Deployments, Jobs, and other Kubernetes resources that drive provisioning decisions.

Kubernetes upgrade behavior for node auto-provisioning nodes

Kubernetes upgrades for node auto-provisioning nodes follow the control plane Kubernetes version. If you perform a cluster upgrade, your nodes are automatically updated to follow the same versioning as your control plane.

We recommend setting a Kubernetes auto-upgrade channel, which automatically handles Kubernetes upgrades for your cluster. We also recommend setting a planned maintenance window for your cluster. The aksManagedAutoUpgradeSchedule maintenance window allows you to control when to perform cluster upgrades scheduled by your designated auto-upgrade channel. For more information, see Use planned maintenance to schedule and control upgrades for your Azure Kubernetes Service (AKS) cluster.

Prerequisites

To use node auto-provisioning in AKS, you need the following prerequisites:

An Azure subscription. If you don't have one, you can create a free account.
Azure CLI version 2.76.0 or later. To find the version, run az --version. For more information about installing or upgrading the Azure CLI, see Install Azure CLI.

Limitations and unsupported features

The following limitations and unsupported features apply to node auto-provisioning in AKS:

You can't enable NAP on clusters enabled with the cluster autoscaler.
Windows node pools aren't supported.
IPv6 clusters aren't supported.
Service principals aren't supported. You can use either a system-assigned or user-assigned managed identity.
Disk Encryption Sets aren't supported.
Custom certificate authority (CA) certificates aren't supported.
You can't stop a cluster enabled with NAP.
HTTP proxy isn't supported.
You can't change the cluster egress outbound type after you create a cluster enabled with NAP.
When creating a NAP cluster in a custom virtual network (VNet), you must use a Standard Load Balancer. The Basic Load Balancer isn't supported.

Get started with node auto-provisioning on AKS

The following resources help you get started with node auto-provisioning on AKS:

Feedback

Was this page helpful?

Last updated on 2025-10-30