AKS icon indicating copy to clipboard operation
AKS copied to clipboard
verified publisher icon Azure

Static egress for AKS Deployment

Open swapnilpotnis opened this issue 5 years ago • 15 comments

Public Preview ETA: 10/14/2024 *

  • ETA is only an estimation, this date could change but will be updated if it does.

What happened: I have a Public IP(for.eg PUB_IP_2) Based Load Balancer assigned to a service(for.eg SRV_1) in AKS.
Lets say that service SRV_1 is calling another Service(SRV_XYZ) which is outside AKS and gets some response back. The outside service (SRV_XYZ) allows calls only from IP Address(PUB_IP_2) but it actually receives call from the Public IP(for.e.g PUB_IP_1) of AKS Cluster

What you expected to happen: A mechanism to specify that any incoming call coming to PUB_IP_2 should be forwarded to the intended places(say outside AKS cluster places) by PUB_IP_2 only and not by AKS Public IP(PUB_IP_1)

How to reproduce it (as minimally and precisely as possible):

  1. Create Public IP Based AKS Cluster
  2. Create a Service inside it having Public IP Based Load Balancer

Anything else we need to know?:

Environment:

  • Kubernetes version (use kubectl version): 1.18
  • Size of cluster (how many worker nodes are in the cluster?) 1
  • General description of workloads in the cluster (e.g. HTTP microservices, Java app, Ruby on Rails, machine learning, etc.)
  • Others:

swapnilpotnis avatar Sep 30 '20 12:09 swapnilpotnis

Hi swapnilpotnis, AKS bot here :wave: Thank you for posting on the AKS Repo, I'll do my best to get a kind human from the AKS team to assist you.

I might be just a bot, but I'm told my suggestions are normally quite good, as such:

  1. If this case is urgent, please open a Support Request so that our 24/7 support team may help you faster.
  2. Please abide by the AKS repo Guidelines and Code of Conduct.
  3. If you're having an issue, could it be described on the AKS Troubleshooting guides or AKS Diagnostics?
  4. Make sure your subscribed to the AKS Release Notes to keep up to date with all that's new on AKS.
  5. Make sure there isn't a duplicate of this issue already reported. If there is, feel free to close this one and '+1' the existing issue.
  6. If you have a question, do take a look at our AKS FAQ. We place the most common ones there!

ghost avatar Sep 30 '20 12:09 ghost

Triage required from @Azure/aks-pm

ghost avatar Oct 02 '20 18:10 ghost

Action required from @Azure/aks-pm

ghost avatar Oct 07 '20 19:10 ghost

Issue needing attention of @Azure/aks-leads

ghost avatar Oct 23 '20 00:10 ghost

Action required from @Azure/aks-pm

ghost avatar Apr 27 '21 16:04 ghost

Issue needing attention of @Azure/aks-leads

ghost avatar May 12 '21 18:05 ghost

Issue needing attention of @Azure/aks-leads

ghost avatar May 28 '21 00:05 ghost

Issue needing attention of @Azure/aks-leads

ghost avatar Jun 12 '21 06:06 ghost

Issue needing attention of @Azure/aks-leads

ghost avatar Jun 27 '21 12:06 ghost

Issue needing attention of @Azure/aks-leads

ghost avatar Jul 12 '21 18:07 ghost

Issue needing attention of @Azure/aks-leads

ghost avatar Jul 28 '21 00:07 ghost

Issue needing attention of @Azure/aks-leads

ghost avatar Aug 12 '21 06:08 ghost

Issue needing attention of @Azure/aks-leads

ghost avatar Aug 27 '21 12:08 ghost

The load balancer IP addresses that are part of the outbound pool are all used by the backend pool, this means any of them can be used, you can't control/specify a specific one per service. This is a feature request we're looking into, which allows you to specify specific egress IPs per service.

A way to do this soon is when we release multiple load balancer support #2174, you can add a specific LB (and respective outbound IP) per nodepool.

palma21 avatar Sep 15 '21 16:09 palma21

Thanks for reaching out. I'm closing this issue as it was marked with "Answer Provided" and it hasn't had activity for 2 days.

ghost avatar Sep 23 '22 00:09 ghost