2

My client is currently evulating AKS which seems to be really promising. Our current platform is based on Azure VM's we provision ourselves. We would like to create private communication between both our existing platform and the managed AKS cluster but so far that does not seem to be supported yet.

Some example use cases for us are: - Proxying incoming HTTP traffic via our main entrypoint, a Varnish server, to the new AKS environment so we don't have to change url's - Accessing non publically exposed API's from the AKS environment

Right now the AKS cluster is it's a different subscription and resource group than other parts of our platform. The main reason we we can't connect though seems to be that it's not possible to specify which private IP range should be used when creating an AKS cluster.

Is there support planned for this or is there a reliable workaround?

Lucas van Lierop
  • 21
  • 2

1 Answers1

1

Thanks for the inquiry, there's a workaround for the stated case, it's through the use of ACS Engine, "ACS Engine, for Azure Container Service Engine, is a CLI tool that helps to generate Azure Resource Manager templates to deploy Docker enabled clusters on Microsoft Azure. It works with all the orchestrators supported by ACS: Docker Swarm, Mesosphere DC/OS and Kubernetes"

So using this solution will allow you to integrate Azure Container Service Cluster into an existing Virtual Network.More details and step by step guide can be found here: https://blogs.msdn.microsoft.com/jcorioland/2017/01/10/how-to-integrate-a-new-azure-container-service-cluster-into-an-existing-virtual-network-using-acs-engine/

Adam Smith - Microsoft Azure
  • 2,495
  • 2
  • 12
  • 24
  • (Somehow my original comment was not saved) I guess this means this will not result in a managed cluster? Will the update and scale commands of the az CLI still work, and will they respect the private IP range as provided on creation? – Lucas van Lierop Dec 21 '17 at 12:30
  • @LucasvanLierop no worries, I haven't tried the CLI for scaling with this specific solution, so i'm not sure if it will work, though i'm a little positive since if i'm not wrong , it's done based on the resource group then then container service. I'd recommend doing testing through the free credit/trial azure account before implementing it directly in Prod. – Adam Smith - Microsoft Azure Dec 21 '17 at 21:18
  • We'll try that! – Lucas van Lierop Dec 22 '17 at 12:14