2

I have two AKS clusters as primary and secondary in two different regions. I want to use Azure traffic manager for the the Priority based endpoint monitoring and fail-over mechanism on the primary and secondary clusters. I got two services: A and B that routes at the relative path /service-a and /service-b respectively. I have nginx ingress controller on each cluster with PIP mapped to the custom host aks-primary.xyz.com and aks-secondary.xyz.com respectively.

The services are reachable on the below paths:

On Primary Custer:

https://aks-primary.xyz.com/service-a

https://aks-primary.xyz.com/service-b

On secondary cluster:

https://aks-secondary.xyz.com/service-a

https://aks-secondary.xyz.com/service-b

I added the primary and secondary host aks-primary.xyz.com and aks-secondary.xyz.com as the endpoint in the Azure Traffic Manager for priority based routing. I added the probe path /healthz and port 443. My endpoints are online.

I added the custom domain for the ATM FQDN my-atm.trafficmanager.net to aks.xyz.com I am unable to reach to my services on below paths

https://aks.xyz.com/service-a

https://aks.xyz.com/service-b

Please suggest.

Rahul Mohan
  • 493
  • 3
  • 5
  • 18

1 Answers1

4

I got this resolved.

I added the ingress with two hosts on each cluster.

hosts: aks-primary.xyz.com and aks.xyz.com on cluster aks primary.

hosts: aks-secondary.xyz.com and aks.xyz.com on cluster aks secondary.

A sample ingress on cluster aks primary:

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: ingress-with-atm
  annotations:
    kubernetes.io/ingress.class: nginx
spec:
  rules:
  - host: aks-primary.xyz.com
    http:
      paths:
      - backend:
          serviceName: service-a
          servicePort: 80
        path: /service-a
      - backend:
          serviceName: service-b
          servicePort: 80
        path: /service-b
  - host: aks.xyz.com
    http:
      paths:
      - backend:
          serviceName: service-a
          servicePort: 80
        path: /service-a
      - backend:
          serviceName: service-b
          servicePort: 80
        path: /service-b
  tls:
  - hosts:
    - aks-primary.xyz.com
    secretName: tls-secret-wildcard-for-xyz-com
  - hosts:
    - aks.xyz.com
    secretName: tls-secret-wildcard-for-xyz-com`

Cheers!

Amit Baranes
  • 7,398
  • 2
  • 31
  • 53
Rahul Mohan
  • 493
  • 3
  • 5
  • 18