0

We have a K8s cluster on Azure (AKS) with Azure CNI networking. We specified the IP range with this CIDR: 10.131.0.0/22

So the IP range of pods between 10.131.0.0 and 10.131.3.255. These are my internal IP's. And there is no problem until here.

I want to give a simplified example to express my problem:

Let's imagine a pod called pod1 in this cluster. Inside this pod, I want to access the outside world. Like curl myapi.com (myapi.com is a public web site and it's not related with this cluster).

Also imagine myapi.com has a public IP like 10.131.0.166 which is overlapping my internal IP address range. How can I force pod1 to access this public IP rather than routing another pod within this cluster?

Mustafa Sadedil
  • 180
  • 2
  • 11
  • 10.x.x.x is a private network address. No public server can use that address – Burak Serdar Nov 25 '20 at 21:36
  • Yes I know, because of this I've emphasise as the "simplified example". Actual problem is more complex. It's between AKS <-> Side to Side VPN <-> Another On-Prem network. – Mustafa Sadedil Nov 25 '20 at 22:28
  • Ideally, you have to allocate separate address ranges for the two networks, and setup routing to support that. For instance, 10.131.0.0 for one network, and 10.132.0.0 for the other. As a hack, you can try setting up routes for the specific remote hosts so those hosts can be found, and then create a k8s service with those IP addresses so they won't be allocated within the cluster. I never tried this, I don't know if this would work. – Burak Serdar Nov 25 '20 at 22:39
  • Ideal part is not suitable for us, because another private network is not under our control. But hacky way can solve our problem, I need to do some researches to setting a route for a specific IP. Thanks for suggestion. – Mustafa Sadedil Nov 25 '20 at 22:45

0 Answers0