azure single vpn gateway for connecting multiple resources in different azure aks cluster
I am having following requirement
Requirement we are currently having multiple azure AKS clusters (dev,uat,staging...) in different vnets. these AKS clusters are deployed using advance networking option through terraform. we need to connect these environment through single vpn gateway.
My understanding and queries as per my understanding we can not create more than one aks cluster in same subet.
if we need to use single vpn gateway for connecting multiple vnets we need to peer all these vnets. it will create non overlapping huge vnet.
Queries
- is single AKS applicable for whole vnet or whole subnet.
- i also assume that it is not possible to use single vpn gateway to connect multiple AKS clusters as it involve Vnet peering and add complexity in terms of networking and kuernates ingress services.
Similar Questions
1 Answer
Actually, we could create more than one aks cluster in the same subnet but It's not recommended to do that since the limited IP address range. I may suggest creating a large enough VNet such as network mask is 8 bit then choose a large subnet for your ask clusters. The screenshots show that two aks clusters name azureaks and azureakstest are deployed into one same subnet in a VNet. 
As far as I know, in theory, you could use a single VPN gateway to connect multiple AKS clusters in different VNets, you need to implement a hub-spoke topology in Azure and configure VPN gateway transit for virtual network peering. But there are some limitations such as Gateway transit is currently not supported with global virtual network peering. Also, If you require connectivity between spokes, consider implementing an NVA for routing in the hub, and using UDRs in the spoke to forward traffic to the hub. It seems complex to do a huge networking architecture. So It's not recommended to do that.