K
Q

AKS load balancer static IP assignment not working (stays pending)

10/2/2019

I have a properly working setup on my AKS cluster where I followed the MS docs to use a static IP to create an ingress controller. I have now simply tried to create a similar setup in a separate namespace on the same cluster but the new load balancers EXTERNAL-IP remains <pending>.

When I examine the service I see:

Warning CreatingLoadBalancerFailed 3m29s (x16 over 53m) service-controller Error creating load balancer (will retry): failed to ensure load balancer for service ingress-dev/dev-ingress-nginx-ingress-controller: timed out waiting for the condition

I saw How to fix "failed to ensure lb" error for Nginx ingress but I have all resources (the static IP address) in the same resource group and region as the cluster. The already existing static IP for the LB that's running already is also assigned to the same RG and cluster.

-- Olaf D.
azure
azure-aks
azure-kubernetes
kubernetes-helm
kubernetes-ingress

Similar Questions

Expose folder from a container as a volume in a Kubernetes Pod
Unable to start minikube with Hyper V
Kubernetes inspecting a stopped Pod
Prometheus Operator Expose Ingress Route

3 Answers

12/29/2019

When creating a kubernetes cluster, Azure automatically creates another resource group to hold the VMs that actually power the cluster.
I have noticed, if the static IP is created in the same resource group (as the VMs) it begins to work.

-- Jyotirmoy
Source: StackOverflow
10/2/2019

I'm fairly certain this would be due to the service principal being misconfigured, can you do: kubectl get events --all-namespaces and see if you can find anything that relates to the ingress service that would complain about auth\wrong credentials? alternatively you can just reset service principal credentials in AKS and ensure you got the proper credentials that way.

One more thing you have to ensure is that service principal you are using has right to the resource group where the load balancer is. this should happen by default when you create the cluster, but somebody might have stripped those permissions

just in case comments get deleted: updating AKS to newer version solved this issue

-- 4c74356b41
Source: StackOverflow
11/7/2019

create static IP with "--sku Standard"

STATICIP=$(az network public-ip create --resource-group <MC_your-RG> --name Your-public-ip-name --sku Standard --allocation-method static --query publicIp.ipAddress -o tsv)

And now:

helm install stable/nginx-ingress --name 
--namespace 
--set rbac.create=true 
--set controller.replicaCount=2 
--set controller.stats.enabled=true 
--set controller.metrics.enabled=true 
--set controller.nodeSelector."beta.kubernetes.io/os"=linux 
--set defaultBackend.nodeSelector."beta.kubernetes.io/os"=linux 
--set controller.service.externalTrafficPolicy="Local" 
--set controller.service.loadBalancerIP=${STATICIP}
-- ruedigerk
Source: StackOverflow