I have configured two different applications ( SEQ and MockServer ) on Azure AKS service. They are both working correctly from internet but can not access them from Azure Web Service. It also can not be accessed from Azure CLI. Below my
apiVersion: apps/v1
kind: Deployment
metadata:
name: mockserver-deployment
labels:
app: mockserver
spec:
replicas: 1
selector:
matchLabels:
app: mockserver
template:
metadata:
labels:
app: mockserver
spec:
containers:
- name: mockserver
image: jamesdbloom/mockserver
env:
- name: LOG_LEVEL
value: "INFO"
ports:
- containerPort: 1080
imagePullSecrets:
- name: my-secret
---
kind: Service
apiVersion: v1
metadata:
name: mockserver-service
spec:
selector:
app: mockserver
loadBalancerIP: 51.136.53.26
type: LoadBalancer
loadBalancerSourceRanges:
# from Poland
- 62.87.152.154/32
- 83.30.150.205/32
- 80.193.73.114/32
- 195.191.163.0/24
# from AppCenter test
- 195.249.159.0/24
- 195.0.0.0/8
# from Marcin K home
- 95.160.157.0/24
- 93.105.0.0/16
ports:
- port: 1080
targetPort: 1080
name: mockserverThe best approach is to use VNET integration for your AppService (https://docs.microsoft.com/en-us/azure/app-service/web-sites-integrate-with-vnet) combined with an internal LoadBalancer-type Service (https://docs.microsoft.com/en-us/azure/aks/internal-lb). This way the communication between the app service and AKS will flow only via the internal VNET. Note that you can have also an external LB service like the one you already have; you can have multiple services serving traffic to the same set of pods.