how to provide inbound access from public internet to an app hosted in an Azure private kubernetes cluster

5/28/2020

I deployed an application in an Azure K8S cluster, using NGINX as gateway, with a public static IP, based on AKS & PUBLIC-IP and on AKS & NGINX.

Now I need to deploy the application in an Azure private cluster, ie, running in a private vnet (see CREATE PRIVATE AKS); attempting to assign a public static IP to NGINX does not work, which can be expected as the load-balancer expects a private IP, not a public IP.

How can I provide inbound access to my app hosted in a private cluster, using NGINX and a public static IP?

-- haddock
azure
kubernetes
nginx-ingress

2 Answers

5/29/2020

Based on your description i understand that you want to have ingress traffic through your NGINX ingress controller which has a Loadbalancer service with static IP. If your deployment is correctly configured the a Loadbalancer service should be assigned to your NGINX ingress controller with a public IP. Since i dont know your namespaces, naming of deployments etc try:

kubectl get services --all-namespaces | grep -i loadbalancer

You should be able to find that an nginx loadbalancer service has a public IP. Now since NGINX is your ingress controller this means that you have a Layer 7 loadbalancer as ingress so you need to create an ingress route to your application running in AKS. This is documented here from Azure NGINX ingress but also here Ingress K8s

-- Christos Arvanitis
Source: StackOverflow

5/28/2020

As stated in the comment above you can do the same via Application Gateway in Azure. But if you are going to only use AKS you might want to just use Application Gateway as your ingress controller which is already created with the private cluster.

Please follow this to achieve the same https://microsoft.github.io/AzureTipsAndTricks/blog/tip256.html

-- redzack
Source: StackOverflow