K
Q

Aks is not connecting with keyvault when autoscaling is enabled. We used aks pool identity for connecting Keyvault

4/16/2021

Issue: We have deployed AKS from ARM template with managed identity by using default Kubnet. Auto scaling is disabled while deploying. we have deployed cluster with two node configuration.. Recently one of our Node utilisation reached 95%. We have given a Pod replica as 1. So pod is present on a single node only. To over come this problem we tried to enable autoscaling of node and kept Node min as2 and max as 5. All these autoscaling is enabled from portal. Main Issue is when we enable autoscaling the agentpool identity system assigned managed identity is getting disabled Refer pic 1. Due to which we are not able to connect with key vault.

When ever the Node gets scaled the ASK pool identity system managed is getting disabled. We are using AKS pool System Managed Identity and adding in keyvault access policy. Then we can get values from Keyvault. But when the node is auto scaling system managed identity is getting disabled. So keyvault connection is getting break. Is there any way to connect automatically even autoscales the node?

-- Raja Shekar
azure
azure-aks
kubernetes

Similar Questions

hostnetwork pod - only 1 container should expose to the internet
Azure: Microsoft.Compute resource provider stuck 'Registering' for about a day
Creating kubernetes deployment in gitlab pipeline
"gcloud container clusters create fails" with "container.clusters.create" permission error
can an instance of pilot configured to query both k8s and consul?

0 Answers