PixelRobots
commented
1 year ago hey @chasewilson maybe you could answer this one?
Open fabian-ro opened 1 year ago
PixelRobots
commented
1 year ago hey @chasewilson maybe you could answer this one?
marcelloformica
commented
9 months ago Hi, I have the same problem. Was this ever solved? Thanks
fabian-ro
commented
9 months ago Hi @marcelloformica , unfortunately there was no further feedback and I did not find a solution myself. @PixelRobots @chasewilson do you have any updates on this?
microsoft-github-policy-service[bot]
commented
7 months ago Action required from @Azure/aks-pm
microsoft-github-policy-service[bot]
commented
7 months ago Issue needing attention of @Azure/aks-leads
microsoft-github-policy-service[bot]
commented
6 months ago Issue needing attention of @Azure/aks-leads
microsoft-github-policy-service[bot]
commented
6 months ago Issue needing attention of @Azure/aks-leads
microsoft-github-policy-service[bot]
commented
5 months ago Issue needing attention of @Azure/aks-leads
microsoft-github-policy-service[bot]
commented
5 months ago Issue needing attention of @Azure/aks-leads
microsoft-github-policy-service[bot]
commented
4 months ago Issue needing attention of @Azure/aks-leads
microsoft-github-policy-service[bot]
commented
4 months ago Issue needing attention of @Azure/aks-leads
microsoft-github-policy-service[bot]
commented
3 months ago Issue needing attention of @Azure/aks-leads
microsoft-github-policy-service[bot]
commented
3 months ago Issue needing attention of @Azure/aks-leads
microsoft-github-policy-service[bot]
commented
2 months ago Issue needing attention of @Azure/aks-leads
microsoft-github-policy-service[bot]
commented
2 months ago Issue needing attention of @Azure/aks-leads
microsoft-github-policy-service[bot]
commented
1 month ago Issue needing attention of @Azure/aks-leads
microsoft-github-policy-service[bot]
commented
1 month ago Issue needing attention of @Azure/aks-leads
microsoft-github-policy-service[bot]
commented
3 weeks ago Issue needing attention of @Azure/aks-leads
microsoft-github-policy-service[bot]
commented
1 week ago Issue needing attention of @Azure/aks-leads
Scenario We have a hub and spoke network topology, the hub and spoke virtual networks are peered. The hub contains two firewall instances running on VMs and an internal standard load balancer in front of them. The spoke contains AKS in its own virtual network (10.112.130.0/23). The cluster uses Azure CNI for networking. The configured service CIDR for AKS is 10.112.193.0/24. All egress traffic from AKS should be routed through one of the firewall instances. For that, we created a custom route table and associated it with the AKS subnet. The route table contains an "any to firewall" rule (0.0.0.0/0 pointing to the frontend IP of the standard load balancer).
Question Now my question is the following: We see traffic from AKS (10.112.130.0/23) to 10.112.193.0/24 is routed to the firewall instances in the hub, which is not intended. How can we adjust the routing to mitigate this?
A similar question was posted here: https://stackoverflow.com/questions/74470614/will-the-aks-service-cidr-be-routed-to-the-virtual-appliance