Open olee opened 4 months ago
walvarado-applaudo
commented
4 months ago Hi There, AzureIngressProhibitedTarget is a custom resource used by helm, afaik, enable-addon is only useful if you looking to setup AGIC for AKS only (No shared can be used since AGIC is fully managed by AKS), thus, if your looking for a shared configuration you should go for helm.
olee
commented
3 months ago Actually, I managed to resolve this by manually patching the configuration deployed through the addon. These were the steps I followed:
AzureIngressProhibitedTarget with the yaml from the chartingress-appgw-cm config map and set APPGW_ENABLE_SHARED_APPGW: true.
I did this through pulumi by creating a ConfigMapPatch resource:
ConfigMapPatch("appgw-ingress-shared-mode", {
metadata: {
name: "ingress-appgw-cm",
namespace: "kube-system",
},
data: {
APPGW_ENABLE_SHARED_APPGW: "true",
},
}Afterwards, the shared gateway was working correctly iirc (we are not using it yet, because we are busy with other stuff and are still evaluating out transition from the current ingress to appgw). So as far as I can see it, this is just an issue of the shared option not being available through the addon.
PS: I also created an issue for the documentation on brownfield deployments over at microsoft to be updated to tell users that shared mode will not be used and all existing configuration would be overwritten once the ingress controller is enabled: https://github.com/MicrosoftDocs/azure-docs/issues/119676
Describe the bug I installed the application gateway incress controller through the
az aks enable-addoncommand. Now I wanted to add a configuration withAzureIngressProhibitedTarget, however my cluster reports that this resource type does not exist:Do I have to use the helm chart to make this usable in some way and is it not possible to use the azure aks addon? I searched through the github respository and other sources but couldn't find any explanation on this.