Add public static IP support guide

[gkaleta]

Something along (or manually in the portal):

az network public-ip create \ --name TestPIP \ --resource-group TestRG \ --location centralus \ --allocation-method Static

---

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

• ID: ada58160-dc50-b977-d3bc-65f92406e16d
• Version Independent ID: 5c596e04-fddb-effe-3b72-575f4df42d4e
• Content: Configure ingress with Azure Kubernetes Service (AKS) cluster
• Content Source: articles/aks/ingress.md
• Service: container-service
• GitHub Login: @iainfoulds
• Microsoft Alias: iainfou

[mimckitt]

Thanks for the feedback! I have assigned the issue to the content author to investigate further and update the document as appropriate.

[iainfoulds]

Thanks for reaching out, @gkaleta. Are you meaning in terms of showing how you could create a static public IP address and assign that to the NGINX ingress controller?

[iainfoulds]

Hi @gkaleta, any additional information you can provide here? If you are wanting to create and assign a static IP address to the ingress controller, we already have a backlog work item to create this doc which is scheduled to publish mid-end of August. Is there something else that you were wanting here?

[gkaleta]

Sorry for the late reply. In general for production environments we need to ensure that we have a static ip. If you do not specify it will assign a dynamic ip which can change if you are unlucky. This did happen to a customer of mine hence the request. I could basically just add the PR my self.

[iainfoulds]

@gkaleta If you want to create a PR, you certainly can. Depending on the scope, it can just be included in-line with this existing ingress doc. Part of the existing work item was to also show how to specify your SSL certs rather than using Let's Encrypt, hence it was a little more time consuming. Both, I think, are valid scenarios to cover.

[gkaleta]

I was thinking about asigning static IP to the load balancer (or secondly ingress controller...) if that makes sense?

[iainfoulds]

For just a load balancer, we already have docs for using a static IP address - https://docs.microsoft.com/en-us/azure/aks/static-ip. Do they help? Otherwise, we're already planning on a doc as noted before that shows how to use a static public IP address on an ingress controller.

[gkaleta]

We could basically just link to that URL - just as long as we remind customers to set static IP's.

[justinhauer]

@iainfoulds I want to create an ingress controller for my AKS cluster that has an external IP, of an IP within my vnet, not the public internet, this seems like a pretty standard use case that isn't being covered in your documentation. (use case being I want to expose my cluster to different things within my network but not the open internet) I have found the following command which I understand would override the IP given from values.yaml: helm install stable/nginx-ingress --set service.loadBalancerIP="x.x.x.x" but it still does not give me an IP within my network. How can I go about creating an ingress controller with an IP within my vnet?

[bremnes]

@jdogg89 , have you checked out https://docs.microsoft.com/en-us/azure/aks/internal-lb ? From the nginx helm chart it looks like you can add the required annotation to the service: service.beta.kubernetes.io/azure-load-balancer-internal: "true". (Let me know if it works, it's an interesting challenge.)

[iainfoulds]

@gkaleta The doc has been updated with steps to show to create/use a static public IP address. This should publish later on this afternoon.

please-close

[mike-urnun-msft]

@gkaleta We will now proceed to close this thread. If there are further questions regarding this matter, please reopen it and we will gladly continue the discussion.

[justinhauer]

Please close, thank you

Thanks,

Justin Hauer

On Aug 18, 2018, at 9:27 PM, Mike Urnun notifications@github.com wrote:

@gkaleta We will now proceed to close this thread. If there are further questions regarding this matter, please reopen it and we will gladly continue the discussion.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.