I have an AKS cluster in dev-test resource group on Azure. One of the services running there – api-service needs to connect to a service running on a VM outside the cluster, in the same resource group – let’s call that elk-vm.
The api-service app takes some configmap that has the address of elk-vm. No matter how I state the address (public IP, DNS name or VM name), the connection gets timed out. The elk-vm is accessible from other VMs in dev-test but this doesn’t seem to apply to AKS nodes.
I guess my problem is lack of understanding how to properly configure AKS networking for that. From the Azure docs I understood that as long as those two were in the same resource group (dev-test) they should be able to see each other.
I’ve tried to use public IP of the elk-VM in the config so that api-service can call it even if they’re not in the same virtual network but this doesn’t work either.
2
Answers
The issue was that there seems to be no way of adding an existing AKS cluster to a virtual network the same way that the "Bring Your Own Virtual Network" option does when creating the cluster.
Since the BYOVN is only available when creating a cluster I needed to create a new one with this setting:
--vnet-subnet-id $SUBNET_ID, where$SUBNET_IDwas from the virtual network I wanted to connect in the first place.It could depend how AKS is set up: basic or advanced (CNI) networking configuration. In the CNI mode, pods get an IP from the subnet, which simplifies communication with other resources in the same VNet