如何仅将一个静态公共 IP 分配给 AKS-multiAZ Loadbalancer
[英]How to assign only one static public IP to AKS-multiAZ Loadbalancer
问题描述
I'm setting up a multi-AZ AKS cluster, I would like to assign a static public IP that I created to this loadbalancer.
我正在设置一个多可用区 AKS 集群,我想将我创建的静态公共 IP 分配给此负载均衡器。 Here is what I have :这是我所拥有的:
#### Creating a Public static IP ####
resource "azurerm_public_ip" "lb-public-ip1" {
name = "${var.public_ip_name}"
location = "${var.location}"
resource_group_name = "${var.resource_group_name}"
allocation_method = "Static"
ip_version = "IPv4"
sku = "standard"
#domain_name_label =
tags = {
Environment = "${var.environment}"
owner = "${var.resource_owner}"
created-by = "${var.policy_created_by}"
}
depends_on = ["null_resource.module_depends_on"]
}
data "azurerm_public_ip" "lb-public-ip1" {
name = "${azurerm_public_ip.lb-public-ip1.name}"
resource_group_name = "${azurerm_public_ip.lb-public-ip1.resource_group_name}"
depends_on = ["null_resource.module_depends_on"]
}
resource "null_resource" "module_depends_on" {
triggers = {
value = "${length(var.module_depends_on)}"
}
}
#### Creating AKS Cluster ####
resource "azurerm_kubernetes_cluster" "k8s" {
name = "${var.cluster_name}"
location = "${var.location}"
resource_group_name = "${var.resource_group_name}"
dns_prefix = "${var.dns_prefix}"
kubernetes_version = "1.14.8"
linux_profile {
admin_username = "ubuntu"
ssh_key {
key_data = "${var.key_data}"
}
}
default_node_pool {
availability_zones = ["1","2"]
enable_auto_scaling = true
enable_node_public_ip = false
max_count = "8"
min_count = "2"
name = "default"
node_count = "${var.node_count}"
os_disk_size_gb = "${var.os_disk_size}"
type = "VirtualMachineScaleSets"
vm_size = "Standard_DS2_v2"
}
role_based_access_control {
enabled = true
}
service_principal {
client_id = "${var.client_id}"
client_secret = "${var.client_secret}"
}
addon_profile {
kube_dashboard {
enabled = true
}
oms_agent {
enabled = "${var.oms_agent_activation}"
log_analytics_workspace_id = "${var.log_analytics_workspace_id}"
}
}
network_profile {
network_plugin = "kubenet"
load_balancer_sku = "Standard"
load_balancer_profile {
outbound_ip_address_ids = [ "${azurerm_public_ip.lb-public-ip1.id}" ]
}
}
tags = {
Environment = "${var.environment}"
Name = "${var.cluster_name}"
owner = "${var.resource_owner}"
created-by = "${var.policy_created_by}"
}
depends_on = [azurerm_public_ip.lb-public-ip1]
}
With this setup, it created an AKS cluster and LoadBalancer called kubernetes and assigned that static public IP which I created to the LoadBalancer without any assigned LB rules and I can see under the "Frontend IP configuration" that it has also created another IP and all the LoadBalancer rules and HealthProbes are assigned to that IP which is created automatically.通过此设置,它创建了一个名为 kubernetes 的 AKS 集群和 LoadBalancer,并将我创建的静态公共 IP 分配给了 LoadBalancer,而没有任何分配的 LB 规则,我可以在“前端 IP 配置”下看到它还创建了另一个 IP 和所有LoadBalancer 规则和 HealthProbe 被分配给自动创建的 IP。 Besides it is also created two backend pools: kubernetes (2 VMs) and aksOutboundBackendPool(2 VMs)此外,它还创建了两个后端池:kubernetes(2 个虚拟机)和 aksOutboundBackendPool(2 个虚拟机)
in Azure doc it says: "By default, one public IP will automatically be created in the same resource group as the AKS cluster, if NO public IP, public IP prefix, or number of IPs is specified."在 Azure 文档中,它说:“默认情况下,如果没有指定公共 IP、公共 IP 前缀或 IP 数量,则会在与 AKS 群集相同的资源组中自动创建一个公共 IP。” but in my case I have specified the PublicIP!但就我而言,我已经指定了 PublicIP!
I'm wondering Why did it create another IP itself?我想知道为什么它自己创建了另一个 IP? how can I skip that automatic created IP and only use the IP that I have created and assigned to loadbalancer-profile and how AKS can assign the LoadBalancer rules and health probes to that IP which I assigned?如何跳过自动创建的 IP,仅使用我创建并分配给负载均衡器配置文件的 IP,以及 AKS 如何将负载均衡器规则和运行状况探测分配给我分配的 IP?
What is the need of having multiple public IP?拥有多个公网IP有什么需要?
At the end, I'm gonna use that assigned PublicIP to istio ingress gateway.最后,我将使用分配给 istio 入口网关的 PublicIP。 That's why I need only one specific public IP.这就是为什么我只需要一个特定的公共 IP。
Also which Backend Pool should I use?另外我应该使用哪个后端池?
I just need an AKS cluster with high availability for Prod Env in case if the cluster in one zone goes down, it starts the cluster in the second zone.我只需要一个具有 Prod Env 高可用性的 AKS 集群,以防万一一个区域中的集群出现故障,它会启动第二个区域中的集群。
Any help would be appreciated.任何帮助,将不胜感激。
1 个解决方案
解决方案1
4 已采纳 2020-02-03 11:54:14
As I know, when you create the AKS and create a static public IP to assign to its outbound through the Terraform, you just need to create a public IP and the AKS cluster, do not need to use the data source and null_resource .据我所知,当您创建 AKS 并创建一个静态公共 IP 以通过 Terraform 分配给其出站时,您只需要创建一个公共 IP 和 AKS 集群,不需要使用data源和null_resource 。 So your code could be changed into this:所以你的代码可以改成这样:
#### Creating a Public static IP ####
resource "azurerm_public_ip" "lb-public-ip1" {
name = "${var.public_ip_name}"
location = "${var.location}"
resource_group_name = "${var.resource_group_name}"
allocation_method = "Static"
ip_version = "IPv4"
sku = "standard"
#domain_name_label =
tags = {
Environment = "${var.environment}"
owner = "${var.resource_owner}"
created-by = "${var.policy_created_by}"
}
}
#### Creating AKS Cluster ####
resource "azurerm_kubernetes_cluster" "k8s" {
name = "${var.cluster_name}"
location = "${var.location}"
resource_group_name = "${var.resource_group_name}"
dns_prefix = "${var.dns_prefix}"
kubernetes_version = "1.14.8"
linux_profile {
admin_username = "ubuntu"
ssh_key {
key_data = "${var.key_data}"
}
}
default_node_pool {
availability_zones = ["1","2"]
enable_auto_scaling = true
enable_node_public_ip = false
max_count = "8"
min_count = "2"
name = "default"
node_count = "${var.node_count}"
os_disk_size_gb = "${var.os_disk_size}"
type = "VirtualMachineScaleSets"
vm_size = "Standard_DS2_v2"
}
role_based_access_control {
enabled = true
}
service_principal {
client_id = "${var.client_id}"
client_secret = "${var.client_secret}"
}
addon_profile {
kube_dashboard {
enabled = true
}
oms_agent {
enabled = "${var.oms_agent_activation}"
log_analytics_workspace_id = "${var.log_analytics_workspace_id}"
}
}
network_profile {
network_plugin = "kubenet"
load_balancer_sku = "Standard"
load_balancer_profile {
outbound_ip_address_ids = [ "${azurerm_public_ip.lb-public-ip1.id}" ]
}
}
tags = {
Environment = "${var.environment}"
Name = "${var.cluster_name}"
owner = "${var.resource_owner}"
created-by = "${var.policy_created_by}"
}
depends_on = [azurerm_public_ip.lb-public-ip1]
}
And there would be two backend pool: aksOutboundBackendPool and kubernetes, and one outbound rule: aksOutboundRule.并且会有两个后端池:aksOutboundBackendPool 和 kubernetes,以及一个出站规则:aksOutboundRule。 No lb rules and probes.没有磅规则和探针。 It must be caused by other things.应该是其他原因造成的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.