I have an Azure external loadbalancer with a backend pool that contains 1 kubernetes master server and has a load balancing rule on port 443.
I added a rule with priority 500 to deny all traffic coming from the internet on port 443 to the kubernetes master server. Works fine
I added a rule with priority 400 to accept traffic coming from a certain public ip because I only want to be able to connect from that ip. I expected that I should be able to connect but I can't.
If I change the rule that accepts traffic from the source ip to internet then it works fine. What am I missing?
Kind Regards
"I added a rule with priority 400 to accept traffic coming from a certain public ip because I only want to be able to connect from that ip. I expected that I should be able to connect but I can't.
If I change the rule that accepts traffic from the source ip to internet then it works fine. What am I missing?"
Things that you might have missed:
Create a separate rule to allow this IP as this is a MSFT IP you should have no issues allowing this.** Before deny all (Priority <500)
That should fix your issue for sure !!
Diagnosis & RCA :
Why this is happening, the Azure Load balancer Probe IP is being blocked and hence the backend server is being marked as unhealthy by the load balancer.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.