AKS public load balancer health probes and load balancing rules with a internal load balancer in use

Diego Sesoldi 20 Reputation points
2023-12-19T13:22:44.4433333+00:00

Hello,

I've noticed that when creating an aks cluster, with only a public LB, it automatically creates the health probes and LB rules for it, but when utilizing an internal load balancer, these same ones are created only for the internal LB, but not for the public one.

I'm assuming that this is due to the public LB only being utilized for outgoing connections from the cluster in this scenario, which would render the health probes and the LB rules useless.

Are there any scenarios with both LB, internal and public, in which the public LB would require LB rules and health probes?

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
2,229 questions
Azure Load Balancer
Azure Load Balancer
An Azure service that delivers high availability and network performance to applications.
468 questions
0 comments No comments
{count} votes

Accepted answer
  1. rilopes-MSFT 235 Reputation points Microsoft Employee
    2023-12-19T16:32:11.2533333+00:00

    Hello @Diego Sesoldi
    Currently if you create a new AKS cluster from Portal or Azure CLI (with the latest API versions). It with will create a public LB with a public IP for outbound (egress), but it should not create any health probes or inbound load balancing rules (by default).

    Also, currently by default, it will only create an outbound rule for egress and the 2 backend pools (1 required for the outbound rule, and another to be used once the 1st Kubernetes LB service is created).
    This should be the default configuration for the outbound type of loadbalancer. If you are having a different load balancer configuration during cluster creation, please let us know how the cluster is being created.

    Please note that the default Public IP can be also used for inbound. To do this we just need add the annotation service.beta.kubernetes.io/azure-load-balancer-ipv4 with the public IP, in the yaml file of your kubernetes loadbalancer service as mentioned in our documentation. Then the necessary health probes and inbound load balancing rules will be created once the Kubernetes service is deployed.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.