Is there way to use another subnet for containers in AKS

JUFO 61 Reputation points
2022-11-11T14:06:46.61+00:00

I know that you have to select one subnet to deploy AKS. (I have AKS integrated with Azure vnet)
But If you need to isolate a deployment, can you select another subnet for a specific pod?
Or all your workloads have to be into the same azure subnet?

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,981 questions
0 comments No comments
{count} votes

Accepted answer
  1. shiva patpi 13,166 Reputation points Microsoft Employee
    2022-11-11T15:30:43.683+00:00

    Hello @JUFO ,
    I don't think there is a way to have a separate subnet just for a particular deployment because the subnet is defined at the time of AKS cluster creation. All of your workloads have to be in the same subnet.

    However you might want to explore "Dynamic allocation of IPs and enhanced subnet"
    https://learn.microsoft.com/en-us/azure/aks/configure-azure-cni#dynamic-allocation-of-ips-and-enhanced-subnet-support

    Also the concept of "Azure CNI overlay" https://learn.microsoft.com/en-us/azure/aks/azure-cni-overlay

    As a part of isolation you might already have known we can make use of "namespaces" as a logical separation:
    https://learn.microsoft.com/en-us/azure/aks/operator-best-practices-cluster-isolation

    Or we can make use of Kubernetes Network Policies
    https://learn.microsoft.com/en-us/azure/aks/use-network-policies

    Also would like to understand more about your exact requirements and the reasons for pods in separate subnets, above options should help out.

    Kindly let us know if you have additional questions.

    Regards,
    Shiva.

    0 comments No comments

0 additional answers

Sort by: Most helpful