Unable to update Idle Timeout of Standard SKU Load balancer linked to Kubernetes Cluster

Anand Mohan Singh 45 Reputation points
2023-07-28T06:30:07.3366667+00:00

Hi,

I have a Standard SKU Load balancer managed by an AKS Cluster. At the time of cluster and consecutive LB creation, the Idle Timeout was set to default 4.

However, now I wanted to increase the Idle Timeout to 15. So, I followed the instructions given at https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-tcp-idle-timeout (both UI and Azure CLI).

The value of Idle Timeout got changed to 15 and it was reflected also as per the expectation.

However, it was again reset to default 4 by linked/managed AKS Cluster.

Then, I tried below command

az aks update \

--resource-group myResourceGroup \

--name myAKSCluster \

--load-balancer-idle-timeout 15

But it is giving me following error:-

"error": {

	"code": "InvalidResource",

	"message": "Data collection rule index not found: '/subscriptions/<My-Subscription-Id>/resourceGroups/<AKS Cluster Resource Group Name>/providers/Microsoft.Insights/dataCollectionRules/MSCI-WUS2-<AKS Cluster Name>'",

	"details": [{

		"code": "InvalidResource",

		"message": "Data collection rule index not found: '/subscriptions/<My-Subscription-Id>/resourceGroups/<AKS Cluster Resource Group Name>/providers/Microsoft.Insights/dataCollectionRules/MSCI-WUS2-<AKS Cluster Name>'"

	}]

}

}

I am stuck. Is there a way where I can permanently set Idle Timeout to 15 and the respective AKS Cluster don't update it to default value 4 every 24 hours?

Regards,

Anand

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,774 questions
{count} votes

Accepted answer
  1. Eddie Neto 1,231 Reputation points Microsoft Employee
    2023-07-28T08:02:11.6466667+00:00

    Hi @Anand Mohan Singh

    Thanks for reaching Microsoft Q&A.

    Regarding your question you should update by using command line and not directly through azure portal. Changing in azure portal will not update the resource metadate from the backend and after a simple reconcile of the cluster or scale or even an upgrade of the AKS cluster will bring back to the default.

    For now, make sure to use the command here.

    Hope this helps. Please "Accept as Answer" if it helped, so that it can help others in the community looking for help on similar topics.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
  1. Eddie Neto 1,231 Reputation points Microsoft Employee
    2023-08-17T10:29:20+00:00

    Hi @Oleg Kazakov

    Hope that helps you to mitigate.

    Determined the Data Collection Rule referenced in the error is a rule created when a cluster enables Container Insights. The naming convention used by Container Insights for the Data Collection Rule is MSCI-WUS2-<AKS Cluster Name>. However, the az aks update command is looking for a Data Collection Rule with the naming convention of cluster name. The Data Collection Rule is unable to be edited after creation during the monitoring addon being enabled. Thus, I recommended to you as current workaround:

    1. to disable the monitoring addon "az aks disable-addons -a monitoring -n MyExistingManagedCluster -g MyExistingManagedClusterRG "
    2. delete the Data Collection Rule in question (If you don't want to delete continue next, in case does not work you will have to remove it).
    3. Run the update command to the idle timeout
    4. And then re-enable the monitoring addon. "az aks enable-addons -a monitoring -n MyExistingManagedCluster -g MyExistingManagedClusterRG --workspace-resource-id <workspace-resource-id>"
    1 person found this answer helpful.