This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 5%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
HI All,
As one of the known limitation of AKS Virtual Node mentioned here is “Using api server authorized ip ranges for AKS. ”
Does that mean is we set few PUBLIC IP only to access the AKS API server, then ACI pods won't be able to reach the AKS API server ?
Also does Virtual Node will work in private cluster ?
Regards,
Sourav
Hello Sourav Bhattacharya
Any update on the issue?
Just checking in to see if you got a chance to see previous response.
Hello Sourav Bhattacharya
Welcome to Microsoft Q&A Platform, thanks for posting your query here.
Yes, that's correct. If you have set up a public IP range to access the AKS API server, then ACI pods won't be able to reach the AKS API server. This is because the virtual node subnet is delegated to Azure Container Instances (ACI), and the IP addresses used by the virtual nodes are not included in the authorized IP ranges for the AKS API server.
Regarding your second question, virtual nodes can work in a private cluster. However, you need to ensure that the virtual network and subnet used by the virtual nodes are properly configured to allow communication between the virtual nodes and the AKS cluster.
Hope that helps.
Thanks @vipullag-MSFT for the clarification.
Hello Sourav Bhattacharya
Please 'Accept as answer' if it helped, so that it can help others in the community looking for help on similar topics.