Azure CNI networking for dynamic allocation of IPs support authorized ip ranges for AKS ?

Sourav Bhattacharya 60 Reputation points
2023-11-03T12:30:13.6966667+00:00

Hi

It's not mentioned as the limitation here,

https://learn.microsoft.com/en-us/azure/aks/configure-azure-cni-dynamic-ip-allocation

But I am wondering does it support authorized ip ranges for AKS cluster ?

The Pod subnet which we create is delegated to "Microsoft.ContainerService/managedClusters".

So if we put authorized IP ranges to restrict cluster access will it prevent PODS to communicate to control plane ?

Can create AKS private cluster with "Azure CNI networking for dynamic allocation of IPs" ?

Regards,

Sourav

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
2,081 questions
{count} votes

Accepted answer
  1. shiva patpi 13,251 Reputation points Microsoft Employee
    2023-11-06T20:51:18.8466667+00:00

    @Sourav Bhattacharya

    I just tested to double confirm the same w.r.t Private AKS clusters & AKS with authorized IP ranges.

    It does work perfectly with that feature i.e. dynamic allocation of IPs.

    To answer your question:- "As the Pod subnet is coming from the same VNET , hence control plane communication will not impact even if you are using the Authorized IP ranges, and the feature also works with Private AKS clusters."

    Regards,

    Shiva.

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.