Share via

Egress IP address of AKS with network_profile outbound_type loadBalancer and flat network model

Lý Tiến Dũng 0 Reputation points
2025-02-28T12:46:32.56+00:00

What is the IP address that a pod would take to go out of the AKS cluster with cluster network_profile outbound_type loadBalancer and flat network model?

Public ip of SLB could be used when pod's egress traffic going to external network (i.e. the internet), but what about when pod calling a service that hosted in private network within the same azure network? is that correct if the egress IP now is pod private ip of the subnet instead of public ip of standard load balancer?

Could you please refer a Microsoft document mentioning this topic. I've already went through these links, but none of them mentions:

Customize cluster egress with outbound types in Azure Kubernetes Service (AKS)
https://learn.microsoft.com/en-us/azure/aks/egress-outboundtype#outbound-types-in-aks

Use a public standard load balancer in Azure Kubernetes Service (AKS)
https://learn.microsoft.com/en-us/azure/aks/load-balancer-standard

Basic troubleshooting of outbound connections from an AKS cluster
https://learn.microsoft.com/en-us/troubleshoot/azure/azure-kubernetes/connectivity/basic-troubleshooting-outbound-connections#troubleshooting-checklists

Azure Kubernetes Service
Azure Kubernetes Service
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
2,458 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2025-03-03T18:08:56.59+00:00

    Hi Lý Tiến Dũng,

    Welcome to the Microsoft Q&A Platform! Thank you for asking your question here.

    Egress Traffic to External Network (Internet):

    For outbound traffic directed towards the external network (internet), the public IP address associated with the Standard Load Balancer (SLB) is utilized. This configuration allows the SLB to manage outbound connections effectively and offers a public IP address for the egress traffic of the cluster.

    Egress Traffic to Internal Network (Private Network) :

    For outbound traffic directed towards a service located within the same Azure virtual network (private network), the private IP address of the pod is utilized. Consequently, when a pod interacts with another service within the same virtual network, the traffic bypasses the public IP of the Load Balancer (SLB). Instead, it relies on the private IP addresses allocated to the pods and nodes within the subnet.

    please refer the below document:

    https://learn.microsoft.com/en-us/azure/aks/egress-udr?source=recommendations

    If the information is helpful, please consider by clicking the "Upvote" on the post.

    If you have any further queries, please let us know in the comment.

    Thank you.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.