Hello @Michael Roger
Have you though of using UDR(userDefinedRouting)?
Cheers!
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
just a question, on microsoft page https://learn.microsoft.com/en-us/azure/aks/configure-kubenet#bring-your-own-subnet-and-route-table-with-kubenet it says
"With kubenet, a route table must exist on your cluster subnet(s). AKS supports bringing your own existing subnet and route table. If your custom subnet does not contain a route table, AKS creates one for you and adds rules to it throughout the cluster lifecycle. If your custom subnet contains a route table when you create your cluster, AKS acknowledges the existing route table during cluster operations and adds/updates rules accordingly for cloud provider operations."
also, for AGIC with Appgateway, you also need to link this routetable to app gateway subnet if it's kubenet https://learn.microsoft.com/en-us/azure/application-gateway/configuration-infrastructure
"If you're using kubenet with Azure Kubernetes Service (AKS) and Application Gateway Ingress Controller (AGIC), you'll need a route table to allow traffic sent to the pods from Application Gateway to be routed to the correct node. This won't be necessary if you use Azure CNI."
so this brings a interesting question, what if my client wants to have default traffic from AKS subnet 0.0.0.0/0 to a NVA such as Azure firewall, I don't think this is very uncommon. However, this seems to break App gateway subnet, because app gateway subnet, doesn't allow default route to NVA.
how to get around that? perhaps two routetables but i'm wondering if AKS can update on both?
Any further concern that I can address ?