Is it possible to use a single Application Gateway as an ingress controller for multiple Azure Kubernetes Services?

Question

I am currently trying to configure ingress routes in two AKS clusters which both use the same Application Gateway instance as an AGIC.
My hope thereby is to have a single point where TLS connections from the outside are terminated and distribute traffic to all internal applications.

The issue I am facing during implementation is that setting ingress routes in cluster A's configuration causes all routes in the Application Gateway set by cluster B's configuration to be overwritten - and vice versa.

It therefore seems to me that the AGIC plug-in is meant to be used only in a 1:1 relationship between Application Gatway and AKS cluster - is that the case or am I missing something?

Info:

I made sure that the two cluster's Subnets do not overlap and use different namespaces for all services running in the clusters.

Answer 1

Hi @Christian Baier ,
Thanks for posting your query on Microsoft QnA.
Have you deployed your AGIC via AKS as an add-on or via Helm?
If you have deployed AGIC through AKS as an add-on, then have you taken note of the below.
"Customers can only deploy one AGIC add-on per AKS cluster, and each AGIC add-on currently can only target one Application Gateway. For deployments that require more than one AGIC per cluster or multiple AGICs targeting one Application Gateway, please continue to use AGIC deployed through Helm".
Link : https://learn.microsoft.com/en-us/azure/application-gateway/ingress-controller-overview

Does this help?