Deploying a Kubernetes service on Azure with a specific IP addresses
Each time a Kubernetes service is created within an ACS or AKS cluster a static Azure IP address is assigned. If an IP address exists in the resource group that is not assigned to a service this will be used, otherwise a new address is requested. This means if a service is deleted and recreated it is not guaranteed to get the same IP address. Should you wish to configure the service to always receive the same IP address the load balancer can be provisioned to use a specific IP address.
This is described in the Kubernetes docs: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer.
I have been asked how to do this on Azure a number of times, the steps to follow are:
-
Create a new Reserved IP address in the same Resource Group as your Azure Container Service deployment.
az network public-ip create -g MyClusterResourceGroup -n MyIpName --dns-name MyLabel --allocation-method Static -
Retrieve the IP address of the newly provisioned Reserved IP:
az network public-ip show -g MyClusterResourceGroup -n MyIpName --query "{ address: ipAddress }" -
In the YAML file defining the service before the line
type: LoadBalanceradd:loadBalancerIP: 52.179.14.59Where the IP address, in the example above
52.179.14.59, matches the IP address retrieved in step 2.The YAML will now look similar to the following image:
-
Save the file, and redeploy the service by running the following command:
kubectl create -f my-service.yaml -
Type
kubectl get svcto see the state of the services in the cluster. While the load balancer configures the rule, theEXTERNAL-IPof thefrontendservice appears as<pending>. After a few minutes, the external IP address is configured to match your reserved IP:
Considerations
- The Reserved IP address must be in the same resource group as the cluster.
- The IP address must be provisioned using Azure Resource Manager. If using the Azure portal select
Public IPand choose allocation method asStatic. Do not deploy aReserved IPfrom the portal as this does not use Azure Resource Manager. - If the service remains with an
EXTERNAL-IPof<pending>to get more details runkubectl describe service frontendwherefrontendis the name of the service being deployed. If you see an error such asUser supplied IP Address XXX.XXX.XXX.XXX was not found, runaz network public-ip list -g MyClusterResourceGroup -o tableand ensure that the reserved IP address is listed.
Related Posts
Deploy a Kubernetes Service on Azure with IP address that is in a different resource group to the cluster- Configuring Kubernetes ingress with a wildcard DNS certificate, single TLS secret and applications in multiple namespaces
- Enforcing Network Policies using kube-router on AKS
Creating a Docker artifact for Windows Server in Azure DevTest Labs- Retrieving and using Azure Container Registry credentials in an Azure Resource Manager Template
- Using Infrastructure as Code to provision a Docker container on Azure
I followed all above steps. This sounds like we are exposing frontend service as loadbalancer. In my application, I am using external loadbalancer configured via Nginx. How do I create new loadbalancer with static IP address?
I have followed your steps above for an AKS service, and my load balancer service is stuck in the pending state. After running the public-ip list command, my public address is listed there. Any idea what the issue could be?
@swapnil. I believe that you would use an Ingress resource to connect with the external load balancer.