Hey everyone, I'm having trouble building a private Azure Kubernetes Service (AKS) cluster because of outbound DNS resolution problems. I've set up a User Defined Route (UDR) from the AKS subnet to the internet, but once I create the private cluster, it can't seem to utilize my virtual network's DNS for outbound browsing. Does anyone have suggestions on what I might be missing here?
2 Answers
It sounds like the part where you mentioned "can’t use my VNet DNS to browse out" is key. When you're working with a private AKS and a UDR, issues usually crop up if something in the bootstrap path fails to resolve properly. Are you forwarding to the IP 168.63.129.16 anywhere, or is everything tracked to your own DNS servers?
It seems like your AKS might be operating on an internal overlay virtual network that's separate from where your host resides. Are you using the overlay Container Network Interface (CNI), or is that necessary for you? It could be worthwhile to check if you can switch to another configuration where the AKS pods and nodes share a subnet with the host's virtual network. I think the missing piece here could be the bridge that connects your AKS subnet to the host's virtual network, managed by the kube-proxy running on each node. Not sure if that's editable, but that could be the trick.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures