Azure-cli: Find free IP inside a vnet/subnet

One option is you can dump out used private ip addresses in a vnet using a command below and then pick a free one you can use. Will that help?

az network nic list --query "[?starts_with(ipConfigurations[0].subnet.id,`/subscriptions/0b1f6471-1bf0-4dda-aec3-cb9272xxxxx/resourceGroups/myGroup/providers/Microsoft.Network/virtualNetworks/myVnet/subnets/subnet`)]|[].ipConfigurations[0].privateIpAddress" -otsv
10.0.0.4
10.0.0.5
10.0.0.6

might do... I did discover meanwhile that knowing any IP in the subnet (I had a VM in there) you can check if it is available and you will get false but also a list of free IPs in the subnet:
privateIPAddress="$(az network vnet check-ip-address --resource-group $RgName --name $vnetName --ip-address $known_ip | jq -r .availableIpAddresses[0])"

Good find! This is a better option :)

It seems this issue has been resolved?

i will be closing this issue. If you have any further questions, please let us know.

well... it's a feature request, it hasn't been resolved or implemented, we rather found something to help not even a workaround, so I wouldn't leave it closed as it's not

... at the moment Closed means rejected

@christiankuhtz(from network team) could please chime in whether or not this is a common user ask. If yes, we can reactivate as a feature work which @adewaleo will happily implement

@calinmarina, thanks for following up. My apologies if we misunderstood you. I would be happy to implement this feature if the network team / @yugangw-msft gives the go-ahead.

@calinmarina, thanks for following up. My apologies if we misunderstood you. I would be happy to implement this feature if the network team / @yugangw-msft gives the go-ahead.

Have they given it?

Not as far as I know... it's at the phase where you need to vote for it :)
:+1: if you need it

Yes, this is an absolute necessity. Either provide IPAM services natively within Azure, or make such functions readily available through the CLI.

@dennisgeorge @calinmarina @a-dimas we will add support in CLI to make this simple.

And if anyone wants to contribute, please feel free to submit a PR!

This is a short powershell script that checks if an IP is free and if not, displays a free one. I think it gets a free IP from the same subnet, but it could be just a close one to the one given, not sure.
$IP="X.X.X.X"
$vnetName = "XXXXXXX"
$rgname="XXXXXXX"

$freeIPs=$(Get-AzureRmVirtualNetwork -Name $vnetName -ResourceGroupName $rgname | Test-AzureRmPrivateIPAddressAvailability -IPAddress $IP).AvailableIPAddresses
if ($freeIPs){
Write-Output "The IP $IP is not free"
Write-Output "Here are a couple of free IPs `n $freeIPs"
$freeIP=$freeIPs| Select-Object -First 1
Write-Output "The variable freeIP is set to $freeIP which is a free IP"
}else {
$freeIP=$IP
Write-Output "The IP $IP is free. You can use the variable freeIP or IP to get it."}

az network lb create
--resource-group $RgName
--name $LoadBalancerName
--frontend-ip-name $FrontEndName
--private-ip-address $privateIPAddress
--backend-pool-name $BackEndPool
--vnet-name $vnetName
--subnet $SubNet

$ IP =“XXXX”
$ vnetName =“XXXXXXX”
$ rgname =“XXXXXXX”

$ freeIPs = $（Get-AzureRmVirtualNetwork -Name $ vnetName -ResourceGroupName $ rgname | Test-AzureRmPrivateIPAddressAvailability -IPAddress $ IP）.AvailableIPAddresses
if（$ freeIPs）{
Write-Output“IP $ IP不是免費的”
寫輸出“這裡是一些免費的IP`n $ freeIPs“
$ freeIP = $ freeIPs | Select-Object -First 1
Write-Output“變量freeIP設置為$ freeIP，這是一個免費IP”
}否則{
$ freeIP = $ IP
Write-Output“IP $ IP是免費的。您可以使用變量freeIP或獲得它的IP。“}

@calinmarina I understand it could be useful to have a command to show how the subnet is allocated so a human can choose which one to pick out of those that aren't allocated. However, for internal Load Balancer frontends, you can simply leave the frontend as dynamic as well and the first available address will be chosen rather than specify a specific static address. What exactly are you trying to solve?

@christiankuhtz I have a quite specific use case to support this feature request.

There is a piece of documentation from Azure on AKS - Create an ingress controller to an internal virtual network in Azure Kubernetes Service (AKS) and if you follow through it you'll get to the point where you need to provide the loadBalancerIP and as you may notice it is indeed a private IP within an already existing subnet.

As part of automating the process in the above doc you need to be able to obtain IP value from an existing subnet and assign it to a Load Balancer.

The current workaround I have implemented, even the one with the workaround kindly provided by @calinmarina is still not 100% feasible, especially in a case of as dynamically fluid system such as AKS where there are hundreds of events going on in a single minute, including IP allocations to pods.

So, a feature such as this implemented in a right way (being able to target a vnet and optionally a subnet) would very much help.

You can use this https://github.com/ados1991/terraform-azure-Get-IpAvailablesAddressesSubnet

add to S165.

@ados1991 @calinmarina Thanks for raising this issue. Since we don't get the service's response for a long time, I use the same way like @ados1991 did to implement this functionality.