Azure-docs: Documentation for using ARM Template to use standard loadbalancer SKU in AKS

Created on 9 Oct 2019 · 11Comments · Source: MicrosoftDocs/azure-docs

It would be good to have documentation for implementing standard load balancer SKU using ARM templates. Also, the arm template reference doesn't document the latest fields used to support this : https://docs.microsoft.com/en-us/azure/templates/microsoft.containerservice/2019-06-01/managedclusters

We tried using based on some references in az cli code, https://github.com/hmcts/cnp-aks-rbac-pipelines/pull/164/files#diff-0f31a15e9bcb3b0e86c07d8b217f18eaR116-R186

but it fails with a validation error ( intermittently)
{ "code": "InvalidLoadBalancerProfileOutboundIPs",
"message": "Error in validating load balancer profile outbound IPs",
"target": "networkProfile.loadBalancerProfile.outboundIPs"
}

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

ID: 60a7a0a8-97e7-0fda-763c-1a9972f4e9bc
Version Independent ID: 82b46441-43fc-fe48-97e2-0f3fca3d6eab
Content: Use a Standard SKU load balancer in Azure Kubernetes Service (AKS)
Content Source: articles/aks/load-balancer-standard.md
Service: container-service
GitHub Login: @zr-msft
Microsoft Alias: zarhoads

Pri2 container-servicsvc cxp product-question triaged

Source

adusumillipraveen

Most helpful comment

az aks update works for me. Important thing is that public IP MUST be STANDARD SKU.

guderkar on 7 Nov 2019

👍2

All 11 comments

@adusumillipraveen, Thank you for sharing the query. We are looking into this and would get back to you soon on this thread.

souravmishra-msft on 9 Oct 2019

@adusumillipraveen Thanks for the feedback. I will have the document author add his comments on this.

VikasPullagura-MSFT on 9 Oct 2019

@zr-msft Can you please add your comments on the document for using SLB with ARM.

VikasPullagura-MSFT on 9 Oct 2019

thank you for the feedback @adusumillipraveen

I have added an item to our backlog. We'll prioritize this item based on the rest of the work in our queue.

please-close

zr-msft on 9 Oct 2019

Why is this closed? the error is still happening, to me also

alonisser on 19 Oct 2019

The error occurs even in ARM tempalte validation because the IP does not exist.
So I believe that your case is that you are deploying IP and then Kubernetes which depends on that IP.
But when you validating the IP, it does not exists yet and therefore the error occurs.
Our solution to the problem was deploying the IP manualy beforehand in another RG.

guderkar on 6 Nov 2019

The error occurs even in ARM tempalte validation because the IP does not exist.
So I believe that your case is that you are deploying IP and then Kubernetes which depends on that IP.
But when you validating the IP, it does not exists yet and therefore the error occurs.
Our solution to the problem was deploying the IP manualy beforehand in another RG.

We're also doing this via CLI for the public IP

timja on 6 Nov 2019

ANy news regarding this? same issue when trying to update load balancer AKS public ip:

az aks update --resource-group xxxxxxxxx --name aksname --load-balancer-outbound-ips "/subscriptions/f48099a8-xxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/MC_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX_eastus/providers/Microsoft.Network/publicIPAddresses/testpip"

Operation failed with status: 'Bad Request'. Details: Error in validating load balancer profile outbound IPs

thanks

Yiyito11 on 7 Nov 2019

az aks update works for me. Important thing is that public IP MUST be STANDARD SKU.

guderkar on 7 Nov 2019

👍2

@guderkar is correct. The LoadBalancer SKU must match the Public IP SKU. Using this setup, the advanced-networking deployment works for me:

"networkProfile": {
"networkPlugin": "[variables('networkPlugin')]",
"networkPolicy": "calico",
"loadBalancerSku": "Standard",
"loadBalancerProfile": {
"outboundIPs": {
"publicIPs": [
{
"id": "[variables('loadBalancerIp')]"
}
]
}
}
}

However, the same does not work for the basic-networking deployment. Still investigating...