英文:
Terraform, Azure and AKS, can I create a route table to a NAT GW in a peered vnet?
问题
以下是翻译好的部分:
我有一个Hub & Spoke网络,其中一个分支中有一个AKS:
[NAT GW]
[Hub Vnet] < --peering-- > [Spoke Vnet]
[AKS]
也许这里有点过度工程,但我想将NAT网关移动到Hub中:
[NAT GW]
[Hub Vnet] < --peering-- > [Spoke Vnet]
[AKS]
是否可以让Spoke Vnet,或者更准确地说是AKS的路由表,将0.0.0.0/0流量路由到Hub GW?
我只能通过Terraform来使其工作,就像第一张草图中那样。
VNet和带Peering的NAT配置运行良好,我似乎无法让AKS中的network_profile设置工作。
英文:
I have a Hub & Spoke network with an AKS in one spoke:
[NAT GW]
[Hub Vnet] <--peering--> [Spoke Vnet]
[AKS]
Maybe over-engineering here, but I would like to move the NAT Gateway to the hub:
[NAT GW]
[Hub Vnet] <--peering--> [Spoke Vnet]
[AKS]
Is it possible to get the Spoke Vnet, or rather the routing table for AKS, to route 0.0.0.0/0-traffic to the hub GW?
I only manage to make it work through Terraform as in the first sketch.
The VNet and NAT config with peering is working fine, what I don't seem to get working is the network_profile setup in AKS.
答案1
得分: 1
是的,你完全可以做到这一点。
文档链接在这里:https://learn.microsoft.com/en-us/azure/aks/egress-outboundtype#outbound-type-of-userdefinedrouting
你只需在网络配置文件中指定不同的出站类型(outboundType)。在这样做时,它会检查确保子网上已设置用户定义路由 (UDR),因此你确实需要确保所有配置都按正确的顺序进行。
英文:
Yep, you can totally do this.
The docs are ok : https://learn.microsoft.com/en-us/azure/aks/egress-outboundtype#outbound-type-of-userdefinedrouting
You simply need to specify a different outboundType in the network profile.
When you do this, it will check to make sure that a UDR is in place on the subnet, so you really need to make sure all of the config is sequenced correctly.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论