Avi Kubernetes Operator Guide 1.11

AKO 1.13 1.12 1.11 1.10

AKO in Azure
Last Updated November 12, 2024

This topic explains the ClusterIP mode support for Azure IaaS cloud in
AKO
.
AKO
 manages the pod routing in the Azure cloud.

Routing in Azure with Two Kubernetes Clusters Syncing to the same Azure Cloud

When multiple clusters are syncing to the same cloud, the pod CIDRs can overlap. Currently, in
AKO
 for each cluster, the SE Group is created. For Azure cloud, in addition to the creation of a dedicated SE group, SE Network/ subnet needs to be overridden in the SE group which will be unique per cluster.
AKO Static Routing in Azure
AKO
 configures the routes for
cluster1
 and
cluster2
 in the Azure routing tables for
subnet1
 and
subnet2
 respectively.

AKO
 in Azure (Day 0 Preparation)

The Day 0 preparation checklist required to set up
AKO
 in Azure is as listed below:
  1. Operations on the Azure Side
    1. Ensure that the Kubernetes /OpenShift clusters are running in Azure
      1. Ensure that clusters are in the same VNET as the SE
    2. Create a dedicated subnet for each of the clusters in VNET for SE to be provisioned in
      1. subnet1
         and
        subnet2
         are created for
        cluster1
         and
        cluster2
         respectively
    3. Create the route table in Azure for each subnet created above and associate it to the SE subnet
      1. Create
        RouteTable1
         and
        RouteTable2
         and associate to
        subnet1
         and
        subnet2
         respectively
    4. Configure NSG rules in Kubernetes cluster’s subnet to allow traffic from SE Subnet
    5. Provide permissions to the
      NSX Advanced Load Balancer
       cloud credential to write on route tables
      1. The
        NSX Advanced Load Balancer Controller
         role for
        AKO
        avi-controller-ako.
      2. Use the above role to configure the cloud in the
        NSX Advanced Load Balancer
        . For more information, see AKO in GCP.
  2. Operations on the
    NSX Advanced Load Balancer
     side
    1. Create an Azure cloud in
      NSX Advanced Load Balancer
      .
      Skip this step if the IaaS cloud is already created.
    2. Create a Service Engine group for each cluster.
    3. Override the Service Engine subnet in each of the SE groups
      1. If there are two clusters
        cluster1
         and
        cluster2
      2. Run
        configure serviceenginegroup seg1
      3. Override the
        data_network_id
         in the SE Group by running the commands shown below:
        data_network_id subnet1
Save
      4. Similarly override the
        data_network_id
         for the
        cluster2
Once all the things are configured and
AKO
 is running, check if the routes for the nodes are created in the routing table for the
subnet1
 and
subnet2
 respectively.

Content feedback and comments