How-to use existing LoadBalancer in Azure AKS Service?

Question

I created a AKS cluster with Terraform. I want the cluster to have a LoadBalancer and a static public IP, and I want those to be pre-existing to my Ingress Controller / LoadBalancer Service definitions, as I don't want them to be created/deleted dynamically by Kubernetes manifests.

So I also created with Terraform a LoadBalancer and a static public IP, in the node resource group and with SKU basic, according to the documentation recommendations, and attached the public IP to the LB.

Then I created a service of type LoadBalancer:

---                                                                                                                                                                                                                                            
kind: Service
apiVersion: v1
metadata:
  name: my-service
spec:
  type: LoadBalancer
  loadBalancerIP: 8.8.8.8 (the public static IP allocated by Terraform)
  selector:
    name: my-pods-selector
  ports:
    - name: my-port
      protocol: TCP 
      port: 1234
      targetPort: 1234

The service is then stuck in the PENDING state, and a describe give me this:

$ kubectl describe svc my-service
[...]
Events:
  Type     Reason                      Age               From                Message
  ----     ------                      ----              ----                -------
  Normal   EnsuringLoadBalancer        5s (x9 over 15m)  service-controller  Ensuring load balancer
  Warning  CreatingLoadBalancerFailed  4s (x9 over 15m)  service-controller  Error creating load balancer (will retry): failed to ensure load balancer for service my-service: timed out waiting for the condition

I don't manage to find more informations about the error in the describe command output:

Error creating load balancer (will retry): failed to ensure load balancer for service my-service: timed out waiting for the condition

Also, if not pre-creating the LoadBalancer but only the public IP, the LoadBalancer is created dynamically and everything is going well.

Question is: how-to make Azure successfully (which configuration parameter am I missing?) use the pre-existing LB?

• Kubernetes version: 1.13.5

Answer 1

Create Static IP with --sku Standard. Without --sku Standard IP is created with SKU Basic.

Basic Static IP cannot use for Loadbalancers. Take a look into the activity log, you see a warning like this:

Standard sku load balancer /subscriptions/55aa..../resourceGroups/MC_kubernetes-dev-kubernetes-dev-cluster_northeurope/providers/Microsoft.Network/loadBalancers/kubernetes cannot reference Basic sku publicIP /subscriptions/55aa..../resourceGroups/MC_kubernetes-dev_kubernetes-dev-cluster_northeurope/providers/Microsoft.Network/publicIPAddresses/kubernetes-dev-public-ip.

STATICIP=$(az network public-ip create --resource-group <MC_your-RG> --name Your-public-ip-name --sku Standard --allocation-method static --query publicIp.ipAddress -o tsv)

Now assign this ip to your load balancer service

Answer 2

I want the cluster to have a LoadBalancer and a static public IP, and I want those to be pre-existing to my Ingress Controller / LoadBalancer Service definitions, as I don't want them to be created/deleted dynamically by Kubernetes manifests.

Unfortunately, you cannot use a pre-existing Load Balancer with a static public IP for the service in the AKS cluster. You can take a look at the same issue in the Github. As the suggestion shows:

You'd need to let AKS create the load balancer resources in Azure for your services rather than trying to manually create them ahead of them and then use them in AKS. Just create the service through the Kubernetes API, and let the networking plugin create and configure the appropriate Azure resources.

I will suggest that you can just create public IP with the static allocate method yourself. And then create the service with the Load Balancer type and the static public IP.