Reputation: 1
Scaling Issue with Azure Container App using KEDA and Private Endpoint Queue
I'm encountering a scaling issue with an Azure Container App that utilizes KEDA to dynamically adjust its replicas based on the message count in an Azure Storage Account queue. While the scaling works as expected in Scenario B, where the queue has public access, Scenario A, where the queue resides behind a private endpoint, fails to scale.
In Scenario B, the KEDA component within the Kubernetes cluster can effectively monitor the queue's message count and trigger scaling actions. However, in Scenario A, where the private endpoint restricts direct access from the Kubernetes cluster, the KEDA component seems to be unable to connect to the queue and perform the scaling updates.
I've already configured the Storage Account firewall to allow access to all the outbound IP addresses associated with the container app, but it doesn't seem to resolve the issue. I suspect that the KEDA component within the Kubernetes cluster is unable to tunnel through the private endpoint to reach the queue.
I'm seeking guidance on how to address this scaling problem in Scenario A. Any suggestions or workarounds to effectively monitor and scale the container app based on the private endpoint queue would be highly appreciated.
Thank you for your assistance in resolving this issue.
Upvotes: 0
Views: 579
Answers (1)
Reputation: 1
While not the optimal solution, I've identified a workaround that enables the scaling functionality.
By analyzing the "Storage Account > Workbooks > Failures" section, I discovered "AuthorizationError" logs under the "Queue" namespace. Upon enabling error logs, the specific "CallerIpAddress" causing the authorization failure became apparent.
Adding this IP address to the list of allowed ones resolved the authorization issue, allowing the KEDA component to communicate with the queue behind the private endpoint. As a result, the Container App can now properly scale based on the queue's message count.
This workaround provides a temporary solution to address the scaling issue while seeking a more permanent fix.
Upvotes: 0
Related Questions
- How to create a container app scale rule based on a service bus message queue length
- Configuring Azure Workload Identity for KEDA with Azure Event Hub in Azure Container Apps (with Bicep)
- KEDA scaler not working on AKS with trigger authentication using pod identity
- Azure CDN with storage account private endpoint
- KEDA HPA metrics value for Queue Triggered Azure Function
- Connect Azure Data Factory with Private Endpoint to Storage Account with another Private Endpoint in the same VNet