Skip to content

Set-AzAksCluster can not disable LoadBalancer managed outbound ip when setting LoadBalancer outbound ip prefix #25793

New issue
New issue
Open
Open
Set-AzAksCluster can not disable LoadBalancer managed outbound ip when setting LoadBalancer outbound ip prefix#25793
Assignees
YanaXu
Labels
AKSAzure PS TeamTrackingWe will track status and follow internallybugThis issue requires a change to an existing behavior in the product in order to be resolved.customer-reported
@figocui9

Description

@figocui9
figocui9
opened on Aug 10, 2024

Description

For AKS cluster, we have a scenario to disable the load balancer managed outbound IPs and only use the public IP prefixes (those public IP prefixes are from our BYOIP). However, Set-AzAksCluster could not disable the load balancer managed outbound IPs.

When we attempted to switch from the load balancer managed outbound IPs to the public IP prefixes, the cmdlet (Set-AzAksCluster) does not allow to set (-LoadBalancerManagedOutboundIpCount) to 0 (or $null) when updating (-LoadBalancerOutboundIpPrefix). If we don't provide a value to (-LoadBalancerManagedOutboundIpCount), Set-AzAksCluster will keep both the load balancer managed IPs and the public IP prefixes in the load balancer outbound NAT rule.

This is the script I am using. It doesn't remove the load balancer managed outbound IPs from the load balancer outbound NAT rule.

$aksCluster = Get-AzAksCluster -ResourceGroupName test-aks-cluster
$aksCluster | Set-AzAksCluster -LoadBalancerOutboundIpPrefix "/subscriptions/<my subscription id>/resourceGroups/MC_test-aks-cluster_test-aks-cluster_eastus/providers/Microsoft.Network/publicIPPrefixes/test-egress"

At the same time, if I use the 'azure cli' for the same thing, the command below will remove the load balancer managed outbound IPs from the load balancer outbound NAT rule.

az aks update --name test-aks-cluster2 --resource-group test-aks-cluster2 --load-balancer-outbound-ip-prefixes "/subscriptions//resourceGroups/MC_test-aks-cluster_test-aks-cluster_eastus/providers/Microsoft.Network/publicIPPrefixes/test-egress"

Roughly went through the code of Set-AzAksCluster, the load balancer managed IP is not set to null when setting the public IP prefixes. Probably we should fix it.

load_balancer_managed_ip_update

Issue script & Debug output

N/A

Environment data

PS C:\Users\figo> $PSVersionTable

Name                           Value
----                           -----
PSVersion                      5.1.22621.3880
PSEdition                      Desktop
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.22621.3880
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

Module versions

PS C:\Users\figo> get-module az.aks

ModuleType Version    Name                                ExportedCommands
---------- -------    ----                                ----------------
Script     6.0.3      Az.Aks                              {Disable-AzAksAddOn, Enable-AzAksAddOn, Get-AzAksCluster, Get-AzAksNodePool...}

Error output

No response

Metadata

Metadata

Assignees

Labels

AKSAzure PS TeamTrackingWe will track status and follow internallybugThis issue requires a change to an existing behavior in the product in order to be resolved.customer-reported

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions