How to prevent AKS Ingress from overwriting Application Gateway's existing services?
I recently had connected an AKS cluster to an Application Gateway and had the services I hosted on the AKS cluster be made accessible through the gateway's public IP. However I realized that whenever I update the Ingress I created the AKS and gateway it overwrites all exisitng settings (pool, backend settings, health probe, etc. I was wondering if there is a way where when we update the Ingress it doesn't overwrite the whole gateway and it simply adds to it?
Also how can I achieve this as well if I were to connect 2 AKS to the one gateway without one of the AKS erasing the entire gateway whenever a new service is created on AKS?
Unfortunately, when installing the AGIC via the AKS add-on, you'll be forced to use the AGIC in the default behaviour, i.e. the AGIC will consider itself as the only one that uses the Application Gateway. That's why you see that behaviour.
At the moment, the only way where you can change this AGIC behaviour is by installing it via Helm. Helm enables you to configure the AGIC as shared, and only in this way you can use AzureIngressProhibitedTarget.
eg. AGIC configuration as shared
appgw:
subscriptionId: <subscriptionId> # existing field
resourceGroup: <resourceGroupName> # existing field
name: <applicationGatewayName> # existing field
shared: true # <<<<< Add this field to enable shared App Gateway >>>>>
eg. AzureIngressProhibitedTarget
apiVersion: "appgw.ingress.k8s.io/v1"
kind: AzureIngressProhibitedTarget
metadata:
name: your-custom-prohibitions
spec:
hostname: your.own-hostname.com
For more info:
- startup exception for aspnet core worker docker container attempting to set secret from env variable in Kubernetes
- AKS Network Policy Manager vs Azure Cilium Network Policies
- Ingress controller does not allow snippets
- AKS - Error from server (Forbidden): User cannot create resource "namespaces" in API group "" at the cluster scope
- Changing Prometheus job label in scraper for cAdvisor breaks Grafana dashboards
- How to disable port probes for AKS LoadBalancer?
- Airflow ERROR - Error authorizing OAuth access token: Invalid JSON Web Key Set. [The request to sign in was denied.]
- build docker image in M1 to deploy in aks cluster
- How do we Look up service-cluster-ip-range in Azure AKS Cluster
- Qdrant Azure private cloud API KEY setup setting not found
- Kubernetes namespace "aks-command"
- During uvicorn startup, child process dies in a Kubernetes cluster
- AKS CrashLoopBackOff for an image working without problem in docker host: logs: error: container containerd://x is not valid for pod flask-app
- secret-inject@azurekeyvault waiting forever
- ActiveMQ Artemis master (primary) pod goes to restart loop after change to shared-store HA option
- MIME type of .mjs files is "text/html" when deploying React (ViteJS) app to Azure Kubernetes
- Nat Gateway Profile for AKS using terraform
- Which rights are missing? Unable to continue with install: could not get information about the resource: podsecuritypolicies.policy
- How to configure Azure Application Insight for a Java Spring Boot in a Pod in Azure AKS
- Comparison between NGINX Ingress Controller v/s Kubernetes (community) Ingress controller
- Invoke-AzAksRunCommand how to run aks-command pod with toleration
- How to use use double quotes to avoid the unrecognized arguments: containers ][*].image}
- temporary_name_for_rotation must be specified when changing any of the following properties: pod_subnet_id
- Migrate from .NET 6 to .NET 8 In-process Azure function in AKS
- Azure DevOps Pipeline Fails with Device Login Prompt During Helm Deployment to AKS
- KubeDB provisioner and azure workload identity
- Simulate network latency between application in AKS and PostgreSQL server in Azure
- The `UseHsts` stopped appending the `Strict-Transport-Security` header after the migration from Service Fabric to K8S. How to fix it?
- Cannot mount volume in Ignition | Permission issue | Ignition migration
- 404 not found nginx/1.27.0 while running a docker image for React web application