Azure Load Balancer and global vNet peering
Just coming back from a strange troubleshooting session where an application running on an AKS Cluster was not responding anymore after a network architecture change. It turned out quickly, that the root cause had to be searched in the recent configuration change. The change included a new routing configuration in the customers Azure global network. The AKS cluster’s network has been peered with a new hub network. The hub network is located in SwitzerlandNorth region whereas the AKS application vnet is located in WestEurope. So we have created a so called cross-region or “global” vnet peering.
<figcaption>image source: Microsoft</figcaption></figure>
After changing the routes everything but the AKS’s load balancer frontend IP was reachable from on-premises.
Long story short – The AKS cluster was using the basic SKU of Azure Load Balancer which does not support global vNet peering.
More information:
https://docs.microsoft.com/en-us/azure/load-balancer/concepts-limitations
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-peering-overview
Hope this prevents some headaches
Happy peering everyone!