Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

UserDefinedRouting Egress #550

Merged
merged 10 commits into from
Mar 29, 2023
Merged

UserDefinedRouting Egress #550

merged 10 commits into from
Mar 29, 2023

Conversation

lenisha
Copy link
Contributor

@lenisha lenisha commented Mar 17, 2023
edited
Loading

PR Summary

Added option 'userDefinedRouting' in aksEgressType to support use case deploying to networks that force tunnel traffic to Firewall.
udr
custom err
byon

Closes #544

PR Checklist

  • PR has a meaningful title
  • Summarized changes
  • This PR is ready to merge and is not Work in Progress
  • Link to a filed issue
  • Screenshot of UI changes (if PR includes UI changes)

@lenisha lenisha requested a review from Gordonby March 17, 2023 04:23
@Gordonby
Copy link
Collaborator

Looks like a good update.
It does share the code from #549 , so lets get that merged before progressing/testing this PR.

@Gordonby Gordonby added the enhancement New feature or request label Mar 17, 2023
@Gordonby
Copy link
Collaborator

Having trouble getting this working as intended.
Will need to spend more time having a look tomorrow.

@lenisha lenisha changed the title add UserDefineRouting Option add UserDefinedRouting Option Mar 20, 2023
Gordonby
Gordonby requested changes Mar 21, 2023
View reviewed changes
Copy link
Collaborator

@Gordonby Gordonby left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On the deployTab we need to extend the inclusion of aksOutboundTrafficType parameter to include custom networking model

image

@Gordonby
Copy link
Collaborator

@lenisha - I've done the fixes in your branch as part of testing.... Let me finish the deployment tests and i'll push.

@Gordonby
Copy link
Collaborator

Gordonby commented Mar 21, 2023
edited
Loading

I get an error when running

az deployment group create -g gordons  --template-file ./bicep/main.bicep --parameters resourceName=udr JustUseSystemPool=true custom_vnet=true azureFirewalls=true aksOutboundTrafficType=userDefinedRouting
{"status":"Failed","error":{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.","details":[{"code":"BadRequest","message":"{\r\n  \"code\": \"RouteTableMissingDefaultRouteError\",\r\n  \"message\": \"Default route 0.0.0.0/0 missing from route table /subscriptions/REDACTED/resourceGroups/gordons/providers/Microsoft.Network/routeTables/rt-afw-udr.\",\r\n  \"subcode\": \"\"\r\n}"}]}}

I shall continue looking

@Gordonby
Copy link
Collaborator

@lenisha - I don't have permissions to push to your PR. Buzz me on teams when you have time to chat 😊

@Gordonby Gordonby changed the title add UserDefinedRouting Option UserDefinedRouting Egress Mar 21, 2023
@Gordonby Gordonby added this to the 0.9.12 milestone Mar 21, 2023
@Gordonby
Copy link
Collaborator

Works as expected.... great job.

It'd be cool to add a new related feature so we can give users the sample config for putting in the DNAT to Azure Firewall to properly expose ingress. Could be a sample page, a blog, etc.
image

@Gordonby Gordonby merged commit 4cd1ba2 into Azure:main Mar 29, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Gordonby Gordonby Gordonby approved these changes

Assignees

@lenisha lenisha

Labels
enhancement New feature or request
Projects
None yet
Milestone
0.9.13
Development

Successfully merging this pull request may close these issues.

BYON option with userDefinedRouting
2 participants
@lenisha @Gordonby