Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Example in README.md broken: K8S version unsupported, IPs/CIDRs are a mess #154

Closed
karlschriek opened this issue Apr 6, 2022 · 3 comments
Closed

Example in README.md broken: K8S version unsupported, IPs/CIDRs are a mess #154

karlschriek opened this issue Apr 6, 2022 · 3 comments

Comments

@karlschriek
Copy link

karlschriek commented Apr 6, 2022
edited
Loading

I am running into several problems getting an AKS cluster rolled out using the official example (as of v4.14.0). I will list them here in the order I ran into them:

1. The Kubernetes version 1.19.3 is no longer supported

│ Error: creating Cluster: (Managed Cluster Name "prefix-aks" / Resource Group "aks-resource-group"): containerservice.ManagedClustersClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="AgentPoolK8sVersionNotSupported" Message="Version 1.19.3 is not supported in this region. Please use [az aks get-versions] command to get the supported version list in this region. For more information, please check https://aka.ms/supported-version-list"

To get around this, I changed the version to 1.22.6. This reveals the next problem:

2. IngressApplicationGateway CIDR not contained within virtual network

│ Error: creating Cluster: (Managed Cluster Name "cluster-name" / Resource Group "aks-resource-group"): containerservice.ManagedClustersClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="IngressAppGwAddonConfigInvalidSubnetCIDRNotContainedWithinVirtualNetwork" Message="Subnet Prefix '10.52.1.0/24' specified for IngressApplicationGateway addon is not contained within the AKS Agent Pool's Virtual Network address prefixes '[10.0.0.0/16]'." Target="AddonProfiles.IngressApplicationGateway"

I am not entirely certain what the correct fix is here, but completely commented out this section for now.

#   enable_ingress_application_gateway = true
#   ingress_application_gateway_name = "aks-agw"
#   ingress_application_gateway_subnet_cidr = "10.52.1.0/24"

That allows me to continue and see the next problem:

3. Service CIDR overlaps with existing Subnets CIDR.

│ Error: creating Cluster: (Managed Cluster Name "cluster-name" / Resource Group "aks-resource-group"): containerservice.ManagedClustersClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="ServiceCidrOverlapExistingSubnetsCidr" Message="The specified service CIDR 10.0.0.0/16 is conflicted with an existing subnet CIDR 10.0.1.0/24" Target="networkProfile.serviceCIDR"

Also discussed here: #57
And there is a PR recommending a fix here: #107

To get around this I changed to:

  net_profile_dns_service_ip     = "10.1.0.10"
  net_profile_service_cidr       = "10.1.0.0/16"
@karlschriek
Copy link
Author

Also, Terraform 1.x has been out for quite some time now. It may be worth referring to that rather than 0.13 in the example.

@ealasgarov
Copy link

you need 2 subnets in 1 vnet, one for aks and one for app gateway, they should not be overlapping.

@zioproto
Copy link
Contributor

This issue should be solved with changes merged in #166

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@zioproto @lonegunmanb @karlschriek @ealasgarov