i’m in a private network with firewall, and i use “private aks option”. is it possible that access to the network is blocked with one of your endpoint for deployement ?
Without having enough details about your networking and traffic restirictions, it would be just guessing. If you have any sort of network policies or mesh/proxying - I would start from there.
Yes by private i mean this, the node of my aks are on private ip. we have an hub & spoke infrastucture with vnet peering. we have azure route table with rules to redirect some traffic to our firewall.
Whole internet network (0.0.0.0/0) redirect to our firewall
all interactions outside my virtual network is also redirect to firewall
by default we close whole traffic, we oppened rules to get docker images. and check.percona.com.
As Sharded or replicaset, my database is deployed but still crash on liveness probes on mongod pods.
So the cluster don’t stay in ready state.
Do you have any Idea ?
Other question, we seen ur beta “Percona Everest”, this project may run on azure kubernetes services even if its not in cloud provider recommanded ?
the problem is that Operator can’t connect to cluster. This might be due to some networking restrictions.
Are there any network policies in your cluster? Or traffic firewalls that restrict traffic flows between the pods?
As for Percona Everest - it can run on any Kubernetes cluster. Right now we rigorously test it on AWS EKS and GKE, but as our Operators are certified on AKS, it will work too.
@Peter_Szczepaniak is a product manager for Everest and would be glad to give you a demo or tell more about it
for details, we have 2 aks on one vnet, when we use private option, for routing aks use azure route table and write pod cicdr in this route table, but all my aks are on same vnet with same pod cicdr so they try to have priority on route table, so pod don’t know how to make liveness probes.
I change pod cicdr on second aks and it work Thanks a lot for your help !
@Peter_Szczepaniak i think we gonna contact u for a demo. but i have few questions before
Do you have a public roadmap ? Do you know when u i’ll support azure storage for backup ? and when we i’ll be able to use private load balancer with vnet IP ?
I am sure happy to hear that you’ve been successful with Everest. Please send your availability to my email peter.szczepaniak@percona.com and I’ll set up zoom where we can discuss your needs and feedback. We do not currently have public roadmap, we recently published our JIRA project and hopefully soon we will be able to make our roadmap available as well.
Thanks a lot for your help !