DMZ kind of network design in the AKS

0 votes
I am looking for some guidance on a network design for AKS where all the node pool are in unroutable subnet in a vet and I want to use another vet subnet for the load balancer.

I tried searching it in the documentation and couldn't find any reference. Has anyone have any experience with it?

We cannot peer the networks as it will not have different set of non routable ips a bigger range for the nodes. I did this in aws but looking for a way to do this in aks.
Feb 16, 2023 in AWS by Ashwini
• 5,430 points

1 answer to this question.

0 votes

It sounds like you want to implement a DMZ (Demilitarized Zone) network design in your AKS (Azure Kubernetes Service) environment, where all the node pools are in an unroutable subnet and the load balancer is in a separate subnet. While there isn't a specific guide for implementing this exact scenario in AKS, there are a few general steps you can follow to achieve this network design:

  1. Create two virtual networks (VNets) in Azure: one for the node pools and one for the load balancer. Make sure the two VNets are in different regions and don't have overlapping IP address ranges.

  2. Create a subnet within the node pool VNet for each node pool you want to create in AKS. These subnets should have a non-routable IP address range, such as or

  3. Create a subnet within the load balancer VNet for the Azure Load Balancer. This subnet should have a routable IP address range, as it will be used to route traffic to the node pools.

  4. Create an AKS cluster in the node pool VNet, and make sure to specify the subnets you created in step 2 as the node pool subnets.

  5. Create an Azure Load Balancer in the load balancer VNet, and make sure to specify the subnet you created in step 3 as the backend subnet.

  6. Add the node pools to the Azure Load Balancer, so that traffic can be routed to them. You can do this using the AKS node resource group or by adding the nodes directly to the load balancer.

  7. Configure any necessary network security groups or firewall rules to restrict traffic to and from the node pools and the load balancer, as appropriate for your security needs.

This should give you a basic DMZ network design in AKS, where the node pools are in an unroutable subnet and the load balancer is in a separate, routable subnet. Keep in mind that this is just a general guide, and you may need to adjust the steps based on your specific requirements and network setup.

Ready to level up your coding game? Uncover the realm of microservices with our cutting-edge Microservices Developer Certification!

answered Feb 17, 2023 by sarit
• 1,830 points

Related Questions In AWS

0 votes
1 answer
0 votes
1 answer

Encrypting the data stored in the clusters of Amazon Redshift

Below is the answer to your question. ...READ MORE

answered Oct 4, 2018 in AWS by Archana
• 4,170 points
0 votes
1 answer

How To login to azure kubernetes cluster?

Run az login to authenticate to Azure. Run az aks get-credentials to ...READ MORE

answered Apr 1, 2022 in Azure by Edureka
• 12,690 points
0 votes
1 answer

Azure application insights or log analytics

Insights into Applications Application Insights is an ...READ MORE

answered Mar 25, 2022 in Azure by Edureka
• 13,620 points
0 votes
1 answer
0 votes
1 answer

Xcode not found in the PATH and expo cannot run iOS simulator

It sounds like you've encountered a few ...READ MORE

answered Feb 17, 2023 in AWS by sarit
• 1,830 points
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP