Azure Load Balancer and global vNet peering

Just coming back from a strange troubleshooting session where an application running on an AKS Cluster was not responding anymore after a network architecture change. It turned out quickly, that the root cause had to be searched in the recent configuration change. The change included a new routing configuration in the customers Azure global network. The AKS cluster’s network has been peered with a new hub network. The hub network is located in SwitzerlandNorth region whereas the AKS application vnet is located in WestEurope. So we have created a so called cross-region or “global” vnet peering.

<figcaption>image source: Microsoft</figcaption></figure>

After changing the routes everything but the AKS’s load balancer frontend IP was reachable from on-premises.

Long story short – The AKS cluster was using the basic SKU of Azure Load Balancer which does not support global vNet peering.

More information:
https://docs.microsoft.com/en-us/azure/load-balancer/concepts-limitations

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-peering-overview

Hope this prevents some headaches

Happy peering everyone!