You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/aks/configure-kubenet.md
+3-2Lines changed: 3 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -50,6 +50,7 @@ With *Azure CNI*, each pod receives an IP address in the IP subnet and can commu
50
50
51
51
* An additional hop is required in the design of kubenet, which adds minor latency to pod communication.
52
52
* Route tables and user-defined routes are required for using kubenet, which adds complexity to operations.
53
+
* For more information, see [Customize cluster egress with a user-defined routing table in AKS](./egress-udr.md) and [Customize cluster egress with outbound types in AKS](./egress-outboundtype.md).
53
54
* Direct pod addressing isn't supported for kubenet due to kubenet design.
* AKS doesn't apply Network Security Groups (NSGs) to its subnet and doesn't modify any of the NSGs associated with that subnet. If you provide your own subnet and add NSGs associated with that subnet, you must ensure the security rules in the NSGs allow traffic between the node and pod CIDR. For more details, see [Network security groups][aks-network-nsg].
@@ -86,7 +87,7 @@ The following considerations help outline when each network model may be the mos
86
87
* Most of the pod communication is within the cluster.
87
88
* You don't need advanced AKS features, such as virtual nodes or Azure Network Policy.
88
89
89
-
***Use *Azure CNI* when**:
90
+
**Use *Azure CNI* when**:
90
91
91
92
* You have available IP address space.
92
93
* Most of the pod communication is to resources outside of the cluster.
@@ -247,7 +248,7 @@ kubenet networking requires organized route table rules to successfully route re
247
248
> [!NOTE]
248
249
> When you create and use your own VNet and route table with the kubenet network plugin, you need to use a [user-assigned control plane identity][bring-your-own-control-plane-managed-identity]. For a system-assigned control plane identity, you can't retrieve the identity ID before creating a cluster, which causes a delay during role assignment.
249
250
>
250
-
> Both system-assigned and user-assigned managed identities are supported when you create and use your own VNet and route table with the azure network plugin. We highly recommend using a user-assigned managed identity for BYO scenarios.
251
+
> Both system-assigned and user-assigned managed identities are supported when you create and use your own VNet and route table with the Azure network plugin. We highly recommend using a user-assigned managed identity for BYO scenarios.
251
252
252
253
### Add a route table with a user-assigned managed identity to your AKS cluster
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments