I have a AKS Cluster and some microservice with Nodeport available in it.
User -> Application Gateway -> Backend Pool -> Nodeport of microservice -> service
However, i have idea to use Application Gateway with Virtual machine scale sets from AKS Node Pool.
When i add backend (VMSS) of AKS Nodepool in application gateway
{
"status": "Failed",
"error": {
"code": "LinkedAuthorizationFailed",
"message": "The client has permission to perform action 'Microsoft.Compute/galleries/images/versions/read' on scope '/subscriptions/aa51d057-842e..../resourcegroups/MC_loadbalancer_aaa-aks-1_southeastasia/providers/Microsoft.Compute/virtualMachineScaleSets/aks-syspool-13675031-vmss', however the current tenant '1393b73d-faec-...' is not authorized to access linked subscription '911a5e88-712a-...'."
}
}
But if i create manual VMSS and add it to application gateway, it's fine. But when i add VMSS Node Pool by AKS Cluster, it's error like above.
The error is weird. It's like my Tenant ID doesn't have subscription to 911a5e88....
Is it really possible to connect application gateway to AKS Node Pool as backend-pool ?
question from:
https://stackoverflow.com/questions/65898302/azure-application-gateway-with-aks-kube-proxy 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…