Edit

Share via

Simplify network configuration for AKS on Azure Local with Azure Arc gateway (preview)

If you use enterprise proxies to manage outbound traffic, Azure Arc gateway can help simplify the process of enabling connectivity. Before using Arc gateway with AKS on Azure Local, ensure you complete the prerequisites for creating AKS clusters on Azure Local.

The AKS Arc gateway (currently in preview) lets you:

  • Connect to Azure Arc by opening public network access to only seven fully qualified domain names (FQDNs).
  • View and audit all traffic that the Arc agents send to Azure via the Arc gateway.

Important

AKS Arc gateway is currently in preview.

See the Supplemental Terms of Use for Microsoft Azure Previews for legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.

How the Azure Arc gateway works

The Arc gateway works by introducing an Azure resource that serves as a common front end for Azure traffic. The gateway resource is served on a specific domain/URL that simplifies network configuration requirements.

For more information, see how the Azure Arc gateway works.

Required network endpoints

For the complete list of required URLs and endpoints that must be allowed through your enterprise firewall when using Arc gateway with AKS on Azure Local, see Azure Local endpoints not redirected through Arc gateway.

Using Arc gateway with AKS clusters

If Arc gateway is enabled in your environment, newly created AKS Arc clusters automatically utilize it to simplify network connectivity.

Other scenarios

During the public preview, Arc gateway covers endpoints required for AKS Arc clusters, and a portion of endpoints required for more Arc-enabled scenarios. Based on the scenarios you adopt, more endpoints must still be allowed in your proxy.

All endpoints listed for the following scenarios must be allowed in your enterprise proxy when Arc gateway is in use:

Next steps

  • Last updated on