Forum Discussion
End to End TLS with Application Gateway + AGIC And Pods Service Discovery Using Azure Private DNS
HI Microsoft Team, Lately we have exploring the powerful addon , AGIC which fits in right way with AKS and App gateway. However, we are trying to figure out some problems we are facing. We are tryi...
vkuma297 For the issues and concerns you described you should consider using a service mesh product like LinkerD (https://linkerd.io/). This has ingress controller functionality, policy for mTLS, and cross-cluster communication.
Alternatively look at the availability zones implementation of AKS https://docs.microsoft.com/en-us/azure/aks/availability-zones which is different than just creating a base AKS install. This guarantees cross-cluster communication, but would still require extra configuration for mTLS.
By default with the MS scripts from some of the reference architectures, it's by design that all inbound communication go through the API Gateway, so some of your behaviour may be expected/by default.