Configure a load balancer service to use a static public IP
This content is authored by Red Hat experts, but has not yet been tested on every supported configuration.
This guide demonstrates how to create and assign a static public IP address to an OpenShift service in Azure Red Hat OpenShift (ARO). By default, the public IP address assigned to an OpenShift service with a type of LoadBalancer created by an ARO cluster is only valid for the lifespan of that resource. If you delete the OpenShift service, the associated load balancer and IP address are also deleted. If you want to assign a specific IP address or retain an IP address for redeployed OpenShift services, you can create and use a static public IP address.
This guide will walk through the following steps:
- Create a new static public IP address.
- Grant the Azure Red Hat OpenShift (ARO) cluster’s service principal access to the parent resource group.
- Create the load balancer service and assign the static public IP address.
Prerequisites
- An existing ARO cluster. If you need an ARO cluster, see the quickstart here .
- The Azure CLI. If you need to install the Azure CLI, see the Microsoft documentation here .
Before you begin
Before we begin, we need to set a few environment variables that will help us run the commands included in the guide.
Create a new static public IP address
Create a static public IP address by using the az network public ip create command. The following command creates a static IP resource using the name you specified above in the parent resource group of the cluster object. To create the IP, run the following command:
The static public IP address provisioned is displayed as a part of the output of the command. It will look something like this:
Grant the Azure Red Hat OpenShift (ARO) cluster’s service principal access to the parent resource group
Next, we must grant the Azure Red Hat OpenShift (ARO) cluster’s service principal access to the network resources of the parent resource group where we’ve created the static public IP. This must be done because the public IP lives outside of the cluster’s managed resource group (which starts with aro-). To grant the necessary access, run the following command:
Create the load balancer service and assign the static public IP address.
Finally, we need to create a LoadBalancer service inside of OpenShift that specifies the static public IP address, as well as the parent resource group. Next, generate the necessary YAML for the LoadBalancer service with the loadBalancerIP property and resource group annotation set. To do so, run the following command, making sure to replace the variables specified:
Feel free to further modify this output (which is saved in your current directory as pip-service.yaml).
Finally, apply the service configuration to the cluster by running the following command (note this will deploy the service directly into the current namespace):
The cluster should provision the load balancer within a minute or two. You can verify this by running the following command:
The output will look similar to this:
You can now access your load balancer using the IP address provided!
