A subnet can be associated to a network security group. A subnet can also be associated with a route table so that it has specific routes.
Just like AWS, Azure also provides route table resources for route management. By default, Azure already provides default routing for virtual networks and subnets. We don't need to worry about the routes when we use the AKS service.
When creating a virtual network, a default subnet will be created by default:
# az network vnet subnet list --vnet-name devops-vnet --resource-group devops
[
{
"addressPrefix": "10.0.0.0/24",
"addressPrefixes": null,
"delegations": [],
"etag": "W/"a93c56be-6eab-4391-8fca-25e11625c6e5"",
"id": "/subscriptions/f825790b-ac24-47a3-89b8-9b4b3974f0d5/resourceGroups/devops/providers/Microsoft.Network/virtualNetworks/devops-vnet/subnets/default",
"interfaceEndpoints": null,
"ipConfigurationProfiles": null,
"ipConfigurations": null,
"name": "default",
"networkSecurityGroup": null,
"provisioningState": "Succeeded",
"purpose": null,
"resourceGroup": "devops",
"resourceNavigationLinks": null,
"routeTable": null,
"serviceAssociationLinks": null,
"serviceEndpointPolicies": null,
"serviceEndpoints": null,
"type": "Microsoft.Network/virtualNetworks/subnets"
}
]
Other than the default subnet, let's create one more subnet with the prefix 10.0.1.0/24. Note that the CIDR of the subnet needs to be in the same CIDR prefix network block as the VNet in which the subnet is located:
# az network vnet subnet create --address-prefixes 10.0.1.0/24 --name test --vnet-name devops-vnet --resource-group devops
{
"addressPrefix": "10.0.1.0/24",
"addressPrefixes": null,
"delegations": [],
"etag": "W/"9f7e284f-fd31-4bd3-ad09-f7dc75bb7c68"",
"id": "/subscriptions/f825790b-ac24-47a3-89b8-9b4b3974f0d5/resourceGroups/devops/providers/Microsoft.Network/virtualNetworks/devops-vnet/subnets/test",
"interfaceEndpoints": null,
"ipConfigurationProfiles": null,
"ipConfigurations": null,
"name": "test",
"networkSecurityGroup": null,
"provisioningState": "Succeeded",
"purpose": null,
"resourceGroup": "devops",
"resourceNavigationLinks": null,
"routeTable": null,
"serviceAssociationLinks": null,
"serviceEndpointPolicies": null,
"serviceEndpoints": null,
"type": "Microsoft.Network/virtualNetworks/subnets"
}
We can now list the subnets in this VNet:
# az network vnet subnet list --vnet-name devops-vnet --resource-group devops | jq .[].name
"default"
"test"
jq (https://stedolan.github.io/jq/):
jq is a JSON command-line processor that is installed in the cloud shell by default. It's a very convenient tool to list the desired fields inside a JSON output. If you're not familiar with jq, take a look at the manual at the following link: https://stedolan.github.io/jq/manual/.
jq is a JSON command-line processor that is installed in the cloud shell by default. It's a very convenient tool to list the desired fields inside a JSON output. If you're not familiar with jq, take a look at the manual at the following link: https://stedolan.github.io/jq/manual/.