Edit

Simplify network configuration requirements with Azure Arc gateway

If you use enterprise proxies to manage outbound traffic, Azure Arc gateway can help simplify the process of enabling connectivity. Before using Arc gateway with AKS on Azure Local, ensure you complete the prerequisites for creating AKS clusters on Azure Local.

The AKS Arc gateway lets you:

  • Connect to Azure Arc by opening public network access to only seven fully qualified domain names (FQDNs).
  • View and audit all traffic that the Arc agents send to Azure via the Arc gateway.

How the Azure Arc gateway works

The Arc gateway works by introducing an Azure resource that serves as a common front end for Azure traffic. The gateway resource is served on a specific domain/URL that simplifies network configuration requirements.

For more information, see how the Azure Arc gateway works.

Required network endpoints

For the complete list of required URLs and endpoints that must be allowed through your enterprise firewall when using Arc gateway with AKS on Azure Local, see Azure Local endpoints not redirected through Arc gateway.

Using Arc gateway with AKS clusters

If Arc gateway is enabled in your environment, newly created AKS Arc clusters automatically utilize it to simplify network connectivity.

Other scenarios

Arc gateway covers endpoints required for AKS Arc clusters, and a portion of endpoints required for more Arc-enabled scenarios. Based on the scenarios you adopt, more endpoints must still be allowed in your proxy.

All endpoints listed for the following scenarios must be allowed in your enterprise proxy when Arc gateway is in use:

Next steps

  • Last updated on