Find free IP inside a vnet/subnet

[calinmarina]

Is your feature request related to a problem? Please describe.
It is very often when you need to find a free IP to further use it, for example to create a load balancer:

az network lb create \
    --resource-group $RgName \
    --name $LoadBalancerName \
    --frontend-ip-name $FrontEndName \
    --private-ip-address $privateIPAddress \
    --backend-pool-name $BackEndPool \
    --vnet-name $vnetName \
    --subnet $SubNet 

Q: is there something in the CLI that helps with that?

Describe the solution you'd like
I'd like to have something off the shelf like:
az network vnet --get-private-ip-address
... so we don't have to iterate through the whole vnet and check for a free one

[yugangw-msft]

One option is you can dump out used private ip addresses in a vnet using a command below and then pick a free one you can use. Will that help?

az network nic list --query "[?starts_with(ipConfigurations[0].subnet.id,`/subscriptions/0b1f6471-1bf0-4dda-aec3-cb9272xxxxx/resourceGroups/myGroup/providers/Microsoft.Network/virtualNetworks/myVnet/subnets/subnet`)]|[].ipConfigurations[0].privateIpAddress" -otsv
10.0.0.4
10.0.0.5
10.0.0.6

[calinmarina]

might do... I did discover meanwhile that knowing any IP in the subnet (I had a VM in there) you can check if it is available and you will get false but also a list of free IPs in the subnet:
privateIPAddress="$(az network vnet check-ip-address --resource-group $RgName --name $vnetName --ip-address $known_ip | jq -r .availableIpAddresses[0])"

[yugangw-msft]

Good find! This is a better option :)

[adewaleo]

It seems this issue has been resolved?

i will be closing this issue. If you have any further questions, please let us know.

[calinmarina]

well... it's a feature request, it hasn't been resolved or implemented, we rather found something to help not even a workaround, so I wouldn't leave it closed as it's not

... at the moment Closed means rejected

[yugangw-msft]

@christiankuhtz(from network team) could please chime in whether or not this is a common user ask. If yes, we can reactivate as a feature work which @adewaleo will happily implement

[adewaleo]

@calinmarina, thanks for following up. My apologies if we misunderstood you. I would be happy to implement this feature if the network team / @yugangw-msft gives the go-ahead.

[a-dimas]

@calinmarina, thanks for following up. My apologies if we misunderstood you. I would be happy to implement this feature if the network team / @yugangw-msft gives the go-ahead.

Have they given it?

[calinmarina]

Not as far as I know... it's at the phase where you need to vote for it :)
👍 if you need it

[dennisgeorge]

Yes, this is an absolute necessity. Either provide IPAM services natively within Azure, or make such functions readily available through the CLI.

[yugangw-msft]

@dennisgeorge @calinmarina @a-dimas we will add support in CLI to make this simple.

[yugangw-msft]

And if anyone wants to contribute, please feel free to submit a PR!

[dilyankostov]

This is a short powershell script that checks if an IP is free and if not, displays a free one. I think it gets a free IP from the same subnet, but it could be just a close one to the one given, not sure.
$IP="X.X.X.X"
$vnetName = "XXXXXXX"
$rgname="XXXXXXX"

$freeIPs=$(Get-AzureRmVirtualNetwork -Name $vnetName -ResourceGroupName $rgname | Test-AzureRmPrivateIPAddressAvailability -IPAddress $IP).AvailableIPAddresses
if ($freeIPs){
Write-Output "The IP $IP is not free"
Write-Output "Here are a couple of free IPs `n $freeIPs"
$freeIP=$freeIPs| Select-Object -First 1
Write-Output "The variable freeIP is set to $freeIP which is a free IP"
}else {
$freeIP=$IP
Write-Output "The IP $IP is free. You can use the variable freeIP or IP to get it."}

[guanwenlng]

az network lb create
--resource-group $RgName
--name $LoadBalancerName
--frontend-ip-name $FrontEndName
--private-ip-address $privateIPAddress
--backend-pool-name $BackEndPool
--vnet-name $vnetName
--subnet $SubNet

[guanwenlng]

$ IP =“XXXX”
$ vnetName =“XXXXXXX”
$ rgname =“XXXXXXX”

$ freeIPs = $（Get-AzureRmVirtualNetwork -Name $ vnetName -ResourceGroupName $ rgname | Test-AzureRmPrivateIPAddressAvailability -IPAddress $ IP）.AvailableIPAddresses
if（$ freeIPs）{
Write-Output“IP $ IP不是免費的”
寫輸出“這裡是一些免費的IP`n $ freeIPs“
$ freeIP = $ freeIPs | Select-Object -First 1
Write-Output“變量freeIP設置為$ freeIP，這是一個免費IP”
}否則{
$ freeIP = $ IP
Write-Output“IP $ IP是免費的。您可以使用變量freeIP或獲得它的IP。“}

[techspeque]

@christiankuhtz I have a quite specific use case to support this feature request.

There is a piece of documentation from Azure on AKS - Create an ingress controller to an internal virtual network in Azure Kubernetes Service (AKS) and if you follow through it you'll get to the point where you need to provide the loadBalancerIP and as you may notice it is indeed a private IP within an already existing subnet.

As part of automating the process in the above doc you need to be able to obtain IP value from an existing subnet and assign it to a Load Balancer.

The current workaround I have implemented, even the one with the workaround kindly provided by @calinmarina is still not 100% feasible, especially in a case of as dynamically fluid system such as AKS where there are hundreds of events going on in a single minute, including IP allocations to pods.

So, a feature such as this implemented in a right way (being able to target a vnet and optionally a subnet) would very much help.

[ados1991]

You can use this https://github.com/ados1991/terraform-azure-Get-IpAvailablesAddressesSubnet

[yonzhan]

add to S165.

[mmyyrroonn]

@ados1991 @calinmarina Thanks for raising this issue. Since we don't get the service's response for a long time, I use the same way like @ados1991 did to implement this functionality.