I have a SQL Server Resource in Azure; in its firewall settings, I added a firewall rule to accept the public IP from 2 different AKS (Kubernetes clusters). Then I created a python script that connects to this Database. Connection works from one cluster but not from the other.

Cluster A and Cluster B public IPs try to connect to the Azure Resource Settings:

Cluster A throws the error:

pyodbc.ProgrammingError: ('42000', "[42000] [unixODBC][Microsoft][ODBC Driver 18 for SQL Server][SQL Server]Cannot open server '' requested by the login. Client with IP address '' is not allowed to access the server.  To enable access, use the Windows Azure Management Portal or run sp_set_firewall_rule on the master database to create a firewall rule for this IP address or address range.  It may take up to five minutes for this change to take effect. (40615) (SQLDriverConnect

Cluster B throws the error:

pyodbc.ProgrammingError: ('42000', "[42000] [unixODBC][Microsoft][ODBC Driver 18 for SQL Server][SQL Server]Cannot open server '' requested by the login. Client is not allowed to access the server. (40914) (SQLDriverConnect)")

After Adding the Cluster A IP to the firewall settings, the connection works as intended. After Adding the Cluster B IP to the firewall settings throws the same error.

I did not create either of the clusters. It feels like something is preventing Cluster B from accessing this resource. I'd like to know where to look for whatever is preventing the connection.

CodePudding user response：

You can read on error 40914 here. It looks like you need to give access to the subnet of Cluster B, not its external IP. The two clusters might have different network setups.