cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Configuring Custom DNS for Azure Spring App in a Private Network
By
wanjing
Published Apr 26 2023 10:59 PM 3,000 Views
wanjing
Microsoft
‎Apr 26 2023 10:59 PM

Configuring Custom DNS for Azure Spring App in a Private Network

‎Apr 26 2023 10:59 PM

Azure Spring App is a cloud-based platform for building and deploying enterprise-grade Java applications. By default, Azure Spring App uses Azure DNS for name resolution. However, in some cases, you may want to use custom DNS servers for name resolution. This article explains how to configure custom DNS for Azure Spring App in a private network.

 

Suggestions for Using Custom DNS.

  • Set up less than 3 custom DNS servers. 

         Azure Kubernetes Service (AKS) uses the CoreDNS project for cluster DNS management and resolution. Based on observation, it only takes the first three custom DNS server settings. If you specify more than three custom DNS servers, AKS will only use the first three. 

         Snipaste_2023-04-26_13-50-52.png

  • Make sure that all custom DNS servers have same records that all of them could resolve your private URLs.

         With multiple DNS servers, the resolver library queries them in the order that's listed. (The strategy used is to try a name server first. If the query times out, try the next name server, and continue until the list of name servers is exhausted. Then, the query continues to try to connect to the name servers until the maximum number of retries are made.)

 

  • If two custom DNS servers are specified, and the third DNS server is specified as Azure DNS (168.63.129.16), the node will send requests to the first custom DNS server if it's running and reachable. In this setup, the node can resolve the custom domain. However, some of the DNS requests from the pod might be directed to Azure DNS. This is because CoreDNS can select the upstream server at random. In this scenario, the custom domain can’t be resolved. Therefore, the DNS request fails.

         We recommend that you don't combine Azure DNS with custom DNS servers in the virtual network settings. If you want to use the custom DNS servers, add only the custom DNS servers in the virtual network settings. Then, configure Azure DNS in the forwarder settings of your custom DNS servers.

 

 

Setting up DNS Forwarding on a Custom DNS Server.

 

As discussed earlier, we need to set up Azure DNS in the DNS forwarding on your custom DNS server, you can add the IP address (168.63.129.16) of the Azure DNS server to the DNS forwarder settings. This will allow your custom DNS server to forward DNS requests to the Azure DNS server for resolution. Keep in mind that the specific steps for configuring DNS forwarding on your Windows or Linux DNS server may vary depending on the distribution and version of Linux you're using.

 

Windows Server

  1. Open the DNS Manager on the custom DNS server.

  2. Right-click on the server name and select "Properties".

  3. Click on the "Forwarders" tab.

  4. Click "Edit" and enter the IP address of the DNS server you want to forward requests to.

  5. Click "OK" to save your changes.

     dnsforward.png

Reference link: https://www.readandexecute.com/how-to/server-2016/dns/configure-dns-forwarders-windows-server-2016/

 

Linux Server

  1. Open the DNS configuration file on the custom DNS server. The location of the file may vary depending on your Linux distribution.

  2. Add the following line to the configuration file, replacing "IP_ADDRESS" with the IP address of the DNS server you want to forward requests to:

forwarders { IP_ADDRESS; };

  1. Save the configuration file.

  2. Restart the DNS service to apply the changes.

Reference link: How To Configure Bind as a Caching or Forwarding DNS Server on Ubuntu 16.04 | DigitalOcean.

 

 

How to Verify if your Custom DNS can Resolve Private URLs?

 

I would suggest using the 'Console' feature of the Azure Spring Apps portal to connect to your app instance for troubleshooting, as described in this link: Connect to an app instance for troubleshooting. Once connected, you can run the 'nslookup' command to check the resolution result of your private URLs.

nslookup.png

 

 

How to Verify if DNS Forwarding to Azure DNS is Set Up Correctly?

 

Azure Spring Apps created a private DNS zone with '*.svc.private.azuremicroservices.io' in system cluster and link to your Vnet. That is why by using Azure DNS, it can resolve the FQDN '*.svc.private.azuremicroservices.io'.

 

To verify if the DNS forwarding to Azure DNS is set up correctly, you can use DNS health check feature through the 'Diagnose and solve problems' blade in the Azure portal. 

dns1.png

 

If you're seeing an error message that says, 'cannot resolve private DNS zone', it indicates that DNS forwarding is not properly configured. This error can occur when your custom DNS server is unable to forward DNS requests to the Azure DNS server for resolution.

 

dns_resolution.png

 

I hope this article has been useful in addressing some of the issues you may encounter when using a custom DNS server with Azure Spring Apps. By following the steps outlined in this article, you can ensure that your custom DNS server is properly configured to resolve private URLs and forward DNS requests to the Azure DNS server for resolution.

Co-Authors
Version history
Last update:
‎Apr 26 2023 01:15 AM
Updated by:
Labels