Sunday, 25 April 2021

Resolving Azure PostgreSQL FQDN

 Hello everyone and Happy Sunday . today i would to share finding that was found during my troubleshooting with MS support for resolving  Azure Postgres fqdn from onpremise network. By the way, the postgres that im refering to is Azure Database for PostgreSQL flexible server . To make it even complicated i have deployed this in private mode (vNet Intergration). 



The problem occurred when any server that is not the same virtual network with posgresql or on premises, the DB connection string cannot use posgresql fqdn because the name cannot be resolve. In order to solve that, there will some DNS conditional forwarding and DNS server running in the same virtual network with azure postgresql server. 



Component involve 
1. Existing Active Directory  (172.16.0.4)
2. Existing Azure PostgreSQL (enfrasql)
3. New DNS server (10.0.0.68)

Step 1 - Create conditional forwarder in existing Active Directory with the record as below. 



Step 2 . Go to new DNS server and create the record as below


 By now, the ping test will get the result either from hub-vnet or vnet01 to posgresql fqdn, it will be resolve accordingly. 



In summary, what this does is, forward the any request contained postgresql.database.azure.com to 10.0.0.68 and it will be forwarding again to Azure DNS IP (168.63.129.16) in order to resolve the FQDN.  Do note that Azure Postgresql flexible server is still in preview and it may has some improvement toward resolving the fqdn better in future. 

Some good link that i refer to is here 

1. Name resolution for resources in Azure virtual networks | Microsoft Docs


Kubecost on AKS Part 02