When Assign Endpoint for applications in an Azure Spring Cloud service instance deployed in your own virtual network, the endpoint is a private FQDN which is only accessible in private network, and functionalities uses the application's endpoint, include Test Endpoint described in Verify the staging deployment and Log streaming described in Stream Azure Spring Cloud app logs in real-time, are also only works within the private network.
To access the application endpoint, you need to create an Azure Private DNS Zone in your subscription to translate/resolve the private FQDN to its IP address.
-
Open the Azure portal. From the top search box, search for Private DNS zones, and select Private DNS zones from the result.
-
On the Private DNS zones page, select + Add.
-
Fill out the form on the Create Private DNS zone page. Please enter private.azuremicroservices.io as the Name of the zone.
-
Select Review + Create.
-
Select Create.
It may take a few minutes to create the zone.
To link the private DNS zone to the virtual network, you need to create a virtual network link.
-
Select the private.azuremicroservices.io private DNS zone resource created above.
-
On the left pane, select Virtual network links.
-
Select Add.
-
Type azure-spring-cloud-dns-link for the Link name.
-
For Virtual network, select the virtual network you created in guidance Deploy Azure Spring Cloud in your Azure virtual network (VNet injection).
-
Select OK.
To use the private DNS zone to translate/resolve DNS, you need to create an "A" type record in the zone.
-
Select the virtual network resource you created in guidance Deploy Azure Spring Cloud in your Azure virtual network (VNet injection).
-
In the Connected devices search box, enter kubernetes-internal.
-
In the filtered result, find the one connected to the Service Runtime subnet of the service instance, and copy its IP Address. In this sample, the IP Address is 10.1.0.7.
Or you can fetch the IP using the following az cli command:
SPRING_CLOUD_RG= # Resource group name of your Azure Spring Cloud service instance SPRING_CLOUD= # Name of your Azure Spring Cloud service instance SERVICE_RUNTIME_RG=`az spring-cloud show -g $SPRING_CLOUD_RG -n $SPRING_CLOUD --query "properties.networkProfile.serviceRuntimeNetworkResourceGroup" -o tsv` IP_ADDRESS=`az network lb frontend-ip list --lb-name kubernetes-internal -g $SERVICE_RUNTIME_RG --query "[0].privateIpAddress" -o tsv` -
Select the private.azuremicroservices.io private DNS zone resource created above.
-
Select + Record set.
-
In Add record set, enter or select this information:
Setting Value Name Enter * Type Select A TTL Enter 1 TTL unit Select Hours IP address Enter the IP address copied in step 3. In the sample, enter 10.1.0.7. Then select OK.
After following the guide of Build and deploy microservice applications, you can assign private FQDN for your application.
-
Select the Azure Spring Cloud service instance deployed in your own virtual network, and open the Apps tab in the menu on the left.
-
Select the application to show the Overview page.
-
Select Assign Endpoint to assign a private FQDN to your application. This can take a few minutes.
-
The assigned private FQDN (labeled URL) is now available. It can only be accessed within the private network, but not on Internet.
After assign, now you can access the private FQDN of your application in private network. For example, you can create a jumpbox machine in the same virtual network, or a peered virtual network, and on that jumpbox machine the private FQDN is accessible.
