Adding an AKS deployed in a private DNS zone
At the CDP-level, when you provision the environment, you can use an Azure Kubernetes Service (AKS) created in an existing Azure Private DNS zone. Alternatively, if you do not have an existing private DNS zone configured, the system can create a new private DNS zone for the AKS.
If all the following statements are true, the system uses the private DNS zone that
you specify in the aksPrivateDnsZoneId
parameter and provisions an
AKS:
- The private network is enabled (the
privateNetwork.enabled
parameter is set totrue
, or the Enable Private Network option is selected on the UI) - While provisioning the environment using CLI, the
aksPrivateDnsZoneId
parameter is configured - The
LIFTIE_AKS_DISABLE_PRIVATE_DNS_ZONE
parameter is set to false (default)
If all the following statements are true, the system creates and enables a new private DNS zone and provisions an AKS:
- The private network is enabled (the
privateNetwork.enabled
parameter is set totrue
, or the Enable Private Network option is selected on the UI) - The
aksPrivateDnsZoneId
parameter is not set - The
LIFTIE_AKS_DISABLE_PRIVATE_DNS_ZONE
parameter is set to false (default)
To provision the AKS in a private DNS zone, you need the full resource ID of the private DNS zone. To obtain the full resource ID, use the JSON view option in
. Example for the full resource ID of a private DNS zone for an AKS:/subscriptions/[***SUBSCRIPTIONID***]/resourceGroups/[***RESOURCEGROUP***]/providers/Microsoft.Network/privateDnsZones/privatelink.[***REGION***].azmk8s.io
For
information on how to create the environment for CDE, see Register an Azure environment from CDP CLI and
Obtain CLI commands for registering an environment.