Cloudera Docs

Configuring an existing private DNS zone for a Storage Account File Share

You can configure an existing Azure private DNS zone for your Storage Account File Share to use in your CDE service. Alternatively, if you do not have an existing private DNS zone configured, the system can create a new private DNS zone for the Storage Account File Share.

If all the following statements are true, the system uses the private DNS zone that you specify in the azure.fileshare.privateDNSZoneId parameter for the private Storage Account:

  • The private network is enabled (the privateNetwork.enabled parameter is set to true)
  • The DE_AZURE_PRIVATE_STORAGE parameter is set to true on CDP-level
  • The azure.fileshare.privateDNSZoneId parameter is set
  • The custom Storage Account (also known as Bring Your Own Storage Account) is not used

If all the following statements are true, the system creates and enables a new private DNS zone for the private Storage Account:

  • The private network is enabled (the privateNetwork.enabled parameter is set to true)
  • The DE_AZURE_PRIVATE_STORAGE parameter is set to true on CDP-level
  • The azure.fileshare.privateDNSZoneId parameter is not set
  • The custom Storage Account (also known as Bring Your Own Storage Account) is not used

For information on how to configure an existing private DNS zone for a Storage Account File Share using the API, see Configuring an existing private DNS zone for a database and a Storage Account File Share using the API.

To configure an existing private DNS zone for a Storage Account File Share, make sure that the following prerequisites are fulfilled:

  • The DE_AZURE_PRIVATE_STORAGE parameter is set to true on the CDP-side.
  • The privateNetwork.enabled parameter is set to true.

To configure an existing private DNS zone for a Storage Account File Share, you need the full resource ID of the private DNS zone. To obtain the full resource ID, use the JSON view option in Azure > Private DNS Zones. Example for the full resource ID of a private DNS zone for Storage Account File Share:

/subscriptions/[***SUBSCRIPTIONID***]/resourceGroups/[***RESOURCEGROUP***]/providers/Microsoft.Network/privateDnsZones/privatelink.file.core.windows.net
To configure an existing private DNS zone for a Storage Account File Share, specify the full resource ID of the private DNS zone.

To configure the Azure private DNS zone ID for the Storage Account File Share, use the enable-cluster CDP command with the --azure-fileshare-private-dns-zone-id flag.

cdp de enable-service 
 --name "[***SERVICE NAME***]"
 --env "[***ENVIRONMENT NAME***]"
 --instance-type Standard_D8s_v4
 --minimum-instances 0
 --maximum-instances 50
 --enable-private-network
 --azure-database-private-dns-zone-id "[***AZURE DATABASE PRIVATE DNS ZONE RESOURCE ID***]"
 --azure-fileshare-private-dns-zone-id "[***AZURE DATABASE FILE SHARE DNS ZONE RESOURCE ID***]"