skip to Main Content

I have created the private endpoint using terraform in azure redis cache.

Here’s the relevant part of my Terraform code:

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = ">=3.0.0"
    }
  }
}

provider "azurerm" {
  features {}
}


locals {
  redis_name = "my-private-endpoint"
  resource_group     = "my-resource-group"
  location = "eastus"
}


resource "azurerm_private_endpoint" "example" {
  name                = local.redis_name
  location            = local.location
  resource_group_name = local.resource_group
  subnet_id           = data.azurerm_subnet.example.id

  private_service_connection {
    name                           = "akhil-obeliskredis-cache-testing-connection-private"
    private_connection_resource_id = data.azurerm_redis_cache.example.id
    subresource_names              = ["redisCache"]
    is_manual_connection           = false

  }
  private_dns_zone_group {
    name                 = "default"
    private_dns_zone_ids = [azurerm_private_dns_zone.example.id]
  }

}

resource "azurerm_private_dns_zone" "example" {
  name                = "privatelinktest.redis.cache.windows.net"
  resource_group_name = "cvad-int-us-k8s-rg-a"
}

data "azurerm_subnet" "example" {
  name                 = "aks-subnet"
  virtual_network_name = "cvad-int-us-vnet-a"
  resource_group_name  = "cvad-int-us-k8s-rg-a"
}


data "azurerm_redis_cache" "example" {
  name                = "akhil-obeliskredis-cache-testing"
  resource_group_name = "my-resource-group"
}

Once private endpoint is created I am facing the issue when I did netcat on the network:

nc: getaddrinfo for host "akhil-obeliskredis-cache-testing.redis.cache.windows.net" port 6380: Name or service not known

I see one difference. In terraform creation fqdn is not creating and when I created manually from azure portal fqdn is creating and it is working with out any error

Using Terraform
enter image description here

Manually Creating from azure portal – After that when I p
enter image description here

Please guide me on what might be missing when I try to create a private endpoint for Azure Redis Cache using Terraform.

Thanks in Advance

2

Answers


  1. There are several resources that needs to be configured correctly for this to work:

    • Private Endpoint
    • Private DNS Zone
    • DNS Zone Group
    • VNet Link

    Is your Vnet linked to the private DNS zone? I don’t see a Vnet link resource in your code.

    "azurerm_private_dns_zone_virtual_network_link" enable DNS resolution and registration inside Azure Virtual Networks using Azure Private DNS.

    resource "azurerm_private_dns_zone_virtual_network_link" "example" {
      name                  = "test"
      resource_group_name   = azurerm_resource_group.example.name
      private_dns_zone_name = azurerm_private_dns_zone.example.name
      virtual_network_id    = azurerm_virtual_network.example.id
    }
    

    Refer: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link

    Login or Signup to reply.
  2. I am using the following approach to use Private Endpoint with Redis Cache:

    module "redis_cache" {
      source = "../shared/redis"
    
      env_config = local.env_config
      config     = local.redis_config
    }
    
    module "redis_cache_endpoint" {
      source = "../shared/network/private_endpoint"
    
      depends_on = [
        module.redis_cache,
        data.azurerm_subnet.bkend
      ]
    
      env_config = local.env_config
    
      config = {
        connected_resource      = module.redis_cache.redis_config.id
        endpoint_name           = "${module.redis_cache.redis_config.redis_cache_name}-pep"
        service_connection_name = "${module.redis_cache.redis_config.redis_cache_name}-sc"
        subnet_id               = data.azurerm_subnet.bkend.id
        subresource_names       = ["redisCache"]
      }
    }
    
    module "redis_cache_private_network_a_record" {
      source = "../shared/private_dns/private_dns_a_record"
    
      depends_on = [
        module.redis_cache,
        module.redis_cache_endpoint
      ]
    
      providers = {
        azurerm = azurerm.hubdns
      }
    
      env_config = local.env_config
    
      config = {
        a_record_name         = module.redis_cache.redis_config.redis_cache_name
        private_dns_zone_name = "privatelink.redis.cache.windows.net"
        private_ip_address    = [module.redis_cache_endpoint.config.private_ip_address]
        ttl                   = 3600
      }
    }
    

    I have everything config driven and it is working fine for me.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search