英文:
How to create a private endpoint for azure redis cache using terraform?
问题
我已经使用Azure Redis Cache中的Terraform创建了私有端点。
以下是我Terraform代码的相关部分:
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = ">=3.0.0"
}
}
}
provider "azurerm" {
features {}
}
locals {
redis_name = "my-private-endpoint"
resource_group = "my-resource-group"
location = "eastus"
}
resource "azurerm_private_endpoint" "example" {
name = local.redis_name
location = local.location
resource_group_name = local.resource_group
subnet_id = data.azurerm_subnet.example.id
private_service_connection {
name = "akhil-obeliskredis-cache-testing-connection-private"
private_connection_resource_id = data.azurerm_redis_cache.example.id
subresource_names = ["redisCache"]
is_manual_connection = false
}
private_dns_zone_group {
name = "default"
private_dns_zone_ids = [azurerm_private_dns_zone.example.id]
}
}
resource "azurerm_private_dns_zone" "example" {
name = "privatelinktest.redis.cache.windows.net"
resource_group_name = "cvad-int-us-k8s-rg-a"
}
data "azurerm_subnet" "example" {
name = "aks-subnet"
virtual_network_name = "cvad-int-us-vnet-a"
resource_group_name = "cvad-int-us-k8s-rg-a"
}
data "azurerm_redis_cache" "example" {
name = "akhil-obeliskredis-cache-testing"
resource_group_name = "my-resource-group"
}
私有端点创建后,当我在网络上运行netcat时遇到了问题:
nc: getaddrinfo for host "akhil-obeliskredis-cache-testing.redis.cache.windows.net" port 6380: Name or service not known
我看到一个区别。在Terraform创建时,fqdn没有创建,而当我从Azure门户手动创建时,fqdn被创建并且可以正常工作,没有任何错误。
使用Terraform创建:
从Azure门户手动创建后:
请在我尝试使用Terraform创建Azure Redis Cache的私有端点时可能遗漏了什么方面给我提供指导。
提前致谢!
英文:
I have created the private endpoint using terraform in azure redis cache.
Here's the relevant part of my Terraform code:
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = ">=3.0.0"
}
}
}
provider "azurerm" {
features {}
}
locals {
redis_name = "my-private-endpoint"
resource_group = "my-resource-group"
location = "eastus"
}
resource "azurerm_private_endpoint" "example" {
name = local.redis_name
location = local.location
resource_group_name = local.resource_group
subnet_id = data.azurerm_subnet.example.id
private_service_connection {
name = "akhil-obeliskredis-cache-testing-connection-private"
private_connection_resource_id = data.azurerm_redis_cache.example.id
subresource_names = ["redisCache"]
is_manual_connection = false
}
private_dns_zone_group {
name = "default"
private_dns_zone_ids = [azurerm_private_dns_zone.example.id]
}
}
resource "azurerm_private_dns_zone" "example" {
name = "privatelinktest.redis.cache.windows.net"
resource_group_name = "cvad-int-us-k8s-rg-a"
}
data "azurerm_subnet" "example" {
name = "aks-subnet"
virtual_network_name = "cvad-int-us-vnet-a"
resource_group_name = "cvad-int-us-k8s-rg-a"
}
data "azurerm_redis_cache" "example" {
name = "akhil-obeliskredis-cache-testing"
resource_group_name = "my-resource-group"
}
Once private endpoint is created I am facing the issue when I did netcat on the network:
nc: getaddrinfo for host "akhil-obeliskredis-cache-testing.redis.cache.windows.net" port 6380: Name or service not known
I see one difference. In terraform creation fqdn is not creating and when I created manually from azure portal fqdn is creating and it is working with out any error
Using Terraform
Manually Creating from azure portal - After that when I p
Please guide me on what might be missing when I try to create a private endpoint for Azure Redis Cache using Terraform.
Thanks in Advance
答案1
得分: 1
以下是翻译好的部分:
- 私有终结点
- 私有 DNS 区域
- DNS 区域组
- VNet 链接
你的虚拟网络是否已链接到私有 DNS 区域?我在你的代码中没有看到 VNet 链接资源。
"azurerm_private_dns_zone_virtual_network_link" 使得可以在 Azure 虚拟网络内启用 DNS 解析和注册,使用 Azure 私有 DNS。
参考链接:https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link
英文:
There are several resources that needs to be configured correctly for this to work:
- Private Endpoint
- Private DNS Zone
- DNS Zone Group
- VNet Link
Is your Vnet linked to the private DNS zone? I don't see a Vnet link resource in your code.
"azurerm_private_dns_zone_virtual_network_link" enable DNS resolution and registration inside Azure Virtual Networks using Azure Private DNS.
<!-- begin snippet -->
resource "azurerm_private_dns_zone_virtual_network_link" "example" {
name = "test"
resource_group_name = azurerm_resource_group.example.name
private_dns_zone_name = azurerm_private_dns_zone.example.name
virtual_network_id = azurerm_virtual_network.example.id
}
<!-- end snippet -->
答案2
得分: 0
我正在使用以下方法来使用Redis缓存的私有端点:
module "redis_cache" {
source = "../shared/redis"
env_config = local.env_config
config = local.redis_config
}
module "redis_cache_endpoint" {
source = "../shared/network/private_endpoint"
depends_on = [
module.redis_cache,
data.azurerm_subnet.bkend
]
env_config = local.env_config
config = {
connected_resource = module.redis_cache.redis_config.id
endpoint_name = "${module.redis_cache.redis_config.redis_cache_name}-pep"
service_connection_name = "${module.redis_cache.redis_config.redis_cache_name}-sc"
subnet_id = data.azurerm_subnet.bkend.id
subresource_names = ["redisCache"]
}
}
module "redis_cache_private_network_a_record" {
source = "../shared/private_dns/private_dns_a_record"
depends_on = [
module.redis_cache,
module.redis_cache_endpoint
]
providers = {
azurerm = azurerm.hubdns
}
env_config = local.env_config
config = {
a_record_name = module.redis_cache.redis_config.redis_cache_name
private_dns_zone_name = "privatelink.redis.cache.windows.net"
private_ip_address = [module.redis_cache_endpoint.config.private_ip_address]
ttl = 3600
}
}
我已经将所有配置都进行了驱动,并且对我来说正常工作。
英文:
I am using the following approach to use Private Endpoint with Redis Cache:
module "redis_cache" {
source = "../shared/redis"
env_config = local.env_config
config = local.redis_config
}
module "redis_cache_endpoint" {
source = "../shared/network/private_endpoint"
depends_on = [
module.redis_cache,
data.azurerm_subnet.bkend
]
env_config = local.env_config
config = {
connected_resource = module.redis_cache.redis_config.id
endpoint_name = "${module.redis_cache.redis_config.redis_cache_name}-pep"
service_connection_name = "${module.redis_cache.redis_config.redis_cache_name}-sc"
subnet_id = data.azurerm_subnet.bkend.id
subresource_names = ["redisCache"]
}
}
module "redis_cache_private_network_a_record" {
source = "../shared/private_dns/private_dns_a_record"
depends_on = [
module.redis_cache,
module.redis_cache_endpoint
]
providers = {
azurerm = azurerm.hubdns
}
env_config = local.env_config
config = {
a_record_name = module.redis_cache.redis_config.redis_cache_name
private_dns_zone_name = "privatelink.redis.cache.windows.net"
private_ip_address = [module.redis_cache_endpoint.config.private_ip_address]
ttl = 3600
}
}
I have everything config driven and it is working fine for me.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论