Share via

Cannot connect to Azure PostgreSQL Database flexible server from VM on same VNet

Serafin Achurra 5 Reputation points
2023-04-02T10:44:34.28+00:00

I cannot connect to an Azure PostgreSQL Database flexible server from VM on same VNet. The database server has the following configuration:

  • require_secure_transport = OFF
  • Connectivity method = Private access
  • Subscription = Same Subscription as the VM
  • Virtual network = Same VNet as the VM
  • Subnet: Different subnet since the subnet has to be delegated for use only with PostgreSQL Flexible Server
  • Private DNS zone

The VM has the following configuration:

  • Ubuntu LTS 22.04 with TLS 1.2
  • Connected to a load balancer with inbound NAT rules for ports 80, 22, and 5432, however I read that requests sent from the same VNet do not go through the load balancer.
  • I've installed all necessary packages and can successfully execute the following command: psql postgres://reader:******@hh-pgsql-public.ebi.ac.uk:5432/pfmegrnargs

The VNet has the following configuration:

  • DB Subnet with Microsoft.Storage and Micrososft.Sql services endpoints selected. Private endpoint network policy is set to Network security groups
  • VM Subnet with Micrososft.Sql services endpoints selected. Private endpoint network policy is set to Network security groups
  • Both subnets are in the same network security group
  • No firewall
  • Default DNS server

The private DNS zone has the following settings:

  • 1 virtual network link
  • Link status = Completed
  • Auto-Registration = Enabled
  • 1 "SOA" record set
  • 1 "A" record which was not auto-registered. I assume this is the IP of the DB. I tried the psql command with the IP but this did not work

When I run the psql command to the PostgreSQL DB the command hangs. I tried using the IP, FQDN, Private DNS zone name, and record set name of the record which appears to be the DB. I noticed when I look at the Connected Devices of the VNet I see the VM but not the DB even though the DB is on a different subnet of the same VNet.

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,704 questions
Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
539 questions
Azure Database for PostgreSQL

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. risolis 8,741 Reputation points
    2023-04-02T18:30:06.9666667+00:00

    Hello @Serafin Achurra

    Thank you for posting this concern on this community space.

    I have read your whole case scenario description and I just wanted to double confirm your post request below:

    -Are you referring to this feature at the Vnet level Subnet Delegation (Vnet Injection)?

    -Do you set up any Private Link?

    -Do you set up any Service Endpoint?

    -Do you have custom DNS settings or the Default ones?

    Looking forward to your feedback,

    Cheers,

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.