Need to understand Azure SQL Managed Instance networking

Question

I need to understand the Azure SQL Managed Instance networking and I am not able to find anything detailed. We have a managed instance deployed with default networking configuration. The vNet has a 10.0.0.0/16 network space and the ManagedInstance subnet has a 10.0.0.0/24 subnet prefix.

If I go to view connected devices, I see nothing. But our AKS cluster is able to access it just fine (vnets are peered). I setup a private endpoint to be able to access via SSMS from within our network (we use express route and route the appropriate networks to the Azure ER gateway) and SSMS is working fine using the Private DNS namespace.

What I am not able to see is what devices are connected. The virtual cluster doesnt seem to have any info and the MI service only shows the 10.0.0.0 IP space. So how does the service communicate with the virtual cluster and if the service is now on a private endpoint within our corporate IP space how is AKS communicating with the MI? Does it use the private IP of the private endpoint and then the 10.0.0.0/24 internally between the cluster and service and databases?

Can someone help clarify this for me?

Thanks

Answer 1

Hi Echo,

In the backend the Private endpoints take care of the communications between the Azure resources that is essential for the Cluster, however data and control pane manages the different aspect of this architecture and more detailed info on this is in this article - https://learn.microsoft.com/en-us/azure/azure-sql/managed-instance/connectivity-architecture-overview?view=azuresql-mi&tabs=current

Hope this helps.

JS

==

Please accept as answer and do a Thumbs-up to upvote this response if you are satisfied with the community help. Your upvote will be beneficial for the community users facing similar issues.