Resolving Private Endpoint without Private DNS Zone

David Habgood 0 Reputation points
2024-03-13T01:44:26.19+00:00

I have a client which has their Azure App Service Environment, and utilises on prem DNS resolution for both cloud and on prem services.

We have set up an Azure App Service Linux Container instance for them, which needs to mount a Fileshare.

We have set up a Private Endpoint for the Fileshare, a Private DNS Zone, and linked the VNET the app runs in to the Private DNS Zone.

In our sandbox environment this works fine. The app can mount the volume via the Private Endpoint - confirmed with public access to the StorageAccount / FileShare turned off.

The client has told us they do not currently have the resourcing/capacity to set up Private DNS Zones.

Due to this they have recommended we edit the /etc/hosts file within the container, such that our containerised application can resolve / mount the Fileshare.

I have, in a hacky way, sucecssfully edited Dockerfile to modify the /etc/hosts file when it starts. Testing locally, the /etc/hosts file contains the correct mapping and, nslookup provides the correct IP address for the fileshare.

When attempting to run this in Azure, with the Private DNS Zone now removed, the container fails to start, and we do not get any logs. It is likely that for whatever reason the container is unable to mount the FileShare.

Does anyone have advice or solutions to this scenario?

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,774 questions
{count} votes