How do I create custom domain names for AKS internal ingress in Azure?
Introduction
In this tutorial, we’ll cover the steps to set up custom domain names for an internal ingress within an Azure Kubernetes Service (AKS) cluster. We’ll create necessary Azure resources, configure custom DNS settings, and ensure everything is properly wired together.
We’ll define the following Azure resources:
- An AKS cluster for container orchestration.
- A Virtual Network (VNet) and subnet for isolating the AKS cluster.
- An Azure Private DNS Zone for handling domain names within the VNet.
- DNS records to map our custom domain to the internal ingress.
Code Example
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const aks = new azure.core.ResourceGroup("aks", {
name: "aks-rg",
location: "West Europe",
});
const vnet = new azure.network.VirtualNetwork("vnet", {
name: "aks-vnet",
addressSpaces: ["10.0.0.0/8"],
location: aks.location,
resourceGroupName: aks.name,
});
const subnet = new azure.network.Subnet("subnet", {
name: "aks-subnet",
resourceGroupName: aks.name,
virtualNetworkName: vnet.name,
addressPrefixes: ["10.0.1.0/24"],
});
const aksKubernetesCluster = new azure.containerservice.KubernetesCluster("aks", {
name: "aks-cluster",
location: aks.location,
resourceGroupName: aks.name,
dnsPrefix: "aksdns",
defaultNodePool: {
name: "default",
nodeCount: 2,
vmSize: "Standard_DS2_v2",
vnetSubnetId: subnet.id,
},
identity: {
type: "SystemAssigned",
},
});
const aksInternal = new azure.privatedns.Zone("aks_internal", {
name: "internal.aks.local",
resourceGroupName: aks.name,
});
const ingress = new azure.privatedns.ARecord("ingress", {
name: "ingress",
zoneName: aksInternal.name,
resourceGroupName: aks.name,
ttl: 300,
records: [aksKubernetesCluster.privateFqdn],
});
const vnetLink = new azure.privatedns.ZoneVirtualNetworkLink("vnet_link", {
name: "aks-vnet-link",
resourceGroupName: aks.name,
privateDnsZoneName: aksInternal.name,
virtualNetworkId: vnet.id,
});
export const kubeconfig = aksKubernetesCluster.kubeConfigRaw;
export const dnsZoneName = aksInternal.name;
export const ingressFqdn = ingress.fqdn;
Key Points
azurerm_resource_group
: Creates a resource group for organizing all resources.azurerm_virtual_network
&azurerm_subnet
: Sets up a virtual network and subnet for isolating the AKS cluster.azurerm_kubernetes_cluster
: Deploys the AKS cluster using the defined subnet.azurerm_private_dns_zone
&azurerm_private_dns_a_record
: Configures a Private DNS zone and DNS A record for custom domain handling within the VNet.azurerm_private_dns_zone_virtual_network_link
: Links the DNS zone with the VNet for internal DNS resolution.
Conclusion
By following this example, you now have a working AKS cluster with custom domain names set up for internal ingress using Azure Private DNS Zones. This setup ensures your services are accessible via an easily recognizable domain internally within your network.
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.