Wanderings
Azure Tinkering
Create an Azure Container Registry (ACR) that resolves to a custom private DNS zone:
-
Create a Resource Group (if you don't have one already):
az group create --name myResourceGroup --location eastus -
Create an Azure Container Registry:
az acr create --resource-group myResourceGroup --name myRegistry --sku Standard -
Create a Virtual Network (if you don't have one already):
az network vnet create --resource-group myResourceGroup --name myVnet --address-prefix 10.0.0.0/8 --subnet-name mySubnet --subnet-prefix 10.0.0.0/24 -
Create a Private DNS Zone:
az network private-dns zone create --resource-group myResourceGroup --name myprivatednszone.com -
Link the Virtual Network to the Private DNS Zone:
az network private-dns link vnet create --resource-group myResourceGroup --zone-name myprivatednszone.com --name myLink --virtual-network myVnet --registration-enabled false -
Enable Private Endpoint on the Container Registry:
az network private-endpoint create --resource-group myResourceGroup --vnet-name myVnet --subnet mySubnet --name myPrivateEndpoint --private-connection-resource-id $(az acr show --name myRegistry --query 'id' -o tsv) --group-id registry --connection-name myConnection -
Configure Private DNS Zone to Resolve the Container Registry's Private Link:
Get the necessary DNS records for the registry:az acr show -n myRegistry --query 'networkRuleSet.defaultAction' -o tableLook for the Fully Qualified Domain Name (FQDN) of the registry and create DNS records using:
az network private-dns record-set a create -g myResourceGroup --zone-name myprivatednszone.com --name myRegistry-privatelink az network private-dns record-set a add-record -g myResourceGroup --zone-name myprivatednszone.com --record-set-name myRegistry-privatelink --ipv4-address <Private IP Address of the Endpoint>