Merge pull request #100507 from markcunninghamuk/patch-1

Court72 · web-flow · commit e26125d676fd · 2022-11-01T16:01:24.000-06:00
Add an additional option to work around AKS limitation
diff --git a/articles/aks/private-clusters.md b/articles/aks/private-clusters.md
@@ -151,7 +151,7 @@ As mentioned, virtual network peering is one way to access your private cluster.
 
 2. The private DNS zone is linked only to the VNet that the cluster nodes are attached to (3). This means that the private endpoint can only be resolved by hosts in that linked VNet. In scenarios where no custom DNS is configured on the VNet (default), this works without issue as hosts point at 168.63.129.16 for DNS that can resolve records in the private DNS zone because of the link.
 
-3. In scenarios where the VNet containing your cluster has custom DNS settings (4), cluster deployment fails unless the private DNS zone is linked to the VNet that contains the custom DNS resolvers (5). This link can be created manually after the private zone is created during cluster provisioning or via automation upon detection of creation of the zone using event-based deployment mechanisms (for example, Azure Event Grid and Azure Functions).
+3. In scenarios where the VNet containing your cluster has custom DNS settings (4), cluster deployment fails unless the private DNS zone is linked to the VNet that contains the custom DNS resolvers (5). This link can be created manually after the private zone is created during cluster provisioning or via automation upon detection of creation of the zone using event-based deployment mechanisms (for example, Azure Event Grid and Azure Functions). To avoid cluster failure during initial deployment, the cluster can be deployed with the private DNS zone resource ID. This only works with resource type Microsoft.ContainerService/managedCluster and API version 2022-07-01. Using an older version with an ARM template or Bicep resource definition is not supported.
 
 > [!NOTE]
 > Conditional Forwarding doesn't support subdomains.
@@ -257,4 +257,4 @@ Once the A record is created, link the private DNS zone to the virtual network t
 [container-registry-private-link]: ../container-registry/container-registry-private-link.md
 [virtual-networks-name-resolution]: ../virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances.md#name-resolution-that-uses-your-own-dns-server
 [virtual-networks-168.63.129.16]: ../virtual-network/what-is-ip-address-168-63-129-16.md
-[use-custom-domains]: coredns-custom.md#use-custom-domains
+[use-custom-domains]: coredns-custom.md#use-custom-domains
