private dns zone

Author: karpikpl

DEPLOYMENT.md

@@ -52,6 +52,13 @@ Application will use a pre-built docker image hosted in GitHub registry: `ghcr.i
     https://<YOUR Container APP URL>.azurecontainerapps.io/callback
     ```
 
+### Deploying with private networking
+
+When deploying to a private network, specify a subnet (at least /23) for the Azure Container Apps Environment.
+App deployment does not create any DNS entries for the application, in order to create a private DNS Zone linked to provided Virtual Network, follow up the deployment with DNS deployment targeting same resource group:
+
+[![DNS Zone deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fkarpikpl%2Fcopilot-metrics-viewer%2Fmain%2Fazure-deploy%2Fdns%2Fazuredeploy.json)
+
 ## Scenario 2: Azure Deployment with azd
 
 If more control over the deployed container image is needed, an infrastructure-as-code option has been provided using Azure Bicep. The application can be deployed using the [Azure Developer CLI](https://aka.ms/azd) (azd).

azure-deploy/dns/azuredeploy.json

@@ -0,0 +1,70 @@
+{
+    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+    "contentVersion": "1.0.0.0",
+    "parameters": {
+        "name": {
+            "type": "String",
+            "defaultValue": "copilot-metrics"
+        },
+        "dns-zone-name": {
+            "type": "string",
+            "defaultValue": "xxx.eastus.azurecontainerapps.io",
+            "metadata": {
+                "description": "The unique DNS zone name for the managed environment in format of <random name>.<region>.azurecontainerapps.io"
+            }
+        }
+    },
+    "variables": {
+        "environmentName": "[concat(parameters('name'),'-env')]"
+    },
+    "resources": [
+        {
+            "type": "Microsoft.Network/privateDnsZones",
+            "apiVersion": "2020-06-01",
+            "name": "[parameters('dns-zone-name')]",
+            "location": "global",
+            "properties": {}
+        },
+        {
+            "type": "Microsoft.Network/privateDnsZones/A",
+            "apiVersion": "2020-06-01",
+            "name": "[concat(parameters('dns-zone-name'), '/*')]",
+            "properties": {
+                "ttl": 3600,
+                "aRecords": [
+                    {
+                        "ipv4Address": "[reference(concat('Microsoft.App/managedEnvironments/', variables('environmentName')), '2024-02-02-preview').staticIp]"
+                    }
+                ]
+            },
+            "dependsOn": [
+                "[resourceId('Microsoft.Network/privateDnsZones', parameters('dns-zone-name'))]"
+            ]
+        },
+        {
+            "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks",
+            "apiVersion": "2020-06-01",
+            "name": "[concat( parameters('dns-zone-name'), '/', variables('environmentName'), '-vnet-link')]",
+            "location": "global",
+            "dependsOn": [
+                "[resourceId('Microsoft.Network/privateDnsZones',  parameters('dns-zone-name'))]"
+            ],
+            "properties": {
+                "virtualNetwork": {
+                    "id": "[split(reference(concat('Microsoft.App/managedEnvironments/', variables('environmentName')), '2024-02-02-preview').vnetConfiguration.infrastructureSubnetId, '/subnets/')[0]]"
+                },
+                "registrationEnabled": false
+            }
+        }
+    ],
+    "outputs": {
+        "managed-environment-ip": {
+            "type": "string",
+            "value": "[reference(concat('Microsoft.App/managedEnvironments/', variables('environmentName')), '2024-02-02-preview').staticIp]"
+        },
+        "managed-environment-domain": {
+            "type": "string",
+            "value": "[reference(concat('Microsoft.App/managedEnvironments/', variables('environmentName')), '2024-02-02-preview').defaultDomain]"
+        }
+    }
+}

azure-deploy/dns/azuredeploy.parameters.json

@@ -0,0 +1,5 @@
+{
+    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
+    "contentVersion": "1.0.0.0",
+    "parameters": {}
+}

azure-deploy/dns/metadata.json

@@ -0,0 +1,16 @@
+{
+    "$schema": "https://aka.ms/azure-quickstart-templates-metadata-schema#",
+    "itemDisplayName": "Create DNS Zones for Azure Container App",
+    "description": "This template creates a private DNS Zone for Azure Container App showing GitHub copilot metrics",
+    "summary": "Create Azure Container App showing GitHub copilot metrics",
+    "githubUsername": "karpikpl",
+    "docOwner": "karpikpl",
+    "dateUpdated": "2024-08-02",
+    "type": "Application",
+    "tags": {
+      "subscriptiontype": "Azure4Student",
+      "resource": "Private DNS Zone",
+      "level": "Beginner",
+      "cost": "$"
+    }
+  }

azure-deploy/with-app-registration/azuredeploy.json

@@ -149,7 +149,7 @@
                     }
                 },
                 "vnetConfiguration": {
-                    "infrastructureSubnetId" : "[parameters('subnetId')]",
+                    "infrastructureSubnetId": "[parameters('subnetId')]",
                     "internal": "[if(equals(parameters('subnetId'), ''), json('false'), json('true'))]"
                 }
             }
@@ -168,5 +168,19 @@
                 "workspaceCapping": {}
             }
         }
-    ]
+    ],
+    "outputs": {
+        "metrics-viewer-url": {
+            "type": "string",
+            "value": "[reference(concat('Microsoft.App/containerapps/', parameters('name')), '2024-02-02-preview').latestRevisionFqdn]"
+        },
+        "managed-environment-ip": {
+            "type": "string",
+            "value": "[reference(concat('Microsoft.App/managedEnvironments/', variables('environmentName')), '2024-02-02-preview').staticIp]"
+        },
+        "managed-environment-domain": {
+            "type": "string",
+            "value": "[reference(concat('Microsoft.App/managedEnvironments/', variables('environmentName')), '2024-02-02-preview').defaultDomain]"
+        }
+    }
 }

azure-deploy/with-token/azuredeploy.json

@@ -51,9 +51,7 @@
     "variables": {
         "environmentName": "[concat(parameters('name'),'-env')]",
         "workspaceName": "[concat(parameters('name'),'-ai')]",
-        "app-scope": "[if(not(empty(parameters('github-organization'))), 'organization', if(not(empty(parameters('github-enterprise'))), 'enterprise', ''))]",
-        "vnetId": "[concat(split(parameters('subnetId'), '/subnets/')[0])]",
-        "dnsZoneName": "azurecontainerapps.io"
+        "app-scope": "[if(not(empty(parameters('github-organization'))), 'organization', if(not(empty(parameters('github-enterprise'))), 'enterprise', ''))]"
     },
     "resources": [
         {
@@ -146,51 +144,6 @@
                 }
             }
         },
-        {
-            "type": "Microsoft.Network/privateDnsZones",
-            "apiVersion": "2020-06-01",
-            "name": "[variables('dnsZoneName')]",
-            "location": "global",
-            "condition": "[not(equals(parameters('subnetId'), ''))]",
-            "properties": {},
-            "dependsOn": [
-                "[concat('Microsoft.App/managedEnvironments/', variables('environmentName'))]"
-            ]
-        },
-        {
-            "type": "Microsoft.Network/privateDnsZones/A",
-            "apiVersion": "2020-06-01",
-            "name": "[concat(variables('dnsZoneName'), '/*')]",
-            "properties": {
-                "TTL": 3600,
-                "ARecords": [
-                    {
-                        "ipv4Address": "[reference(concat('Microsoft.App/managedEnvironments/', variables('environmentName')), '2024-02-02-preview').staticIp]"
-
-                    }
-                ]
-            },
-            "dependsOn": [
-                "[resourceId('Microsoft.Network/privateDnsZones', variables('dnsZoneName'))]",
-                "[concat('Microsoft.App/managedEnvironments/', variables('environmentName'))]"
-            ]
-        },
-        {
-            "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks",
-            "apiVersion": "2020-06-01",
-            "name": "[concat(variables('dnsZoneName'), '/', variables('environmentName'), '-vnet-link')]",
-            "location": "global",
-            "dependsOn": [
-                "[resourceId('Microsoft.Network/privateDnsZones', variables('dnsZoneName'))]"
-            ],
-            "condition": "[not(equals(parameters('subnetId'), ''))]",
-            "properties": {
-                "virtualNetwork": {
-                    "id": "[variables('vnetId')]"
-                },
-                "registrationEnabled": false
-            }
-        },
         {
             "apiVersion": "2020-08-01",
             "name": "[variables('workspaceName')]",