Azure Functions VNet Integration
Question
I am peering two VNets within different subscriptions but same Region using VNET-to-VNET peering. We have a private DNS Zone setup to resolve domain names and have configured the following settings as per Microsoft's documentation; WEBSITE_DNS_SERVER with value 168.63.129.16 and WEBSITE_VNET_ROUTE_ALL with value 1. When setting WEBSITE_VNET_ROUTE_ALL to 1 a whole lot of errors start to be thrown by the FunctionApp which we can see inside App Insights. Also code within our functions is unable to route to destination webservices in peered VNet. For testing purpose we have created another subnet with the Same VNet that the Function Subnet is deployed and can successfully connected to the destinations webservices we are trying to call. Is there any additional configuration needed for the FunctionApp that we need?
1 answers
solution1
0 2020-07-09 19:35:21
This reason that I was getting errors when enabling the config setting WEBSITE_VNET_ROUTE_ALL on the function app was because the function app itself could no longer see it's app key and site files from the storage account. Due to all traffic no being routed within my on virtual network. What needed to be done was setup private endpoints for Blob and File storage within the storage account once the private endpoints are setup you also need to setup private DNS Zones with the appropriate routing.
This article explains the network configuration needed:
This article explains the private links and appropriate DNS entries:
https://docs.microsoft.com/en-us/azure/storage/common/storage-private-endpoints
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.