Share via

Cannot Connect to PosgresDB Flexible Server From in Private AKS

Huynh, Huu Thang 20 Reputation points
2025-01-13T09:14:08.78+00:00

Hi all,

I am experiencing an issue with connecting to a PostgreSQL database from a private AKS cluster. The AKS and the database are located in two different virtual networks and subscriptions.

To debug the connection, I created a pod using the following command:

kubectl run -i --

However, when I try to connect to the database using common psql commands, I receive the following error:

psql: error: could not translate host name "xxxxxxxxxxxxxxxxxxx-flexible.postgres.database.azure.com" to address: Name or service not known

The connection is successful when the database is in the same virtual network as the AKS cluster. However, it fails when the database is in a different subscription.

Upon investigation, I found that running nslookup in a pod of the AKS cluster returns a result missing the IP address of the database’s private endpoint. Is this normal behavior? When I perform the same action with other databases located in the same subscription as the AKS, the IP address values are returned correctly. The only difference is that the problematic database is in a different subscription User's image

Any help with this would be greatly appreciated.

Thanks,

Thang

Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
530 questions
Azure Database for PostgreSQL
Accepted answer
  1. Ganesh Patapati 3,290 Reputation points Microsoft Vendor
    2025-01-13T12:59:25.2866667+00:00

    Hi Huynh, Huu Thang

    Greetings!

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    It appears that you are facing a DNS resolution issue while attempting to connect to a PostgreSQL database hosted in a different subscription and virtual network from your Azure Kubernetes Service (AKS) cluster.

    Could you please ensure the following:

    • Azure Private Link creates a private DNS zone that maps the database's hostname to its private IP address. If the AKS cluster cannot resolve this hostname to the private IP, kindly ensure the following points to be addressed:
    1. Ensure that a private DNS zone is created for the PostgreSQL database and that it is linked to the virtual network where your AKS cluster resides.
    2. The private DNS zone should have an A record that maps the database's hostname (e.g.xxxxxxxxxxxxxxx-flexible.postgres.database.azure.com) to the private IP address of the private endpoint.
    3. You can link a private DNS zone to one or more virtual networks by creating virtual network links. You can also enable the autoregistration feature to automatically manage the life cycle of the DNS records for the virtual machines that get deployed in a virtual network.

    NOTE: If the private DNS zone is not linked to the VNet of your AKS cluster, you need to link it. This allows the AKS cluster to resolve the database's hostname to the private IP address.

    If above is unclear and/or you are unsure about something add a comment below.

    Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

    Regards,

    Ganesh

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.