Skip to content

Decouple azure dns zones in core infra #127

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
JohnBlackwell wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Decouple azure dns zones in core infra #127

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
553e08b
decouple azure db dns zones
JohnBlackwell Mar 9, 2026
f3b30db
temp set to true to test
JohnBlackwell Mar 9, 2026
e5b22a5
reset back to false
JohnBlackwell Mar 9, 2026
a88ae8c
separate zone contracts per context
JohnBlackwell Mar 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
62 changes: 42 additions & 20 deletions terraform/core-infra/azure/network.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,16 +2,38 @@ data "azurerm_resource_group" "default" {
name = var.resource_group_name
}

data "azurerm_private_dns_zone" "postgres" {
resource "azurerm_private_dns_zone" "postgres" {
name = "${var.cluster_name}.postgres.database.azure.com"
resource_group_name = data.azurerm_resource_group.default.name
}

resource "azurerm_private_dns_zone" "mysql" {
name = "${var.cluster_name}.mysql.database.azure.com"
resource_group_name = data.azurerm_resource_group.default.name
}

data "azurerm_private_dns_zone" "postgres_mgmt" {
name = var.postgres_dns_zone
resource_group_name = data.azurerm_resource_group.default.name
}

data "azurerm_private_dns_zone" "mysql" {
data "azurerm_private_dns_zone" "mysql_mgmt" {
name = var.mysql_dns_zone
resource_group_name = data.azurerm_resource_group.default.name
}

locals {
mgmt_postgres_private_dns_zone_name = data.azurerm_private_dns_zone.postgres_mgmt.name
mgmt_postgres_private_dns_zone_id = data.azurerm_private_dns_zone.postgres_mgmt.id
mgmt_mysql_private_dns_zone_name = data.azurerm_private_dns_zone.mysql_mgmt.name
mgmt_mysql_private_dns_zone_id = data.azurerm_private_dns_zone.mysql_mgmt.id

env_postgres_private_dns_zone_name = var.use_mgmt_dns_zone ? local.mgmt_postgres_private_dns_zone_name : azurerm_private_dns_zone.postgres.name
env_postgres_private_dns_zone_id = var.use_mgmt_dns_zone ? local.mgmt_postgres_private_dns_zone_id : azurerm_private_dns_zone.postgres.id
env_mysql_private_dns_zone_name = var.use_mgmt_dns_zone ? local.mgmt_mysql_private_dns_zone_name : azurerm_private_dns_zone.mysql.name
env_mysql_private_dns_zone_id = var.use_mgmt_dns_zone ? local.mgmt_mysql_private_dns_zone_id : azurerm_private_dns_zone.mysql.id
}

data "azurerm_virtual_network" "plural" {
name = var.network_name
resource_group_name = data.azurerm_resource_group.default.name
Expand Down Expand Up @@ -39,8 +61,8 @@ resource "plural_service_context" "plural" {
sn_subnet_id = data.azurerm_subnet.plural_sn.id
pg_subnet_name = data.azurerm_subnet.plural_pg.name
pg_subnet_id = data.azurerm_subnet.plural_pg.id
dns_zone_name = data.azurerm_private_dns_zone.postgres.name
dns_zone_id = data.azurerm_private_dns_zone.postgres.id
dns_zone_name = local.mgmt_postgres_private_dns_zone_name
dns_zone_id = local.mgmt_postgres_private_dns_zone_id
})
}

Expand Down Expand Up @@ -98,14 +120,14 @@ resource "azurerm_subnet" "dev_mysql" {
resource "azurerm_private_dns_zone_virtual_network_link" "dev_pg" {
name = "dev.postgres.com"
resource_group_name = data.azurerm_resource_group.default.name
private_dns_zone_name = data.azurerm_private_dns_zone.postgres.name
private_dns_zone_name = local.env_postgres_private_dns_zone_name
virtual_network_id = azurerm_virtual_network.dev.id
}

resource "azurerm_private_dns_zone_virtual_network_link" "dev_mysql" {
name = "dev.mysql.com"
resource_group_name = data.azurerm_resource_group.default.name
private_dns_zone_name = data.azurerm_private_dns_zone.mysql.name
private_dns_zone_name = local.env_mysql_private_dns_zone_name
virtual_network_id = azurerm_virtual_network.dev.id
}

Expand All @@ -119,19 +141,19 @@ resource "plural_service_context" "dev" {
sn_subnet_id = azurerm_subnet.dev_sn.id
pg_subnet_name = azurerm_subnet.dev_pg.name
pg_subnet_id = azurerm_subnet.dev_pg.id
pg_dns_zone_name = data.azurerm_private_dns_zone.postgres.name
pg_dns_zone_id = data.azurerm_private_dns_zone.postgres.id
pg_dns_zone_name = local.env_postgres_private_dns_zone_name
pg_dns_zone_id = local.env_postgres_private_dns_zone_id
mysql_subnet_name = azurerm_subnet.dev_mysql.name
mysql_subnet_id = azurerm_subnet.dev_mysql.id
mysql_dns_zone_name = data.azurerm_private_dns_zone.mysql.name
mysql_dns_zone_id = data.azurerm_private_dns_zone.mysql.id
mysql_dns_zone_name = local.env_mysql_private_dns_zone_name
mysql_dns_zone_id = local.env_mysql_private_dns_zone_id
{{ if .AppDomain }}
ingress_dns_zone = "dev.{{ .AppDomain }}"
{{ end}}

# Kept for backwards compatibility. Use fields with pg_ prefix instead.
dns_zone_name = data.azurerm_private_dns_zone.postgres.name
dns_zone_id = data.azurerm_private_dns_zone.postgres.id
dns_zone_name = local.env_postgres_private_dns_zone_name
dns_zone_id = local.env_postgres_private_dns_zone_id
})
}

Expand Down Expand Up @@ -189,14 +211,14 @@ resource "azurerm_subnet" "prod_mysql" {
resource "azurerm_private_dns_zone_virtual_network_link" "prod_pg" {
name = "prod.postgres.com"
resource_group_name = data.azurerm_resource_group.default.name
private_dns_zone_name = data.azurerm_private_dns_zone.postgres.name
private_dns_zone_name = local.env_postgres_private_dns_zone_name
virtual_network_id = azurerm_virtual_network.prod.id
}

resource "azurerm_private_dns_zone_virtual_network_link" "prod_mysql" {
name = "prod.mysql.com"
resource_group_name = data.azurerm_resource_group.default.name
private_dns_zone_name = data.azurerm_private_dns_zone.mysql.name
private_dns_zone_name = local.env_mysql_private_dns_zone_name
virtual_network_id = azurerm_virtual_network.prod.id
}

Expand All @@ -210,17 +232,17 @@ resource "plural_service_context" "prod" {
sn_subnet_id = azurerm_subnet.prod_sn.id
pg_subnet_name = azurerm_subnet.prod_pg.name
pg_subnet_id = azurerm_subnet.prod_pg.id
pg_dns_zone_name = data.azurerm_private_dns_zone.postgres.name
pg_dns_zone_id = data.azurerm_private_dns_zone.postgres.id
pg_dns_zone_name = local.env_postgres_private_dns_zone_name
pg_dns_zone_id = local.env_postgres_private_dns_zone_id
mysql_subnet_name = azurerm_subnet.prod_mysql.name
mysql_subnet_id = azurerm_subnet.prod_mysql.id
mysql_dns_zone_name = data.azurerm_private_dns_zone.mysql.name
mysql_dns_zone_id = data.azurerm_private_dns_zone.mysql.id
mysql_dns_zone_name = local.env_mysql_private_dns_zone_name
mysql_dns_zone_id = local.env_mysql_private_dns_zone_id
{{ if .AppDomain }}
ingress_dns_zone = "{{ .AppDomain }}"
{{ end}}
# Kept for backwards compatibility. Use fields with pg_ prefix instead.
dns_zone_name = data.azurerm_private_dns_zone.postgres.name
dns_zone_id = data.azurerm_private_dns_zone.postgres.id
dns_zone_name = local.env_postgres_private_dns_zone_name
dns_zone_id = local.env_postgres_private_dns_zone_id
})
}
17 changes: 11 additions & 6 deletions terraform/core-infra/azure/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,12 +7,12 @@ variable "resource_group_name" {
}

variable "network_name" {
type = string
type = string
default = "plural"
}

variable "region" {
type = string
type = string
default = "us-east-2"
}

Expand All @@ -28,6 +28,11 @@ variable "client_id" {
type = string
}

variable "use_mgmt_dns_zone" {
Copy link
Copy Markdown
Member

@michaeljguarino michaeljguarino Apr 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this being set as part of the cli's install for cloud or self-hosted console's?

Copy link
Copy Markdown
Contributor Author

@JohnBlackwell JohnBlackwell Apr 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Both cloud and self-hosted would be using the false default setting. It can be wired in as a variable in the core-infra stack crd if it needs to set to true.

type = bool
default = false
}

variable "postgres_dns_zone" {
default = "plrl.postgres.database.azure.com"
}
Expand All @@ -37,21 +42,21 @@ variable "mysql_dns_zone" {
}

variable "network_cidrs" {
type = list(string)
type = list(string)
default = ["10.52.0.0/16"]
}

variable "subnet_cidrs" {
type = list(string)
type = list(string)
default = ["10.52.0.0/20"]
}

variable "postgres_cidrs" {
type = list(string)
type = list(string)
default = ["10.52.16.0/24"]
}

variable "mysql_cidrs" {
type = list(string)
type = list(string)
default = ["10.52.17.0/24"]
}
Loading