How to enable container app to talk to azure app service

Question

I am looking for a solution to have an internal Azure Container Apps environment (apps won't be exposed to the internet).

Although in itself it's trivial to have an internal-only env, we need to address the need to have inbound connections from services running on other platforms such as App Services, which requires some way to allow inbound and outbound from our Container Apps exclusively to those selected resources.

The solution must support the use of FQDN endpoints instead of IP addresses for service discovery. IP addresses will probably be dynamically assigned.

Assumption: internal Container App envs are scoped to their own private DNS zone, so the endpoint URLs are unknown outside this boundary.

Accepted Answer

Thanks for posting your question in the Microsoft Q&A forum.

You can implement the following solution:

Network Configuration: Deploy your internal Azure Container Apps environment in a custom virtual network and use Virtual Network Integration for your Azure App Services to connect them to the same virtual network.

DNS Configuration: Create a Private DNS Zone for your Container Apps environment and link this Private DNS Zone to the virtual network used by both Container Apps and App Services.

Implementation:

Create a custom virtual network for your Container Apps environment.
Deploy your Container Apps as an internal environment within this VNet
Set up Virtual Network Integration for your App Services.
Create a Private DNS Zone for your Container Apps
Link the Private DNS Zone to your VNet
Configure your App Services to use the Private DNS Zone for name resolution.
Implement proper network security groups to control traffic flow between App Services and Container Apps.

Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful

Share via

How to enable container app to talk to azure app service

0 additional answers

Your answer