I've setup a MySql single server (we cannot AFAIK use flexible server because we want to configure data encryption which seems problematic on Flexible server).
The MySql single server is setup to disable public access and has been connected to a vnet. I have created a private link for it as well as a private dns zone and vnet link.
When i connect to a vm that is also linked to the vnet, the mysql server name is still resolving to it's public name/ip address.
for example:
> server01.mysql.database.azure.com
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
server01.mysql.database.azure.com canonical name = server01.privatelink.mysql.database.azure.com.
server01.privatelink.mysql.database.azure.com canonical name = cr6.westeurope1-a.control.database.windows.net.
Name: cr6.region-a.control.database.windows.net
Address: 1x.xx.xx.xxx
This is the response I receive. When i attempt to ping the server, it always resolves to the public name's ip, which in this case is: cr6.region-a.control.database.windows.net
What am i doing wrong?
I tried to reproduce the same in my environment I got the result successfully like below:
I have created a virtual machine and virtual network with same region with public Ip like below:
Created MySQL single server setup to disable public access and has been connected to a vnet like below:
Then I have created private link center added private endpoint link type as Microsoft.DBforMySQL/servers
Linked with virtual Network:
Now, when I access the MySQL server privately from the VM i got result successfully like below:
Reference:
Private Link - Azure portal - Azure Database for MySQL | Microsoft Learn