Azure Discovery Options - Adaptive Applications - BlueCat Gateway - 24.1.1

Cloud Discovery & Visibility Administration Guide

Locale
English
Product name
BlueCat Gateway
Version
24.1.1

In the Discovery Options section of the Microsoft Azure Setup page page, you configure the information that you want to import from the Azure infrastructure and how you want to import it.

Discover Azure Resources options

Field/Option Description
Azure Virtual Networks/Subnets Select this checkbox to import all Azure virtual networks and subnets. Private virtual networks and subnets are converted into IPv4 and IPv6 blocks and networks on Address Manager.
Azure Public IP Ranges Select this checkbox to imports Azure public address space information of virtual machines and load balancers within the region. Public virtual networks are converted into IPv4 and IPv6 blocks and networks on Address Manager.
Note: When this option is unchecked, the virtual machine and load balancer information is still imported into Address Manager; however, the IP ADDRESSES of Public virtual machine and load balancer devices within Address Manager will be blank.
Azure Private Endpoints

Endpoint View

Select this checkbox to import private endpoint DNS record information. Private endpoints are converted into private endpoint DNS records on Address Manager, with the prefix defined in the BlueCat Target Zone for Private Endpoints field.
Also, in Endpoint View, enter the name of the view that will be created in Address Manager or select an existing view in Address Manager that will contain the Azure private endpoint information.
  • The default view name created in Address Manager is Azure Private Endpoint View.
  • If you enter a configuration name in the BlueCat Target Zone field that already exists in Address Manager, all views are imported into the existing configuration.
Azure Virtual Machines

Select this checkbox to import all Azure Virtual Mmachine (VM) information. VMs are converted into devices on Address Manager.

CDV will discover all VMs under Virtual Machine Scale Set (VMSS) management.

Azure Provided Name Resolution (Internal)

Provided Name Resolution View (Internal)

Select this checkbox to import internal DNS record information.
Also, in Provided Name Resolution View (Internal), either enter the name of the view that will be created in Address Manager, or select an existing view in Address Manager that will contain the internal Azure provided name resolution information.
  • The default view name created in Address Manager is Azure Name Resolution Internal.
  • If you enter a configuration name in the BlueCat Target Zone field that already exists in Address Manager, all views are imported into the existing configuration.
Azure Load Balancers

Select this checkbox to import all Azure load balancer information. This is converted into the load balancer device type on Address Manager.

Azure Provided Name Resolution (External)

Provided Name Resolution View (External)

Select this checkbox to import external DNS record information.

Also, in Provided Name Resolution View (External), enter the name of the view that will be created in Address Manager or select an existing view in Address Manager that will contain the external Azure provided name resolution information.
  • The default view name created in Address Manager is Azure Name Resolution External.
  • If you enter a configuration name in the BlueCat Target Zone field that already exists in Address Manager, all views are imported into the existing configuration.

Azure Kubernetes options

Field/Option Description
Azure Kubernetes Service

Select this checkbox to import all Azure Kubernetes Service Clusters information of the resource group. Each Azure Kubernetes Service Cluster is converted into devices on Address Manager. The devices are imported into a separate BAM Configuration (including related Kubernetes resources such as Load Balancers and virtual machines from VM Scale Sets) and tagged with respective tags.

Azure Internal Resources within Kubernetes Engine

Select this checkbox to also discover Kubernetes pod and service resources within Azure Kubernetes Service Clusters. CDV will place those pod and service resources in the same BAM Configuration that holds discovered Azure Kubernetes devices.

Note:

In order to perform discovery and visibility jobs on Azure Kubernetes Service Clusters, CDV must access Azure infrastructure as a user whose Azure Role has the following permission:

Microsoft.ContainerService/managedClusters/listClusterUserCredential/action
Kubernetes View Select the Address Manager View that will contain the discovered Kubernetes resources. To use the default View name, select Azure Kubernetes View.

Azure DNS Zone options

Field/Option Description
Azure DNS Zones (Private)

Private DNS Zone View

Select this checkbox to import all private DNS zone record information. This is converted into private DNS records in Address Manager.
Also, in Private DNS Zone View, enter the name of the view that will be created in Address Manager or select an existing view in Address Manager that will contain the private view records for the DNS Zones.
  • The default view name created in Address Manager is Azure Private DNS Zones.
  • If you enter a configuration name in the BlueCat Target Zone field that already exists in Address Manager, all views are imported into the existing configuration.
Azure DNS Zones (Public)

Public DNS Zone View

Select this checkbox to import all public DNS zone record information. This is converted into public DNS records in Address Manager.
Also, in Public DNS Zone View, enter the name of the view that will be created in Address Manager or select an existing view in Address Manager that will contain the public view records for the DNS Zones.
  • The default view name created in Address Manager is Azure Public DNS Zones.
  • If you enter a configuration name in the BlueCat Target Zone field that already exists in Address Manager, all views are imported into the existing configuration.

BlueCat Target Zone options

Field/Option Description

Target Zone for Private Endpoints

Auto Create Zones for Private Endpoints

These fields are available only if Azure Private Endpoints is selected as an Azure resource to discover.

In Target Zone for Private Endpoints, enter the name of the DNS zone on BAM that will contain resource records from Azure Private Endpoints. CDV will create a zone in BAM based on the entered zone name.

Select the Auto Create Zones for Private Endpoints checkbox to create separate subzones for each private endpoint region under the specified Target Zone for Private Endpoints. If cleared, information will be stored in a single zone.

Target Zone for Virtual Machines and Load Balancers

Auto Create Zones for Virtual Machines and Load Balancers

These fields are available only if Azure Load Balancers is selected as an Azure resource to discover.

In Target Zone for Virtual Machines and Load Balancers, enter the name of the DNS zone on BAM that will contain Azure name resolution DNS records.

Select the Auto Create Zones for Virtual Machines and Load Balancers checkbox to embed Azure availability information for Virtual Machines and load managers into the provided name resolution. Clear the checkbox otherwise.

Other options

Field/Option Description
Remove Deleted Resources (Tag Deleted Views/Zones during Rediscovery)

Select this checkbox to automatically delete resources (except for DNS Views and Zones) that currently exist in Address Manager, but were not found upon rediscovery. Missing View and Zone resources will be tagged for manual inspection and removal.

For more details on viewing and manually deleting these tagged resources, see Deleting resources flagged as missing during rediscovery.

Dynamic Update of DNS Resource Records

Available only when connecting to Address Manager v9.4.0 or later.

Select this checkbox to update the DNS records in Address Manager and automatically deploy the changes to the primary BDDS of that zone using selective deployment. This checkbox is disabled by default and only available if you select the Enable Visibility after Discovery checkbox.

Attention:

You must perform a full DNS deployment to the managed BDDS before any subsequent selective deployments can be performed.

If you are configuring the managed BDDS to exclusively manage the cloud infrastructure, you can run a Discovery job to import the cloud infrastructure into your Address Manager:
  • After the view and zone information are successfully imported into Address Manager, you can configure primary and secondary DNS roles for the selected managed BDDS and perform a full DNS deployment.

  • Then, after DNS data is deployed to the managed BDDS, you can enable the Visibility job to continuously monitor changes to your cloud DNS infrastructure and selectively deploy those changes to the managed BDDS.