Denny Cherry notes that the DNS server is in another castle:
If you have an Azure environment when you have your DNS servers in a separate vNet from your new AKS environment you’ll notice that you get an error when deploying the AKS environment which looks something like this.Agents are unable to resolve Kubernetes API server name. It’s likely custom DNS server is not correctly configured, please see https://aka.ms/aks/private-cluster#hub-and-spoke-with-custom-dns for more information.
The fix for this is actually pretty straightforward, but I’m going to give you a little background on why this happens.
Click through for the answer.