Customer VNet Integration #3
Comments
|
Yes, we will support bringing your own VNET in the very near future. Currently, you can run Container Apps with HTTPS endpoints that are not accessible publicly, without bringing your own VNET, by setting the |
|
@vturecek Yes please, can't wait for this integration! Very interested in this, as the first thing I wanted to try is connecting to my Redis Cluster via a Private Link. |
Ditto Cosmos DB with a dedicated gateway amongst other things. |
|
Can I please up-vote. We have many bare-metal in-house services that we expose over VNET/s. I would like the ability to add multiple VNETs to the Container App Environment, where all containers with the ENV wound be granted access. |
|
VNET Integration is needed for us to consider ACA for prod-usage. Our services need to access on prem resources via Express-Route. Very much looking forward to have a VNET possibility! |
|
In light of ChaosDB, Azure should really be putting in the effort to allow their 'consumption' 'serverless' compute platforms talk to DBs behind firewalls. |
|
Upvoting this feature request also. We would like to ingest ACA into our existing VNET. |
|
As we already spoke in our private preview onboarding call: My group cannot shift any workloads from Service Fabric or AKS without bring-your-own-VNET. |
|
Congratulations, it seems to have been released. I will try using it. |
|
Documentation doesn’t mention private endpoints or NAT gateways. Curious if private endpoints to Cosmos DB, blob storage and key vaults will work, and can a VNet NAT gateway be applied to the subnets? |
|
I removed and installed the extension again - ...but there is such a parameter in I will give it a spin |
Private endpoints is what I want to test for our scenarios. |
|
This is available in preview: https://techcommunity.microsoft.com/t5/apps-on-azure-blog/azure-container-apps-virtual-network-integration/ba-p/3096932 |
|
Do you have more info/justification for such a large required vnet ? /21 is quite huge. Do you have the assumptions that made this requirement somewhere ? (I guess it's based on nb of container apps deployed, nb of revisions, scale-out settings of container apps but 2096 IP seem huge at first sight) |
|
@jbpaux it's a fair question. Your guess was correct in that we ask for the large subnet to support auto-scale. However, we are looking into ways we can optimize the amount of IP space required! |
|
I might be overlooking some details here, but I've set up a self-hosted Azure Pipelines agent running on Azure Container Apps. I tried setting firewall rules to the SCM endpoint of my Azure Functions as to only accept traffic from the subnet where my container apps are running, but it did not work. It seems that the outbound traffic is all routed through a gateway with a PIP, is this expected? |
|
@audunsolemdal I'd imagine you would need your Azure Function to be connected to the VNet via a private endpoint and use Azure Private DNS to direct traffic to it. But I am not that familiar with SCM access from a VNet. |
|
This feature is available. Closing this issue. If you have any future questions around VNet feel free to create a specific issue. Thanks |
We are looking for Docker replacement for hosting container workloads without the overhead of managing AKS cluster. Any plans to support integration with Customer VNet for deploying isolated workloads as Container Apps? All our services deployed on Azure are strictly accessible only from within Customer network (no Public IP).
The text was updated successfully, but these errors were encountered: