Azure-docs: VM in peered connected VNET cannot access Azure Container Instances
I have ACIs deployed in a VNET VNET-A that is peered connected to another VNET VNET-B. I have deployed a VM in VNET-B. Both VNET-A and VNET-B are peered with status showing connected. In an attempt to test connectivity I run curl from the VM targeting the ACIs private IPs and open HTTP ports with no success.
Same curl test works when I run it from other ACIs in the same subnet or other VMs in other subnets in VNET-A.
Is network peering supported as part of the preview of ACI deployment in VNETs? If so could you provide directions to make it work. If it is not supported please amend the documentation to list peering as part of the unsupported features. Thanks.
Document Details
⚠Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: 81e00caf-dd95-441b-d2d5-0b3c979cb11b
- Version Independent ID: 83ed8e59-7ae8-332e-9ce0-7d80e8a973f8
- Content: Deploy container instances into an Azure virtual network
- Content Source: articles/container-instances/container-instances-vnet.md
- Service: container-instances
- GitHub Login: @dlepow
- Microsoft Alias: danlep
msalvadores
All 12 comments
@msalvadores
Thanks for the feedback! We are currently investigating and will update you shortly.
jason-j-MSFT
on 30 Dec 2018
@msalvadores I am able to reproduce the issue.
After setting up peering, machines in the vnet where aci is deployed is able to communicate with with aci.
Machines in the other vnet is not reaching only the aci, but reaching other machines in the peered vnet.
jakaruna-MSFT
on 2 Jan 2019
@jakaruna-MSFT thanks for letting me know.
Is this a bug or an unsupported feature? I guess you are probably in the process of finding out. If there were any workarounds this issue please let me know. Thanks again.
msalvadores
on 2 Jan 2019
@dlepow @iainfoulds Please check this issue and provide your comments.
jakaruna-MSFT
on 3 Jan 2019
@msalvadores - Thanks for your detailed feedback. Currently in the VNet preview for ACI, virtual network peering is not supported. We'll update the article to reflect the limitation. According to the product team, VNet peering should work by the GA of the feature or earlier.
in-progress
dlepow
on 4 Jan 2019
Thanks @dlepow
msalvadores
on 4 Jan 2019
Thanks @dlepow . I am assigning this issue to you to update the document.
jakaruna-MSFT
on 4 Jan 2019
The VNet article is now updated to state the VNet peering is currently unsupported. Thanks again @msalvadores for raising the issue.
please-close
dlepow
on 8 Jan 2019
You are welcome @dlepow . I look forward to see vnet peering with ACIs supported soon ;)
msalvadores
on 8 Jan 2019
Do you happen to know if ACI is now support peering connection? I still have issue when trying to connect to ACI in the subnet from another VNET.
taguada
on 27 Apr 2020
VNet peering will not work for ACI if the network that the ACI VNet is peering to, uses a public IP space. The peered network needs an RFC 1918 private IP space in order for VNet peering to work.
You can only peer your VNet to one other VNet.
Also, note that
Container group deployments to a virtual network are generally available for production workloads only in the following regions: East US, South Central US, and West US 2. In other regions where the feature is available, virtual network deployments are currently in preview, with general availability planned in the near future. Previews are made available to you on the condition that you agree to the supplemental terms of use.
Karishma-Tiwari-MSFT
on 27 Apr 2020
Thank you for your answer. I did a lot of tests and realized that Peering only works for the same geolocation. In case that you have a GlobalPeering it doesn’t work. For example a Peering from Eastus to Eastus it works, but a Peering from Eastus to another region it doesn’t work. I read documentation and saw what is written about unsupported scenario as you mentioned (RFC 1918 about private IP and all others requirements).
taguada
on 30 Apr 2020
Related issues
bdcoder2
·
3Comments
monteledwards
·
3Comments
paulmarshall
·
3Comments
mrdfuse
·
3Comments
Favna
·
3Comments