I have deployed a cloud service (classic) to an Azure Virtual Network (classic), using this config:
<NetworkConfiguration>
<VirtualNetworkSite name="Group Group test" />
<AddressAssignments>
<InstanceAddress roleName="webrole1">
<Subnets><Subnet name="webroles" /></Subnets>
</InstanceAddress>
<InstanceAddress roleName="webrole2">
<Subnets><Subnet name="webroles" /></Subnets>
</InstanceAddress>
<InstanceAddress roleName="workerrole">
<Subnets><Subnet name="workerroles" /></Subnets>
</InstanceAddress>
The roles are up and running, but they are not appearing under 'Resources in this subnet' in the portal. It therefore looks like the roles haven't been deployed to the virtual network. Are there any powershell commands I can run to list resources deployed to a virtual network, or list subnets connected to a cloud service?
Related
I have a Azure cloud service containing several web roles, in an Azure virtual network. I want to set the roles' private ip addresses as static, so that the web roles can communicate over the network. However, the private ip addresses change when the cloud service is updated. How can I set the private ip address as static so that it doesn't change with every deployment? I want to do the same thing I can with virtual machines:
If you really want to have a static IP address for your roles or VMs you will have to use the Reserved IP addresses feature. A maximum of 20 reserved IP addresses are available per subscription.
https://azure.microsoft.com/en-in/documentation/articles/virtual-networks-reserved-public-ip/
In powershell you can do this to create a new Reserved IP
$ReservedIP = New-AzureReservedIP -ReservedIPName "FirewallIP" -Label "WebAppFirewallIP" -Location "Japan West"
In Service config of a role you can specify like this ,
<?xml version="1.0" encoding="utf-8"?>
<ServiceConfiguration serviceName="ReservedIPSample" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceConfiguration" osFamily="4" osVersion="*" schemaVersion="2014-01.2.3">
<Role name="WebRole1">
<Instances count="1" />
<ConfigurationSettings>
<Setting name="Microsoft.WindowsAzure.Plugins.Diagnostics.ConnectionString" value="UseDevelopmentStorage=true" />
</ConfigurationSettings>
</Role>
<NetworkConfiguration>
<AddressAssignments>
<ReservedIPs>
<ReservedIP name="MyReservedIP"/>
</ReservedIPs>
</AddressAssignments>
</NetworkConfiguration>
</ServiceConfiguration>
In general though, if you do not delete a deployment you will have the same IP address for a given cloud service.
I tried to add Cloud Service (classic) to Virtual Network (classic), but an error appears when I deploy (new portal - Update your deployment):
The update deployment operation failed for the domain
'developementtajgowebservicev1' in the deployment slot 'staging' with
the name 'not working': 'The virtual network devvirtual-Network does
not exist.'.
I added this code after Role tag into config file.
<NetworkConfiguration>
<VirtualNetworkSite name="devvirtual-Network"/>
<AddressAssignments>
<InstanceAddress roleName="WorkerRole1">
<Subnets>
<Subnet name="Subnet-1"/>
</Subnets>
</InstanceAddress>
</AddressAssignments>
</NetworkConfiguration>
The virtual network with this name exist in same subscription.
There's a solution for this issue here: https://thelonedba.wordpress.com/2015/07/17/new-azurevm-badrequest-the-virtual-network-foo-does-not-exist/
Basically, the problem seems to be that the Azure portal's name for the network isn't the same as the name you need to use in the cloud service configuration.
I was able to get the "correct" name by using the Azure CLI tools:
azure network export networks.json
And then examining the networks.json file.
In my case, the "correct" name of the Virtual Network was "Group [ResourceGroup] [NetworkName]". (ie, the network is called "network1" which is in the Resource Group "group1", so the "correct" name is "Group group1 network1") This was for a "classic" Virtual Network - I haven't tried with the Resource Manager based Virtual Networks.
You should double check the virtual network name.
Do not use the name you just created, just use "Virtual network site name (for .cscfg file)
" column in virtual network details in Azure portal.
When you are deploying in the new portal, you are deploying to resource manager. You have to recreate the vnets in resource manager or migrate them to resource manager.
Mor info on classic vs resource manager: resource-manager-deployment-model
At this point of time Cloud services cannot connect to a Virtual network (Resource manager type), you can only connect them to a Virtual network (classic). I hope they add the support for Resource manager type Virtual networks in a near future.
I have an Azure cloud service hosted at example.cloudapp.net and within the portal I have configured two virtual networks one that is linked to a disaster recovery site and one that is linked to the main site.
I was successfully able to deploy the cloud service to within the virtual network by using the following configuration in the ServiceConfiguration.Cloud.cscfg:
<NetworkConfiguration>
<VirtualNetworkSite name="VNET1" />
<AddressAssignments>
<InstanceAddress roleName="mybudget">
<Subnets>
<Subnet name="CloudService" />
</Subnets>
</InstanceAddress>
<ReservedIPs>
<ReservedIP name="mycloudservice" />
</ReservedIPs>
</AddressAssignments>
I want to deploy the Cloud Service not only to VNET1 but also to VNET2, is there any way of deploying to additional VNETs at the same time? The subnets are named the same although have different values. Any help on this would be greatly appreciated.
No, the same cloud service cannot be deployed to two different VNets. You can create a replica of the cloud service by using the same configuration files but in a new cloud service.
As far as I know it is - unfortunately - not possible to restrict an Azure website to available to Azure-internal services only, since Websitess do not support virtual networks - currently.
Is this still correct?
If yes... I'm thinking of creating an Azure worker role instead to host my services. Is it possible to make the service only available to the websites from my subscription?
Thank you in advance
best
laurin
Laurin - you are correct - while Websites can utilise Hybrid Connections to connect back to services on-premises they aren't actually able to connect (and be restricted to) internal Azure services.
If you use a Web Role you will need to setup a Virtual Network with an appropriate private IP address range and then ensure you add your Web Role to this Virtual Network. This is done by editing the service configuration of your Cloud Service deployment in Visual Studio and making it similar to the below:
<?xml version="1.0" encoding="utf-8"?>
<ServiceConfiguration ...>
<Role name="WebRole1">
...
</Role>
<NetworkConfiguration>
<Dns>
<DnsServers>
<DnsServer name="YourDns" IPAddress="10.4.3.1" />
</DnsServers>
</Dns>
<VirtualNetworkSite name="YourVirtualNetwork" />
<AddressAssignments>
<InstanceAddress roleName="WebRole1">
<Subnets>
<Subnet name="FrontEndSubnet" />
</Subnets>
</InstanceAddress>
</AddressAssignments>
</NetworkConfiguration>
</ServiceConfiguration>
I've built a network in Azure that contains two subnets, Back and Front.
I'm now trying to create a gateway using Set-AzureVNetConfig but I'm getting a missing subnet called GatewaySubnet. This word does not exist anywhere in my scripts and Googling the word returns no results so it cannot be a reserved word.
<NetworkConfiguration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.microsoft.com/ServiceHosting/2011/07/NetworkConfiguration">
<VirtualNetworkConfiguration>
<Dns />
<LocalNetworkSites>
<LocalNetworkSite name="lnt">
<AddressSpace>
<AddressPrefix>10.55.10.0/24</AddressPrefix>
</AddressSpace>
<VPNGatewayAddress>1.2.3.4</VPNGatewayAddress>
</LocalNetworkSite>
</LocalNetworkSites>
<VirtualNetworkSites>
<VirtualNetworkSite name="net" AffinityGroup="ag">
<AddressSpace>
<AddressPrefix>10.10.0.0/16</AddressPrefix>
</AddressSpace>
<Subnets>
<Subnet name="Front">
<AddressPrefix>10.10.1.0/24</AddressPrefix>
</Subnet>
<Subnet name="Back">
<AddressPrefix>10.10.2.0/24</AddressPrefix>
</Subnet>
</Subnets>
<Gateway>
<ConnectionsToLocalNetwork>
<LocalNetworkSiteRef name="lnt" />
</ConnectionsToLocalNetwork>
</Gateway>
</VirtualNetworkSite>
</VirtualNetworkSites>
</VirtualNetworkConfiguration>
Why does Azure think my config file is missing a subnet called GatewaySubnet?
Taking a guess that this is a point-to-site network (and it looks like one). If that's the case, you need to add the gateway subnet (you can see this in the portal, for point-to-site network configuration). You can add this from the Configure tab: scroll to the bottom and look at virtual network address spaces - you'll see a button to add the gateway subnet. If you do this, and then export your network, you'll see a GatewaySubnet element.