-
Notifications
You must be signed in to change notification settings - Fork 194
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
todo-nodejs-mongo-aks
app not reachable - due to ingress networking security policy in microsoft tenants
#4108
Comments
Are these related? #4109 |
This may have been transient. Please re-test |
@rajeshkamal5050 or @weikanglim @vhvb1989 Can you follow up? |
This is expected for @wbreza knows the instructions for testing the ask template. There was something related to using a DevBox with access to CorpNet (when using playground sub) |
I didn't run into that DevBox/CorpNet issue with the hello-ai aks project. So, I think the restriction Wallace was dealing was could have been resolved. This works: |
Did you set the |
Here's an example, After deploying aks template: Deploying services (azd deploy)
(✓) Done: Deploying service api
- http://10.0.255.78:80 (Service: todo-api, Type: ClusterIP)
- http://4.153.60.214/api (Ingress, Type: LoadBalancer)
(✓) Done: Deploying service web
- http://10.0.33.13:80 (Service: todo-web, Type: ClusterIP)
- http://4.153.60.214 (Ingress, Type: LoadBalancer) The ingress But not from my host PC at home: |
fix for this: #4117 |
|
@jongio This is an ingress networking security policy automatically configured against all Microsoft tenant subscriptions which block all inbound traffic to any VM backed resources. Deploying this template to subscriptions outside of the Microsoft tenant will work as expected unless the subscription has similar policies in place. |
Do we have anything documented for this in the README? What should we tell the end user? If you are running on an internal sub, then you need to test this from a devbox. Here's the error you'll receive if you attempt to run outside of a devbox: |
azd up
for template todo-nodejs-mongo-aks
todo-nodejs-mongo-aks
app not reachable - due to ingress networking security policy in microsoft tenants
@Menghua1 - can you do a pr into azure-dev repo to add a note to the readme about this issue? |
Okay, let's close this now that we have something in the readme and please update the test cases to reflect this. |
@jongio Got it, I closed this issue. Could you please clarify what you mean by "the test cases"? Additionally, in the latest test, when testing |
Describe the issue:
After running the
azd up
command, click the api and web links output in the logs, and the pages fails to load as follows:Repro Steps:
azd auth login
.azd init -t todo-nodejs-mongo-aks -b staging
.azd up
.Environment:
todo-nodejs-mongo-aks
.pr/3976
andstaging
.azd version 1.10.0-beta.1-daily.3947259 (commit 5bf8568b1566723be8bc2259c578df4f931cf430)
Expected behavior:
Web and api page can be loaded successful.
@jongio for notification.
The text was updated successfully, but these errors were encountered: