search

microsoft / AzureTRE

An accelerator to help organizations build Trusted Research Environments on Azure.
https://microsoft.github.io/AzureTRE
MIT License
170 stars 134 forks source link

AML Public IP Compute Deployment fails due to required routes #2645

Closed marrobi closed 1 year ago

marrobi commented 1 year ago

When using publicly exposed compute instance with Azure Machine learning the following route table entries are required:

az network route-table route create -g MyResourceGroup --route-table-name MyRouteTable -n AzureMLRoute --address-prefix AzureMachineLearning --next-hop-type Internet
az network route-table route create -g MyResourceGroup --route-table-name MyRouteTable -n BatchRoute --address-prefix BatchNodeManagement.westus2 --next-hop-type Internet

Without these deployment of the compute fails

marrobi commented 1 year ago

Solution is to add the following to the firewall routetable.tf

resource "azurerm_route" "aml" {
  name           = "AzureMachineLearning"
  resource_group_name    = data.azurerm_resource_group.rg.name
  route_table_name       = azurerm_route_table.rt.name
  address_prefix = "AzureMachineLearning"
  next_hop_type  = "Internet"
}

resource "azurerm_route" "batch" {
  name           = "BatchNodeManagement"
  resource_group_name    = data.azurerm_resource_group.rg.name
  route_table_name       = azurerm_route_table.rt.name
  address_prefix = "BatchNodeManagement"
  next_hop_type  = "Internet"
}

The bundle version will need updating, then updating in cosmos, then an update operation carried out on the firewall resource

marrobi commented 1 year ago

Fixed.