Is there a way to host the remote web socket server privately?

[zachgalvin]

In order to get the ML VSCode extension to work in a locked down network, you have to allow the following endpoint:

https://github.com/microsoft/vscode-tools-for-ai/tree/master/azureml_remote_websocket_server/*

According to this documentation:

https://learn.microsoft.com/en-us/azure/machine-learning/how-to-access-azureml-behind-firewall?view=azureml-api-2&tabs=ipaddress%2Cpublic#scenario-visual-studio-code

But in order to limit to just that path, you have to have some proxy or firewall that decrypts traffic so that it can check the path. Is there a way to host the web socket server instead so that you don’t have to do any of that?

[Siglud]

So, the problem is the extension need to download this server binary from https://github.com/microsoft/vscode-tools-for-ai/tree/master/azureml_remote_websocket_server/. This is a URL from GitHub with TLS, you cannot decode the HTTP request the limit the server access only when remote host equals github.com and the path match the /microsoft/vscode-tools-for-ai/tree/master/azureml_remote_websocket_server/. Right?

I think the only way is SSL decrypt. Or maybe we move those binary files to the other site belongs to Microsoft can help you easier this work?

[zachgalvin]

Thanks for the response @Siglud! Yes, that is the problem I’m hitting, and I think those are the two potential solutions, but I’m curious about if we can host the binary files internally because I think that would be easier for me.

I know I could just download all the files at that path and then host them, but how would I tell VSCode to look at my self hosted location rather than trying to go to GitHub? And are there any other caveats with that approach?

[zachgalvin]

@Siglud and @JerryYangKai any thoughts on if that is an option?