Web ACI --> Backend ACI --> Database

Tim Dadd 0 Reputation points
2023-03-29T01:41:05.23+00:00

Folks,

I'm new to Azure and really struggling to get a PoC working. I have two docker images. One is business logic server. It talks to a postgreSQL database and presents a GRPC & REST API by default on port 5000.

On a local Linux installation the PostgreSQL is installed at localhost:5432.

To run the server image on Linux I type:

docker run -network=host --env dbconnstr docker_hub_id/server_image_name

The client connects to the server using GRPC calls and presents a web application which is accessed using a browser. I haven't even looked at getting this working because I'm stuck on the first bit.

First I created a resource group

I've created a "Azure database for PostgreSQL" connected with Private Access on a Virtual Network and Private DNS.

I think I need to create a private end point on the virtual network but the private end point tab has no create option.

When I create the ACI I cannot connect to the virtual network - it offers no subset. But the default subnet has 251 IPs available as it's /24. I delegated the subnet to
Microsoft.DBforPostgreSQL/flexibleServers but this didn't do anything.

I created the ACI on the default VPN of the RG - not the one the database is connected to and the container runs and the database connection is read from the environment variable. But obviously it doesn't find the database because it's on another VPN.

What am I doing wrong - why when I create the ACI am I not offered the default subnet of the VPN?

All I want is two ACIs and the database on one virtual network with public access to the http on port x of the client ACI.

Thanks in advance

Tim

Azure Container Instances
Azure Container Instances
An Azure service that provides customers with a serverless container experience.
707 questions
{count} votes

2 answers

Sort by: Most helpful
  1. vipullag-MSFT 26,311 Reputation points
    2023-03-29T04:57:07.1566667+00:00

    Hello Tim Dadd

    Welcome to Microsoft Q&A Platform, thanks for posting your query here.

    Based on the issue description you shared, looks like you are trying to deploy two Azure Container Instances (ACIs) and connect them to a PostgreSQL database that is hosted on a virtual network.
    To connect to the PostgreSQL database, you need to create a private endpoint on the virtual network and associate it with the PostgreSQL server.

    What am I doing wrong - why when I create the ACI am I not offered the default subnet of the VPN?

    Regarding the issue with the default subnet not being available when creating the ACI, it could be because the subnet is already in use by another resource. You can try creating a new subnet and delegating it to Microsoft.DBforPostgreSQL/flexibleServers.

    All I want is two ACIs and the database on one virtual network with public access to the http on port x of the client ACI.

    To deploy two ACIs and a PostgreSQL database on one virtual network with public access to the HTTP on port x of the client ACI, you can follow these steps:

    1. Create a virtual network and a subnet for the ACIs and the PostgreSQL server. You can use the Azure portal or Azure CLI to create the virtual network and subnet. Make sure that the subnet is delegated to Microsoft.DBforPostgreSQL/flexibleServers.
    2. Create a PostgreSQL server on the virtual network. You can use the Azure portal or Azure CLI to create the server. When creating the server, make sure that you select the virtual network and subnet that you created in step 1.
    3. Create two ACIs, one for the business logic server and one for the client. You can use the Azure portal or Azure CLI to create the ACIs. When creating the ACIs, make sure that you select the virtual network and subnet that you created in step 1.
    4. Create a public IP address for the client ACI. You can use the Azure portal or Azure CLI to create the IP address. When creating the IP address, make sure that you select the client ACI as the associated resource.
    5. Create a network security group (NSG) for the client ACI. You can use the Azure portal or Azure CLI to create the NSG. When creating the NSG, make sure that you allow inbound traffic on port x.
    6. Associate the NSG with the client ACI. You can use the Azure portal or Azure CLI to associate the NSG with the client ACI.
    7. Connect to the PostgreSQL server from the business logic server ACI using the private endpoint.
    8. Configure the business logic server to listen on port x and expose it to the client ACI.

    With these steps, you should be able to deploy two ACIs and a PostgreSQL database on one virtual network with public access to the HTTP on port x of the client ACI.

    Hope this helps.

    0 comments No comments

  2. Ali Sufyan Butt 86 Reputation points MVP
    2023-04-13T12:16:17.74+00:00

    Hi Tim, You're trying to set up a PoC on Azure using two Docker images and a PostgreSQL database. You've created an Azure database for PostgreSQL with Private Access on a Virtual Network and Private DNS. To get started, you need to create a Private Endpoint on the Virtual Network, which requires proper configuration. If you cannot see the option to create a Private Endpoint, you may need to review the documentation and ensure that you've followed the steps correctly. When creating an ACI instance, you should be able to select the subnet and the Virtual Network that it should connect to. If you're not seeing the default subnet of your Virtual Network, it could be due to network configuration issues. Try creating a new subnet delegated to the Microsoft.DBforPostgreSQL/flexibleServers service endpoint specifically for the ACI. To enable public access to the client ACI, you can create a Public IP address and associate it with the ACI. You can then use this IP address to access the web application running on the client ACI. Overall, it's important to ensure that all the components are properly configured, including the Virtual Network, subnets, service endpoints, and firewall rules. I am not sure if this helps, let me know if you need more help

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.