Pool AllocationFailure when using User Subscription pool allocation mode.

Tiffany Seale 20 Reputation points
2024-01-19T23:11:53.96+00:00

Previously, we used the Batch Account pool allocation mode and a managed identity to authenticate with key vault to create pools inside of our batch account with no problems. When using the User Subscription pool allocation mode and the SAME managed identity and key vault inside of the same vnet and subnet, we get AllocationFailed with no other error message. Then the pools get stuck in resizing when trying to delete them. We have double checked the documentation listing how to create the batch account to use spot nodes and can't find any discrepancies but are still seeing problems. Has anyone else had this problem before or have any suggestions?

Azure Batch
Azure Batch
An Azure service that provides cloud-scale job scheduling and compute management.
305 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Prrudram-MSFT 22,381 Reputation points
    2024-01-22T09:31:59.75+00:00

    Hi @Tiffany Seale

    Thank you for reaching out to the Microsoft Q&A platform.

    If I understand your problem, you are encountering issues when using a managed identity to authenticate with Key Vault in a Batch account with User Subscription pool allocation mode. Here are a few suggestions that may help:

    • If i understand your problem, you are encountering issues when using a managed identity to authenticate with Key Vault in a Batch account with User Subscription pool allocation mode. Here are a few suggestions that may help:
    • Verify that the managed identity has the necessary permissions to access the Key Vault. You can do this by following these steps:
    • Open the Azure portal and navigate to the Key Vault. b. Click on "Access policies" and verify that the managed identity has been granted the necessary permissions (e.g. "Get", "List", "Set", "Delete" for secrets). c. If the managed identity is not listed, click on "Add Access Policy" and select the managed identity from the list of available identities.
    • Verify that the Batch account has been configured correctly to use the managed identity. You can do this by following these steps:
    • Open the Azure portal and navigate to the Batch account. b. Click on "Identity" and verify that the managed identity has been enabled for the Batch account. c. If the managed identity is not enabled, click on "System-assigned" and toggle the switch to "On".
    • Verify that the Batch account has been configured correctly to use User Subscription pool allocation mode. You can do this by following these steps:
    • Open the Azure portal and navigate to the Batch account. b. Click on "Pools" and verify that the pool allocation mode is set to "User Subscription". c. If the pool allocation mode is not set correctly, click on "Configuration" and select "User Subscription" from the list of available options.
    • Verify that the virtual network and subnet have been configured correctly to allow communication between the Batch account and the Key Vault. You can do this by following these steps:
    • Open the Azure portal and navigate to the virtual network. Click on "Subnets" and verify that the Batch account and Key Vault are both located in the same subnet. If the Batch account and Key Vault are not located in the same subnet, move them to the same subnet.

    If none of these suggestions resolve the issue, you may want to consider opening a support case with Microsoft to get further assistance.

    If I have answered your query, please click "Accept as answer" as a token of appreciation