Needed inbound rules within NSG for Windows VM with Azure DevOps Agent

Ping Fung Yin 6 Reputation points
2019-11-19T09:54:14.33+00:00

I have a VM which is used as a management endpoint for my service fabric cluster which will be connected through an internal load balancer. My VM will also be connected through a devops server. Considering all these which ports in my inbound rules within my NSG would need to be open?

Azure Service Fabric
Azure Service Fabric
An Azure service that is used to develop microservices and orchestrate containers on Windows and Linux.
253 questions
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,385 questions
0 comments No comments
{count} vote

1 answer

Sort by: Most helpful
  1. Micah McKittrick 946 Reputation points Microsoft Employee
    2019-11-19T21:41:23.823+00:00

    Are you sure you are even hitting any public endpoints? If you are using an internal load balancer it is staying within the Vnet so NSGs shouldn't cause any blocks. I personally am not 100% sure what ports devops uses but generally for Service Fabric you should have port 80, 443, and the fabric manager port is 19000. But again, if you are using internal Vnets, you won't actually hit the external web and NSGs won't care if you have the needed inbound ports. Might be best to set it up and if you hit a blocker dig in deeper with some traces.

    1 person found this answer helpful.
    0 comments No comments