Impossible to retrive the virtual network profile id

Question

I have a weird issue while trying to get my virtual network profile ID needed for creating azure containers and attched them to that existing VNET and subnet

I am sure that I am on the current azure account and get full rights.

By running the command below it does not return anything, while my network is existinging

az network profile list --resource-group myNetwokResourceGroupName --output tsv

Q1 : Any idea why it does not return any value ?

In addition to that , by doing it in an other way around and running a command from CLI to create a container and attached it to an existing Vnet and Subnet which are fully valid I get an error too

az container create
--name mycontainer --resource-group myresourcegroup --image crazlabjira01.azurecr.io/jira-servicemanagement:4.19.0 --vnet **myVnet --vnet-address-prefix 172.27.0.0/16 --subnet mySubnet --subnet-address-prefix 172.27.14.0/24**

My subnet is in the range of the Vnet so why does the command returns the following error :

(NetcfgInvalidSubnet) Subnet 'mySubnet' is not valid in virtual network 'myVnet'

Q2 : What is wrong the the command saying that subnet is invalid while it is fully valide and in the range ?

Please note that if I create that container using the UI and network defined above, it works without any trouble

Thanks for help

Answer 1

@Calderara Serge ,
for Q1: On a quick repro I have observed that adding "location" param ran the command successfully.

   az container create --name suvasara-containergroup --resource-group Networking-Resources --image mcr.microsoft.com/azuredocs/aci-helloworld --vnet Networking-Resources-vnet --vnet-address-prefix 172.18.11.0/24 --subnet default --subnet-address-prefix 172.18.11.0/24 --location westus  

Note: Even after creating the container instance, I am unable to find the network profile ID. Looks like it was removed from the CLI module.

for Q2: When you first deploy a container group to a subnet, Azure delegates that subnet to Azure Container Instances. Once delegated, the subnet can be used only for container groups. If you attempt to deploy resources other than container groups to a delegated subnet, the operation fails. Please do verify whether the subnet is part of any other resources or a gateway subnet.

----------

Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.

Answer 2

@suvasara-MSFT , thanks for your reply.

I can confirm that the Subnet is only dedicated to Container Instance service delegate.
I have tested your tips by adding the location to the command which is now :

az container create --name testvnetJira --resource-group rg-az-lab-jira-ci --image crazlabjira01.azurecr.io/jira-servicemanagement:4.19.0 --registry-username xxxxxxxxx --registry-password xxxxxxxxx --vnet vn-az-we-lab --vnet-address-prefix 172.27.0.0/16 --subnet sn-az-lab-jiraci --subnet-address-prefix 172.27.14.0/24 --location westeurope

And I get still same error :
(NetcfgInvalidSubnet) Subnet 'sn-az-lab-jiraci' is not valid in virtual network 'vn-az-we-lab'

Q1 : Does the VeNet needs to be in same ressource group as the container you create with the command ?

Based on the other type of deployement of the container by using Yaml file, I need to retrive the NetworkProfile ID based on my Vnet and Subnet
But as I mentionnned, running the command :

az network profile list --resource-group rg-az-lab-mgt --query [0].id --output tsv

Does not return any value while, the vnet exist the group, any idea why nothing is return as explain it should in following reference doc :
https://learn.microsoft.com/en-us/azure/container-instances/container-instances-vnet

Thanks for your reply
regards