question

nishikatah-8957 avatar image
0 Votes"
nishikatah-8957 asked RyanODell-9100 commented

Deploy with pipelines to endpoint of private link

Hello everyone.
I'm currently using two App Services to build a frontend and backend configuration system.

Communication from frontend to backend will be performed for private endpoint by creating a private link with backend.

Deploying to App Serivce was automated using Pipelines, but after creating a private endpoint on the backend, it now fails.

Since access to the backend is no longer possible from the Internet, I can guess that private communication is restricted to private, but I do not know how to deploy to this private endpoint.

If anyone knows about it, I would like to borrow your wisdom.

Alternatively, the "mvn azure-webapp: deploy" command from your local PC will succeed, so if you know how to execute this command in the pipeline, you can let me know.





azure-webapps-development
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

After all the searching and testing, the simple solution is to create a 'stage' deployment slot on your Azure resource, this will by default have 0% traffic and a public IP address.

In DevOps (or similar CD) you can then specify the 'stage' slot for the deployment, this will work.
After the deployment succeeds, you then add a powershell cli and use the following az cli command to switch active slots, this actually just swaps the application files, it doesn't swap the IP's.

az webapp deployment slot swap -g "resource group" -n "resource name" --slot stage --target-slot production

You can swap out the static values (i.e. "resource group", "resource name" for environment variables, either $variable or $env:variable depending on your OS).

It's that simple, I wish the documentation and internet would make it this easy to find!

0 Votes 0 ·
brtrach-MSFT avatar image
0 Votes"
brtrach-MSFT answered Accounts-2765 published

@nishikatah-8957 Please take a look at the below document, which calls out the need to add the necessary IP ranges that need to be added in the NSG of the network subnet that your private endpoint is in to allow the traffic from Azure DevOps.

Please let us know if this resolves the issue. Otherwise we can continue assiting you. We look forward to your reply.

https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/hosted?view=azure-devops&tabs=yaml#networking)
JSON file that contains the IP addresses, which is updated weekly. (https://www.microsoft.com/en-us/download/details.aspx?id=56519)

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Here Private endpoint for webapp is in East US and Devops Project is in Central US. do we need to allow Inbound Rules for Source IP and Destination will be any in NSG of private endpoint ? Or need to allow Outbound rules for This source

0 Votes 0 ·
nishikatah-8957 avatar image
0 Votes"
nishikatah-8957 answered shkumesh commented

thanks brtrachMSFT-0711


I did my best to solve it.

I had to overcome some problems to solve this problem.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi ,

How did you resolve this? We are having the same problem?

0 Votes 0 ·
AlessandroSurace-8293 avatar image
0 Votes"
AlessandroSurace-8293 answered SofiaNoorbasha-1329 commented

Another solution would be to create a VPN or xpress route between azure and your data center and run a self hosted agent pool in such network.
In this case the DevOps pipeline should be configured to use such agent pool and the private endpoint should be reachable.
BR

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi Team,

Here i have doubt, i have created PLE subnet thn PLE i need to create or directly i need to configured agent pool.

Colud u pls provides any steps hoe to proceed or share any reference document, it will be helpful.

Thank you

0 Votes 0 ·