[DEPRECATED DOC]

Bring your own VNet

Pre-Requisites

Only available to Enterprise Customers

Requirements

  • We strongly recommend installing in a clean, isolated subscription to avoid subscription-scope rate limits present in AKS
  • We recommend adding Service Endpoints for Microsoft.Sql and Microsoft.Storage to ensure private traffic to those services
  • We recommend creating a subnet with at least a /24 to support future expansion (a /22 should be sufficient for all future expansion). We would recommend against creating a subnet any smaller than a /27
  • The subnet requires unrestricted egress access to 0.0.0.0/0

Info to send back to Ascend for the installation (in addition to the information here)

  • Resource Group Name
  • VNet Name
  • Subnet Name
  • Pod IP range
  • Pod IP range must be equal to the total number of private subnet IPs * 256. An easy way to get this is if you've allocated a /24 for the private subnets, the pod IP range must be a /16 (24 - 8 = 16).
  • Service IP range
  • Service IP range must be a /24
  • Docker Bridge Address
  • This is a single IP

Pod, Service, Docker Bridge Ranges/IPs

  • Documentation from Azure can be found for the details of these required ranges here. You do not need to provide us an IP for the DNS Service, as we can infer it from the provided Service IP Range.
  • Pod Range, Service Range, and Docker Bridge Address may overlap with other peered network resources, but must not overlap with the IPs of any data sources that the customer wishes to connect Ascend to.
  • In the instance that you have multiple environments peered to the same private networks, all environments may use the same pod, service, and docker bridge ranges/addresses. We recommend doing this in order to reduce complexity around IP range management.