A recent update to Azure Batch added the ability to join a batch pool to a virtual network. By doing so, it is possible for batch compute nodes to access resources inside a VNet (file servers, SQL servers, etc.).
VNet Requirements
There are some limitations on the VNet configuration if you wish to do this:
- Only Cloud Services Configuration pools can be assigned a VNet.
- The VNet must be:
- In the same Azure region as the Azure Batch account.
- In the same subscription as the Azure Batch account.
- A classic VNet.
- The VNet should have enough free IP addresses to accommodate the size of the pool
- The MicrosoftAzureBatch service principal must have the Classic Virtual Machine Contributor Role-Based Access Control (RBAC) role for the specified VNet.
- The batch service needs to be able to communicate with the pool. Ideally, this means putting batch nodes in their own subnet with no NSG.
This presented me with a few issues, mainly with the need for a classic VNet, given that all my resources are in an ARM VNet. Fortunately, VNet peering allows us to join a classic VNet to an ARM one with some ease.
Pool Creation
The joining of a VNet occurs at the time of creating a pool. This can be done using the using the REST API, but we will look at using PowerShell, which isn't terribly well-documented.
The initial part of the PowerShell is fairly straightforward: connect to Azure, select the subscription, and get a batch context for your batch account.
Add-AzureRmAccount
Select-AzureRmSubscription –SubscriptionName "<Subscription Name>" $batchcontext = Get-AzureRmBatchAccountKeys –AccountName <batchAccountName> The next part is where we actually configure the VNet using the new PSNetworkConfiguration element of the batch configuration, which we set to the resource ID of the subnet we want to use for batch VMs.
$vnetconf = New-Object –TypeName Microsoft.Azure.Commands.Batch.Models.PSNetworkConfiguration
$vnetconf.SubnetId = "/subscriptions/4cffbd13-xxxxx-xxxxxx-xxxx/resourceGroups/<resoureGroupName>/providers/Microsoft.ClassicNetwork/virtualNetworks/<vNetName>/subnets/<subnetName>"
Finally, we create a new cloud service configuration and use that, and the network configuration, to create a pool.
$configuration = New-Object –TypeName "Microsoft.Azure.Commands.Batch.Models.PSCloudServiceConfiguration" –ArgumentList @(4,"*")
New-AzureBatchPool -Id "<poolName>" –VirtualMachineSize "Standard_D3_v2" –TargetDedicated 1 –BatchContext $batchcontext –NetworkConfiguration $vnetconf –CloudServiceConfiguration $configuration
Here's the script in full. This will create a pool with a dedicated single D3v2 VM. Obviously, if you wanted to add auto scaling or change machine sizes, you would amend the configuration to include this.
Add-AzureRmAccount
Select-AzureRmSubscription –SubscriptionName "<Subscription Name>"
$batchcontext = Get-AzureRmBatchAccountKeys –AccountName <batchAccountName>
$vnetconf = New-Object –TypeName Microsoft.Azure.Commands.Batch.Models.PSNetworkConfiguration
$vnetconf.SubnetId = "/subscriptions/4cffbd13-xxxxx-xxxxxx-xxxx/resourceGroups/<resoureGroupName>/providers/Microsoft.ClassicNetwork/virtualNetworks/<vNetName>/subnets/<subnetName>"
$configuration = New-Object –TypeName "Microsoft.Azure.Commands.Batch.Models.PSCloudServiceConfiguration" –ArgumentList @(4,"*")
New-AzureBatchPool -Id "<poolName>" –VirtualMachineSize "Standard_D3_v2" –TargetDedicated 1 –BatchContext $batchcontext –NetworkConfiguration $vnetconf –CloudServiceConfiguration $configuration
If you want to know more, check out these links for further reading:
{{ parent.title || parent.header.title}}
{{ parent.tldr }}
{{ parent.linkDescription }}
{{ parent.urlSource.name }}