Facing a problem about VNET and Azure Web Apps I don’t understand.
My issue
This is my setting:
Two web apps on the same service plan SP1 (SP1 (P1v2: 1)) and a VNET, VNET1:
Both subnets have Microsoft.Web/serverFarms delegation.
I want to add network config on my webapps webapps1 and webapps4.
I run this PowerShell script:
properties = @{
subnetResourceId = "/subscriptions/XXX/resourceGroups/RG1/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/sub01"
}
$vNetParams = @{
ResourceName = "mywebapps1/VirtualNetwork"
Location = "West Europe"
ResourceGroupName = "RG1"
ResourceType = "Microsoft.Web/sites/networkConfig"
PropertyObject = $properties
}
$result = New-AzResource @vNetParams -Force
$properties = @{
subnetResourceId = "/subscriptions/XXX/resourceGroups/RG1/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/sub02"
}
$vNetParams = @{
ResourceName = "mywebapps4/VirtualNetwork"
Location = "West Europe"
ResourceGroupName = "RG1"
ResourceType = "Microsoft.Web/sites/networkConfig"
PropertyObject = $properties
}
$result = New-AzResource @vNetParams -Force
First new-azresource works fine:
But the second one throw this error message:
New-AzResource : {"Code":"Conflict","Message":"Adding this VNET would
exceed the App Service Plan VNET limit of 1
What I did
I search for this error message. But found only one situation that did not help me or maybe I did not understand.
What I need
- Understand what it means.
- How I should do
Thank you
2
Answers
Regional virtual integration can use One virtual interface per worker means one regional virtual network integration per App Service plan. All the apps in the same App Service plan can only use the same virtual network integration to a specific subnet.
Gate-way required virtual network integration Enables an app to connect to only one virtual network at a time.
This can Enables up to five virtual networks to be integrated within an App Service plan.
Refer to this documentation for more information about different virtual network integrations and their limitations as well.
For more information you can refer to these similar threads:
https://social.msdn.microsoft.com/Forums/en-US/a8b51183-d94b-48c9-9b6c-e6a4dbec9919/vnet-integration-limit-of-1?forum=azureappconfiguration
As per my understanding you’re getting desired output. Please note that you are using New-AzResource which basically creates resources instead you should use Set-AzResource command.
Suggestion
Use Set-AzResource instead of New-AzResource
Configure VNet Integration
$subnetResourceId = "/subscriptions/$subscriptionId/resourceGroups/$resourceGroupName/providers/Microsoft.Network/virtualNetworks/$vNetName/subnets/$integrationSubnetName"
$webApp = Get-AzResource -ResourceType Microsoft.Web/sites -ResourceGroupName $resourceGroupName -ResourceName $siteName
$webApp.Properties.virtualNetworkSubnetId = $subnetResourceId
$webApp | Set-AzResource -Force
Regional VNet integration feature basically creates association or link between Microsoft.Network/VirtualNetwork and Microsoft.Web/Serverfarm resources using Rest API call.
In this scenario you’re using New-AzResoruce which invoke REST API for creation of service association which is already existed hence its throwing error. If you try to do it from portal you shouldn’t get that as portal validation takes care of type of REST API call.