Failed to deploy azure container with no incoming port due to MissingIpAddressPorts

Denis Babineau 6 Reputation points
2022-05-30T13:02:04.713+00:00

I'm attempting to deploy a container on a private subnet that doesn't require an incoming port but requires an IP for outbound connection (azure devops build agent) however it fails to deploy when no ports are provided. I don't understand why a port is required ? I shouldn't have to define a bogus port.

condensed ARM snippet: 

    {
      "type": "Microsoft.ContainerInstance/containerGroups",
      "apiVersion": "2021-10-01",
      ...
      "properties": {
        "containers": [
          {
            ...
          }
        ],
        "subnetIds": [
          {
            "id": "...",
            "name": "ACI"
          }
        ],
        "osType": "Linux",
        "ipAddress": {
          "type": "Private",
          "ports": [
          ]
        }
      }

Error: 

{"status":"Failed","error":{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.","details":[{"code":"BadRequest","message":"{\r\n  \"error\": {\r\n    \"code\": \"SubnetMissingRequiredDelegation\",\r\n    \"message\": \"Subnet missing required delegation 'Microsoft.ContainerInstance' for container group 'buildagent-cache-server'.\"\r\n  }\r\n}"},{"code":"BadRequest","message":"{\r\n  \"error\": {\r\n    \"code\": \"MissingIpAddressPorts\",\r\n    \"message\": \"The ports in the 'ipAddress' of container group 'buildagent-build-server0' cannot be empty.\"\r\n  }\r\n}"},{"code":"BadRequest","message":"{\r\n  \"error\": {\r\n    \"code\": \"MissingIpAddressPorts\",\r\n    \"message\": \"The ports in the 'ipAddress' of container group 'buildagent-build-server1' cannot be empty.\"\r\n  }\r\n}"}]}}
Azure Container Instances
Azure Container Instances
An Azure service that provides customers with a serverless container experience.
669 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Manu Philip 17,186 Reputation points MVP
    2022-05-30T18:53:11.477+00:00

    As the type specified includes containerGroups also, - "type": "Microsoft.ContainerInstance/containerGroups", there should be a method that supports the container instances within the container group, can reach each other via localhost on any port, even if those ports aren't exposed externally on the group's IP address or from the container. That's the reason why the deployment fails. You should have to define a UDP port at least as a bogus port to address this.
    Otherwise, you have to try the method involves Virtual Networks scenario as explains here: container-instances-virtual-network-concepts

    ----------

    --please don't forget to upvote and Accept as answer if the reply is helpful--