As per the title, I have 2 different resource groups:
- App Service running 2 containers with our Node application. It has no VNet configured by default. Let's call it AS from now on.
- MongoDB ReplicaSet by Bitnami, containing 2 instances. It has a VNet configured by default: address space
10.0.0.0/24
, with instances having assigned addresses10.0.0.4
and10.0.0.5
. Let's call it DB from now on.
I wanted to create a network peering in order to let App Service Plan talking with Databases. Since AS hasn't a VNet, I had firstly to create one. Here is the network topology before the peering:
- AS: address space
10.1.0.0/24
- DB: address space
10.0.0.0/24
I then created the peering AS => DB
, so far so good. Azure Portal display the networks as an unique one, with flag "Connected". Also, the App Service Plan's Virtual Network Integration interface looks good. If you look at the bottom of the image, you'll see as Address routed to Vnet the DB's address space, that is 10.0.0.0
to 10.0.0.255
.
Despite the network peering seems configured correctly, my Node applications still can't connect to the databases. I got mainly two errors application-side so far:
- [MongoError: connect ETIMEDOUT 10.0.0.5:27017]
- [MongoError: connect EACCES 10.0.0.5:27017]
whereas Azure Container's tcpping
gives me either:
- An attempt was made to access a socket in a way forbidden by its access permissions 10.0.0.5:27017
- Connection timed out
Any idea?
192.168.0.0/24
via1st VNET
). I don't believe the VNET peering will tell the 2nd VNET about the point to site address space by default. – evilSnobu