Azure Pipelines agent on Azure VM

Question

I am trying to setup a custom build agent on a Windows VM in Azure. I installed the build agent from Azure Pipelines. The VM shows in the agent pool, but is offline. For this VM I used the default settings, so it automatically created a virtual network, public IP, and network security group. The network security group is modified to allow RDP traffic from my IP address only, and to allow HTTPS traffic. I am assuming something with this setup is preventing Azure Pipelines from sending data to the VM.

My first question is how do I get this setup to work. What am I missing?

My second question is how do I get this to work in a more secure way by removing the default link between the public IP and the VM, and ultimately blocking direct access to the VM with a firewall?

Have you verified the service is running? Symptoms are of a service that's set to manual. WAG, but it's something to check. — user1228
After installing the agent I rebooted the VM. I found the VSTS Agent service was set to automatic delayed start, but was not started. I started it manually. That was before I asked the question. Thanks for asking. — user1165224
Hang on, I'm finding that the service is not actually starting. I'm now seeing the error :Error 1: Incorrect function". Perhaps I made a mistake in setting up the agent. — user1165224
Also, I remember something about devops having a problem with servers that had disabled tls 1.0/1.1 inbound/outbound. The outbound block results in an error message. Not sure if inbound results in what you're seeing. — user1228

4c74356b41 4c74356b41 · Accepted Answer · 2019-03-12T19:53:05

VM only needs outbound HTTPS access to Azure Devops
You dont need public ip for the agent vm

https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/v2-windows?view=azure-devops#im-running-a-firewall-and-my-code-is-in-azure-repos-what-urls-does-the-agent-need-to-communicate-with

Azure Pipelines agent on Azure VM

1 Answers