You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
> The workspace name for this FQDN might be truncated. Truncation is done to keep `ml-<workspace-name, truncated>-<region>-<workspace-guid>` at 63 characters or less.
@@ -374,13 +371,15 @@ If you need to configure custom DNS server without DNS forwarding, use the follo
374
371
> * Compute instances can be accessed only from within the virtual network.
375
372
> * The IP address for this FQDN is **not** the IP of the compute instance. Instead, use the private IP address of the workspace private endpoint (the IP of the `*.api.azureml.ms` entries.)
376
373
377
-
* `<instance-name>.<region>.instances.azureml.ms` - Only used by the `az ml compute connect-ssh` command to connect to computers in a managed virtual network. Not needed if you aren't using a managed network or SSH connections.
374
+
* `<instance-name>-22.<region>.instances.azureml.ms` - Only used by the `az ml compute connect-ssh` command to connect to computers in a managed virtual network. Not needed if you aren't using a managed network or SSH connections.
378
375
379
376
* `<managed online endpoint name>.<region>.inference.ml.azure.com` - Used by managed online endpoints
380
377
* `models.ai.azure.com` - Used for deploying Models as a Service
381
378
382
379
To find the private IP addresses for your A records, see the [Azure Machine Learning custom DNS](/azure/machine-learning/how-to-custom-dns#find-the-ip-addresses) article.
383
-
To check AI-PROJECT-GUID, go to the Azure portal, select your project, settings, properties, and the workspace ID is displayed.
380
+
381
+
> [!NOTE]
382
+
> Project workspaces reuse the FQDNs of the associated hub workspaces. There is no reason to configure separate entries for the project workspace GUIDs.
@@ -56,8 +56,6 @@ Another option is to modify the `hosts` file on the client that is connecting to
56
56
57
57
Access to a given Azure Machine Learning workspace via Private Link is done by communicating with the following Fully Qualified Domains (called the workspace FQDNs):
58
58
59
-
> [!IMPORTANT]
60
-
> If you're using a hub workspace (including Azure AI Foundry hub), then you have other entries for each project workspace created from the hub.
61
59
62
60
**Azure Public regions**:
63
61
-```<per-workspace globally-unique identifier>.workspace.<region the workspace was created in>.api.azureml.ms```
@@ -67,12 +65,6 @@ Access to a given Azure Machine Learning workspace via Private Link is done by c
-```<managed online endpoint name>.<per-workspace globally-unique identifier>.inference.<region>.privatelink.api.ml.azure.us``` - Used by managed online endpoints
120
100
121
-
The FQDNs resolve to the IP addresses of the Azure Machine Learning workspace in that region. However, resolution of the workspace Private Link FQDNs can be overridden by using a custom DNS server hosted in the virtual network. For an example of this architecture, see the [custom DNS server hosted in a virtual network](#example-custom-dns-server-hosted-in-virtual-network) example. For hub and project workspaces, the FQDNs of all project workspaces resolve to the IP address of the hub workspace.
101
+
The FQDNs resolve to the IP addresses of the Azure Machine Learning workspace in that region. However, resolution of the workspace Private Link FQDNs can be overridden by using a custom DNS server hosted in the virtual network. For an example of this architecture, see the [custom DNS server hosted in a virtual network](#example-custom-dns-server-hosted-in-virtual-network) example. For hub and project workspaces, project workspaces inherit the FQDNs from the hub workspace.
@@ -146,9 +126,6 @@ The following list contains the fully qualified domain names (FQDNs) used by you
146
126
*`<instance-name>-22.<region>.instances.azureml.ms` - Only used by the `az ml compute connect-ssh` command to connect to computes in a private virtual network. Not needed if you aren't using a managed network or SSH connections.
147
127
*`<managed online endpoint name>.<region>.inference.ml.azure.com` - Used by managed online endpoints
148
128
149
-
> [!TIP]
150
-
> If you're using hub and project workspaces, each project workspace has its own set of FQDNs. For more information, see the [workspace DNS resolution](#workspace-dns-resolution-path) section.
151
-
152
129
#### Microsoft Azure operated by 21Vianet region
153
130
154
131
The following FQDNs are for Microsoft Azure operated by 21Vianet regions:
@@ -168,9 +145,6 @@ The following FQDNs are for Microsoft Azure operated by 21Vianet regions:
168
145
*`<managed online endpoint name>.<region>.inference.ml.azure.cn` - Used by managed online endpoints
169
146
*`models.ai.azure.com` - Used for deploying Models as a Service
170
147
171
-
> [!TIP]
172
-
> If you're using hub and project workspaces, each project workspace has its own set of FQDNs. For more information, see the [workspace DNS resolution](#workspace-dns-resolution-path) section.
173
-
174
148
#### Azure US Government
175
149
176
150
The following FQDNs are for Azure US Government regions:
@@ -188,9 +162,6 @@ The following FQDNs are for Azure US Government regions:
188
162
189
163
*`<managed online endpoint name>.<region>.inference.ml.azure.us` - Used by managed online endpoints
190
164
191
-
> [!TIP]
192
-
> If you're using hub and project workspaces, each project workspace has its own set of FQDNs. For more information, see the [workspace DNS resolution](#workspace-dns-resolution-path) section.
193
-
194
165
### Find the IP addresses
195
166
196
167
To find the internal IP addresses for the FQDNs in the virtual network, use one of the following methods:
@@ -237,19 +208,6 @@ To find the internal IP addresses for the FQDNs in the virtual network, use one
237
208
}
238
209
]
239
210
```
240
-
241
-
1. If you're using a hub workspace, use the following steps _for each_ project workspace that was created from the hub:
242
-
243
-
1. To get the project workspace ID, use the following command:
244
-
245
-
```azurecli
246
-
az ml workspace show --name <project-workspace-name> --resource-group <resource-group> --query 'discovery_url'
247
-
```
248
-
249
-
The value returned follows the format `https://<project-workspace-id>.workspace.<region>.api.azureml.ms/mlflow/<version>/subscriptions/<subscription-id>/resourceGroups/<resource-group>/providers/Microsoft.MachineLearningServices/workspaces/<project-workspace-name>`.
250
-
251
-
1. Take the FQDNs returned from the hub workspace that end in `workspace.<region>.api.azureml.ms` and `workspace.<region>.cert.api.azureml.ms`. Replace the GUID value at the beginning of these FQDNs with the project workspace ID. These FQDNs are in addition to the hub workspace FQDNs.
252
-
1. Take the FQDN returned from the hub workspace that follows the format in `<workspace-name>-<region>-<GUID>.<region>.notebooks.azure.net`. Replace the GUID value with the project workspace ID. Replace the hub workspace name with the project workspace name. You might need to truncate the workspace name to keep this entry at 63 characters or less. This FQDN is in addition to the hub workspace FQDN.
0 commit comments