Skip to content

Commit 4e2816e

Browse files
Merge pull request #210229 from Blackmist/address-space-warning
note about IP range conflicts with docker
2 parents e515363 + 853a30c commit 4e2816e

File tree

3 files changed

+10
-3
lines changed

3 files changed

+10
-3
lines changed

articles/machine-learning/how-to-configure-private-link.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,10 @@ Azure Private Link enables you to connect to your workspace using a private endp
3636
## Prerequisites
3737

3838
* You must have an existing virtual network to create the private endpoint in.
39+
40+
> [!IMPORTANT]
41+
> We do not recommend using the 172.17.0.0/16 IP address range for your VNet. This is the default subnet range used by the Docker bridge network. Other ranges may also conflict depending on what you want to connect to the virtual network. For example, if you plan to connect your on premises network to the VNet, and your on-premises network also uses the 172.16.0.0/16 range. Ultimately, it is up to __you__ to plan your network infrastructure.
42+
3943
* [Disable network policies for private endpoints](../private-link/disable-private-endpoint-network-policy.md) before adding the private endpoint.
4044

4145
## Limitations

articles/machine-learning/how-to-secure-workspace-vnet.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,9 @@ In this article you learn how to enable the following workspaces resources in a
4848

4949
+ An existing virtual network and subnet to use with your compute resources.
5050

51+
> [!IMPORTANT]
52+
> We do not recommend using the 172.17.0.0/16 IP address range for your VNet. This is the default subnet range used by the Docker bridge network. Other ranges may also conflict depending on what you want to connect to the virtual network. For example, if you plan to connect your on premises network to the VNet, and your on-premises network also uses the 172.16.0.0/16 range. Ultimately, it is up to __you__ to plan your network infrastructure.
53+
5154
+ To deploy resources into a virtual network or subnet, your user account must have permissions to the following actions in Azure role-based access control (Azure RBAC):
5255

5356
- "Microsoft.Network/virtualNetworks/join/action" on the virtual network resource.

articles/machine-learning/tutorial-create-secure-workspace.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ ms.subservice: enterprise-readiness
88
ms.reviewer: jhirono
99
ms.author: larryfr
1010
author: blackmist
11-
ms.date: 04/06/2022
11+
ms.date: 09/06/2022
1212
ms.topic: how-to
1313
ms.custom: subject-rbac-steps, cliv2, event-tier1-build-2022
1414
---
@@ -70,10 +70,10 @@ To create a virtual network, use the following steps:
7070
>
7171
> The workspace and other dependency services will go into the training subnet. They can still be used by resources in other subnets, such as the scoring subnet.
7272
73-
1. Look at the default __IPv4 address space__ value. In the screenshot, the value is __172.17.0.0/16__. __The value may be different for you__. While you can use a different value, the rest of the steps in this tutorial are based on the __172.16.0.0/16 value__.
73+
1. Look at the default __IPv4 address space__ value. In the screenshot, the value is __172.16.0.0/16__. __The value may be different for you__. While you can use a different value, the rest of the steps in this tutorial are based on the __172.16.0.0/16 value__.
7474

7575
> [!IMPORTANT]
76-
> We do not recommend using an address in the 172.17.0.1/16 range if you plan on using Azure Kubernetes Services for deployment with this cluster. The Docker bridge in Azure Kubernetes Services uses 172.17.0.1/16 as its default. Other ranges may also conflict depending on what you want to connect to the virtual network. For example, if you plan to connect your on premises network to the VNet, and your on-premises network also uses the 172.16.0.0/16 range. Ultimately, it is up to __you__ to plan your network infrastructure.
76+
> We do not recommend using the 172.17.0.0/16 IP address range for your VNet. This is the default subnet range used by the Docker bridge network. Other ranges may also conflict depending on what you want to connect to the virtual network. For example, if you plan to connect your on premises network to the VNet, and your on-premises network also uses the 172.16.0.0/16 range. Ultimately, it is up to __you__ to plan your network infrastructure.
7777
7878
1. Select the __Default__ subnet and then select __Remove subnet__.
7979

0 commit comments

Comments
 (0)