Merge pull request #199754 from lilinvictorms/private-link-v2

Update Azure Batch documents for No Public IP v2 public preview

Author: v-regandowner

articles/batch/TOC.yml

@@ -84,7 +84,7 @@
       displayName: compute node, application package, scaling, schedule, os, configuration
       href: nodes-and-pools.md
     - name: Jobs and tasks
-      displayName: Batch job, start task, environment 
+      displayName: Batch job, start task, environment
       href: jobs-and-tasks.md
     - name: Files and directories
       displayName: Batch file, working directory
@@ -113,8 +113,12 @@
       href: batch-management-dotnet.md
     - name: Get cost analysis and set budgets
       href: budget.md
+    - name: Configure public network access with Batch accounts
+      href: public-network-access.md
     - name: Use private endpoints with Batch accounts
       href: private-connectivity.md
+    - name: Manage private endpoint connections with Batch accounts
+      href: manage-private-endpoint-connections.md
     - name: Configure customer-managed keys
       href: batch-customer-managed-key.md
     - name: Move between regions
@@ -170,6 +174,9 @@
     - name: Create a pool without public IP addresses
       displayName: private
       href: batch-pool-no-public-ip-address.md
+    - name: Create a simplified node communication pool without public IP addresses
+      displayName: private
+      href: simplified-node-communication-pool-no-public-ip.md
     - name: Create a pool with ephemeral OS disk nodes
       href: create-pool-ephemeral-os-disk.md
     - name: Use extensions with pools
@@ -253,7 +260,7 @@
     href: batch-js-get-started.md
   - name: Run workloads
     items:
-    - name: MPI 
+    - name: MPI
       displayName: multi-instance, message passing interface
       href: batch-mpi.md
     - name: Container workloads

articles/batch/batch-account-create-portal.md

@@ -39,7 +39,11 @@ For background about Batch accounts and scenarios, see [Batch service workflow a
 
     :::image type="content" source="media/batch-account-create-portal/storage_account.png" alt-text="Screenshot of the options when creating a storage account.":::
 
-1. If desired, select **Advanced** to specify **Identity type**, **Public network access** or **Pool allocation mode**. For most scenarios, the default options are fine.
+1. If desired, select **Advanced** to specify **Identity type**, **Pool allocation mode** or **Authentication mode**. For most scenarios, the default options are fine.
+
+1. If desired, select **Networking** to configure [public network access](public-network-access.md) with your Batch account.
+
+    :::image type="content" source="media/batch-account-create-portal/batch-account-networking.png" alt-text="Screenshot of the networking options when creating a Batch account.":::
 
 1. Select **Review + create**, then select **Create** to create the account.
 
@@ -50,7 +54,7 @@ Once the account has been created, select the account to access its settings and
 > [!NOTE]
 > The name of the Batch account is its ID and can't be changed. If you need to change the name of a Batch account, you'll need to delete the account and create a new one with the intended name.
 
-:::image type="content" source="media/batch-account-create-portal/batch_blade.png" alt-text="Screenshot of the Batch account page in the Azure portal.":::
+:::image type="content" source="media/batch-account-create-portal/batch-blade.png" alt-text="Screenshot of the Batch account page in the Azure portal.":::
 
 When you develop an application with the [Batch APIs](batch-apis-tools.md#azure-accounts-for-batch-development), you need an account URL and key to access your Batch resources. (Batch also supports Azure Active Directory authentication.) To view the Batch account access information, select **Keys**.
 
@@ -127,7 +131,7 @@ Make sure to set the following parameters based on your Batch pool's configurati
 For example:
 
 ```powershell
-Get-AzMarketplaceTerms -Publisher 'microsoft-azure-batch' -Product 'ubuntu-server-container' -Name '20-04-lts' | Set-AzMarketplaceTerms -Accept 
+Get-AzMarketplaceTerms -Publisher 'microsoft-azure-batch' -Product 'ubuntu-server-container' -Name '20-04-lts' | Set-AzMarketplaceTerms -Accept
 ```
 
 

articles/batch/batch-cli-templates.md

@@ -89,10 +89,10 @@ The following is an example of a template that creates a pool of Linux VMs with
                 "imageReference": {
                     "publisher": "Canonical",
                     "offer": "UbuntuServer",
-                    "sku": "16.04-LTS",
+                    "sku": "18.04-LTS",
                     "version": "latest"
                 },
-                "nodeAgentSKUId": "batch.node.ubuntu 16.04"
+                "nodeAgentSKUId": "batch.node.ubuntu 18.04"
             },
             "vmSize": "STANDARD_D3_V2",
             "targetDedicatedNodes": "[parameters('nodeCount')]",

articles/batch/batch-parallel-node-tasks.md

@@ -145,7 +145,7 @@ For more information on adding pools by using the REST API, see [Add a pool to a
       "offer": "ubuntuserver",
       "sku": "18.04-lts"
     },
-    "nodeAgentSKUId": "batch.node.ubuntu 16.04"
+    "nodeAgentSKUId": "batch.node.ubuntu 18.04"
   },
   "targetDedicatedComputeNodes":2,
   "taskSlotsPerNode":4,

articles/batch/batch-pool-no-public-ip-address.md

@@ -6,16 +6,17 @@ ms.date: 01/11/2022
 ms.custom: references_regions
 ---
 
-# Create an Azure Batch pool without public IP addresses (preview)
+# Create a Batch pool without public IP addresses (preview)
 
 > [!IMPORTANT]
-> Support for pools without public IP addresses in Azure Batch is currently in public preview for the following regions: France Central, East Asia, West Central US, South Central US, West US 2, East US, North Europe, East US 2, Central US, West Europe, North Central US, West US, Australia East, Japan East, Japan West.
-> This preview version is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
-> For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
+> - Support for pools without public IP addresses in Azure Batch is currently in public preview for the following regions: France Central, East Asia, West Central US, South Central US, West US 2, East US, North Europe, East US 2, Central US, West Europe, North Central US, West US, Australia East, Japan East, Japan West.
+> - This preview version will be replaced by [Simplified node communication pool without public IP addresses](simplified-node-communication-pool-no-public-ip.md).
+> - This preview version is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
+> - For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
 
 When you create an Azure Batch pool, you can provision the virtual machine configuration pool without a public IP address. This article explains how to set up a Batch pool without public IP addresses.
 
-## Why use a pool without public IP Addresses?
+## Why use a pool without public IP addresses?
 
 By default, all the compute nodes in an Azure Batch virtual machine configuration pool are assigned a public IP address. This address is used by the Batch service to schedule tasks and for communication with compute nodes, including outbound access to the internet.
 
@@ -59,7 +60,7 @@ To restrict access to these nodes and reduce the discoverability of these nodes
 
 ## Use the Batch REST API to create a pool without public IP addresses
 
-The example below shows how to use the [Azure Batch REST API](/rest/api/batchservice/pool/add) to create a pool that uses public IP addresses.
+The example below shows how to use the [Batch Service REST API](/rest/api/batchservice/pool/add) to create a pool that uses public IP addresses.
 
 ### REST API URI
 
@@ -78,9 +79,9 @@ client-request-id: 00000000-0000-0000-0000-000000000000
           "imageReference": {
                "publisher": "Canonical",
                "offer": "UbuntuServer",
-               "sku": "16.040-LTS"
+               "sku": "18.04-lts"
           },
-     "nodeAgentSKUId": "batch.node.ubuntu 16.04"
+          "nodeAgentSKUId": "batch.node.ubuntu 18.04"
      }
      "networkConfiguration": {
           "subnetId": "/subscriptions/<your_subscription_id>/resourceGroups/<your_resource_group>/providers/Microsoft.Network/virtualNetworks/<your_vnet_name>/subnets/<your_subnet_name>",
@@ -98,11 +99,11 @@ client-request-id: 00000000-0000-0000-0000-000000000000
      "enableAutoScale": false,
      "enableInterNodeCommunication": true,
      "metadata": [
-    {
-      "name": "myproperty",
-      "value": "myvalue"
-    }
-       ]
+          {
+               "name": "myproperty",
+               "value": "myvalue"
+          }
+     ]
 }
 ```
 

articles/batch/create-pool-availability-zones.md

@@ -58,12 +58,12 @@ Request body
         "imageReference": {
             "publisher": "Canonical",
             "offer": "UbuntuServer",
-            "sku": "16.040-LTS"
+            "sku": "18.04-lts"
         },
         "nodePlacementConfiguration": {
             "policy": "Zonal"
         }
-        "nodeAgentSKUId": "batch.node.ubuntu 16.04"
+        "nodeAgentSKUId": "batch.node.ubuntu 18.04"
     },
     "resizeTimeout": "PT15M",
     "targetDedicatedNodes": 5,
@@ -78,4 +78,4 @@ Request body
 
 - Learn about the [Batch service workflow and primary resources](batch-service-workflow-features.md) such as pools, nodes, jobs, and tasks.
 - Learn about [creating a pool in a subnet of an Azure virtual network](batch-virtual-network.md).
-- Learn about [creating an Azure Batch pool without public IP addresses](./batch-pool-no-public-ip-address.md).
+- Learn about [creating an Azure Batch pool without public IP addresses](./simplified-node-communication-pool-no-public-ip.md).

articles/batch/create-pool-public-ip.md

@@ -7,11 +7,11 @@ ms.date: 12/20/2021
 
 # Create an Azure Batch pool with specified public IP addresses
 
-In Azure Batch, you can [create a Batch pool in a subnet of an Azure virtual network (VNet)](batch-virtual-network.md). Virtual machines (VMs) in the Batch pool are accessible through public IP addresses that Batch creates. These public IP addresses can change over the lifetime of the pool. If the IP addresses aren't refreshed, your network settings might become outdated. 
+In Azure Batch, you can [create a Batch pool in a subnet of an Azure virtual network (VNet)](batch-virtual-network.md). Virtual machines (VMs) in the Batch pool are accessible through public IP addresses that Batch creates. These public IP addresses can change over the lifetime of the pool. If the IP addresses aren't refreshed, your network settings might become outdated.
 
-You can create a list of static public IP addresses to use with the VMs in your pool instead. In some cases, you might need to control the list of public IP addresses to make sure they don't change unexpectedly.  For example, you might be working with an external service, such as a database, which restricts access to specific IP addresses. 
+You can create a list of static public IP addresses to use with the VMs in your pool instead. In some cases, you might need to control the list of public IP addresses to make sure they don't change unexpectedly.  For example, you might be working with an external service, such as a database, which restricts access to specific IP addresses.
 
-For information about creating pools without public IP addresses, read [Create an Azure Batch pool without public IP addresses](./batch-pool-no-public-ip-address.md).
+For information about creating pools without public IP addresses, read [Create an Azure Batch pool without public IP addresses](./simplified-node-communication-pool-no-public-ip.md).
 
 ## Prerequisites
 
@@ -27,19 +27,19 @@ For information about creating pools without public IP addresses, read [Create a
 Create one or more public IP addresses through one of these methods:
 - Use the [Azure portal](../virtual-network/ip-services/virtual-network-public-ip-address.md#create-a-public-ip-address)
 - Use the [Azure Command-Line Interface (Azure CLI)](/cli/azure/network/public-ip#az-network-public-ip-create)
-- Use [Azure PowerShell](/powershell/module/az.network/new-azpublicipaddress). 
+- Use [Azure PowerShell](/powershell/module/az.network/new-azpublicipaddress).
 
 Make sure your public IP addresses meet the following requirements:
 
 - Create the public IP addresses in the same subscription and region as the account for the Batch pool.
 - Set the **IP address assignment** to **Static**.
 - Set the **SKU** to **Standard**.
 - Specify a DNS name.
-- Make sure no other resources use these public IP addresses, or the pool might experience allocation failures. Only use these public IP addresses for the VM configuration pools. 
+- Make sure no other resources use these public IP addresses, or the pool might experience allocation failures. Only use these public IP addresses for the VM configuration pools.
 - Make sure that no security policies or resource locks restrict user access to the public IP address.
-- Create enough public IP addresses for the pool to accommodate the number of target VMs. 
-    - This number must equal at least the sum of the **targetDedicatedNodes** and **targetLowPriorityNodes** properties of the pool. 
-    - If you don't create enough IP addresses, the pool partially allocates the compute nodes, and a resize error happens. 
+- Create enough public IP addresses for the pool to accommodate the number of target VMs.
+    - This number must equal at least the sum of the **targetDedicatedNodes** and **targetLowPriorityNodes** properties of the pool.
+    - If you don't create enough IP addresses, the pool partially allocates the compute nodes, and a resize error happens.
     - Currently, Batch uses one public IP address for every 100 VMs.
 - Also create a buffer of public IP addresses. A buffer helps Batch with internal optimization for scaling down. A buffer also allows quicker scaling up after an unsuccessful scale up or scale down. We recommend adding one of the following amounts of buffer IP addresses; choose whichever number is greater.
     - Add at least one more IP address.
@@ -69,9 +69,9 @@ Request body:
         "imageReference": {
           "publisher": "Canonical",
           "offer": "UbuntuServer",
-          "sku": "16.04.0-LTS"
+          "sku": "18.04-LTS"
         },
-        "nodeAgentSKUId": "batch.node.ubuntu 16.04"
+        "nodeAgentSKUId": "batch.node.ubuntu 18.04"
       },
 "networkConfiguration": {
           "subnetId": "/subscriptions/<subId>/resourceGroups/<rgId>/providers/Microsoft.Network/virtualNetworks/<vNetId>/subnets/<subnetId>",

articles/batch/manage-private-endpoint-connections.md

@@ -0,0 +1,70 @@
+---
+title: Manage private endpoint connections with Azure Batch accounts
+description: Learn how to manage private endpoint connections with Azure Batch accounts, including list, approve, reject and remove.
+ms.topic: how-to
+ms.date: 05/26/2022
+---
+
+# Manage private endpoint connections with Azure Batch accounts
+
+You can query and manage all existing private endpoint connections for your Batch account. Supported management operations include:
+
+- Approve a pending connection.
+- Reject a connection (either in pending or approved state).
+- Remove a connection, which will remove the connection from Batch account and mark the associated private endpoint resource as Disconnected state.
+
+## Azure portal
+
+1. Go to your Batch account in Azure portal.
+1. In **Settings**, select **Networking** and go to tab **Private Access**.
+1. Select the private connection, then perform the Approve/Reject/Remove operation.
+
+   :::image type="content" source="media/private-connectivity/manage-private-connections.png" alt-text="Screenshot of managing private endpoint connections.":::
+
+## Az PowerShell module
+
+Examples using Az PowerShell module [`Az.Network`](/powershell/module/az.network#networking):
+
+```PowerShell
+$accountResourceId = "/subscriptions/<subscription>/resourceGroups/<rg>/providers/Microsoft.Batch/batchAccounts/<account>"
+$pecResourceId = "$accountResourceId/privateEndpointConnections/<pe-connection-name>"
+
+# List all private endpoint connections for Batch account
+Get-AzPrivateEndpointConnection -PrivateLinkResourceId $accountResourceId
+
+# Show the specified private endpoint connection
+Get-AzPrivateEndpointConnection -ResourceId $pecResourceId
+
+# Approve connection
+Approve-AzPrivateEndpointConnection -Description "Approved!" -ResourceId $pecResourceId
+
+# Reject connection
+Deny-AzPrivateEndpointConnection -Description "Rejected!" -ResourceId $pecResourceId
+
+# Remove connection
+Remove-AzPrivateEndpointConnection -ResourceId $pecResourceId
+```
+
+## Azure CLI
+
+Examples using Azure CLI ([`az network private-endpoint`](/cli/azure/network/private-endpoint)):
+
+```sh
+accountResourceId="/subscriptions/<subscription>/resourceGroups/<rg>/providers/Microsoft.Batch/batchAccounts/<account>"
+pecResourceId="$accountResourceId/privateEndpointConnections/<pe-connection-name>"
+
+# List all private endpoint connections for Batch account
+az network private-endpoint-connection list --id $accountResourceId
+
+# Show the specified private endpoint connection
+az network private-endpoint-connection show --id $pecResourceId
+
+# Approve connection
+az network private-endpoint-connection approve --description "Approved!" --id $pecResourceId
+
+# Reject connection
+az network private-endpoint-connection reject --description "Rejected!" --id $pecResourceId
+
+# Remove connection
+az network private-endpoint-connection delete --id $pecResourceId
+```