0

I created Databricks workspace using Azure CLI:

az databricks workspace create 
    --name myprj-t-dbx
    --location canadacentral
    --resource-group rg-myprj-t
    --managed-resource-group myprj-t-dbx-mrg 
    --sku Premium
    --private-subnet /subscriptions/2208da08-xxxxxxxxxxx27/resourceGroups/rg-da-t-vnet/providers/Microsoft.Network/virtualNetworks/da-t-vnet/subnets/myprj-dbx-priv-t-snet
    --public-subnet /subscriptions/2208da08-xxxxxxxxxxx27/resourceGroups/rg-da-t-vnet/providers/Microsoft.Network/virtualNetworks/da-t-vnet/subnets/myprj-dbx-publ-t-snet

The subnets are created in advance by our network engineers. They want me to use private endpoints on vnet to connect to the workspace. When I try to create it (using a third subnet):

az network private-endpoint create 
    --name myprj-t-dbx-pep
    --connection-name myprj-t-dbx-pepc
    --private-connection-resource-id /subscriptions/2208da08xxxxxxxxxx27/resourceGroups/rg-myprj-t/providers/Microsoft.Databricks/workspaces/myprj-t-dbx
    --subnet /subscriptions/2208da08-xxxxxxxxxxx27/resourceGroups/rg-da-t-vnet/providers/Microsoft.Network/virtualNetworks/da-t-vnet/subnets/myprj-t-snet
    --group-id web
    --resource-group rg-myprj-t

I get:

ERROR: (NonVNetInjectedWorkspaceNotSupported) Call to Microsoft.Databricks/workspaces failed.
Error message: The workspace 'myprj-t-dbx' is not custom VNet injected. 
Currently only custom VNet injected workspaces can create private endpoint connection
DejanS
  • 96
  • 9

2 Answers2

0

I think that you're missing the --vnet argument to the az databricks workspace create. You need to provide name of the VNet as well.

P.S. I would also recommend to pass --enable-no-public-ip to avoid having public IPs for the cluster nodes

Alex Ott
  • 80,552
  • 8
  • 87
  • 132
  • When vnet param is missing, the error is that vnet is missing. In this case I am using resource id for subnet which contain reference to vnet and then param vnet is not required. – DejanS Dec 06 '22 at 22:00
0

I've changed the way that I am creating Databricks workspace. Instead of regular Azure CLI that creates workspace

az databricks workspace create...

I've used a template with VNet injection from https://rajanieshkaushikk.com/2020/12/05/how-to-deploy-databricks-in-your-private-vnet-without-exposing-public-ip-address-vnet-injection/
also using CLI:

az deployment group create 
  --name DatabriksVNetInj
  --resource-group rg-myprj-test
  --template-file ./Databricks-ARM/azuredeploy.json
  --parameters workspaceName=myproj-t-dbx...
DejanS
  • 96
  • 9