question

ByronVerzmoter-0012 avatar image
0 Votes"
ByronVerzmoter-0012 asked YutongTie-MSFT commented

Deploying an ML Model to ACI with a secured workspace in a VNet

I am trying to deploy an ML model to an ACI in a VNet. I have followed the guide to setup a secure workspace, and also noted that if deploying to ACI, the container registry must not be in the same vnet.
I have deployed the container registry:

  • outside of the vnet in the same resource group

  • Allowed admin user in the CR

  • Disabled public access

  • Allowed trusted microsoft services

  • Created a private endpoint for private access for the worskpace to access (needed this for image builds on my training runs)

  • Allowed subnet delegation on the Scoring subnet for the containerGroups service as shown here


Now when I am trying to deploy the model to a container instance, I get this failure
```
Error:
{
"code": "InaccessibleImage",
"statusCode": 400,
"message": "ACI Service request failed. Reason: The image '<containerRegName>.azurecr.io/azureml/azureml_<imageHash>' in container group '<serviceName>-qcloi6KnEkOQ6CTdniybhQ' is not accessible. Please check the image and registry credential.. Refer to https://docs.microsoft.com/azure/container-registry/container-registry-authentication#admin-account and make sure Admin user is enabled for your container registry."
}
```
After speaking to the docs team where the guides address this deployment strategy (here), the only response is to use AKS. AKS won't be feasible right now for this project and the documentation seems to suggest that this is possible.


azure-machine-learningazure-container-instancesazure-machine-learning-inference
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello @ByronVerzmoter-0012

Sorry for this experience, I will accross check with product team and content team to provide a consistent solution.

Regards,
Yutong

0 Votes 0 ·

0 Answers