When I setup my DevTest Lab, I created a private virtual network (with private address subnet assigned to it) and then created a Gateway with a single public IP. The gateway works perfectly and we can use it to connect to VMs created within the DevTest Lab.
However, more and more we're starting to get the following message when trying to create new VMs attached to said network:
Cannot create more than 10 public IP addresses for this subscription in this region
I understand what the message means. However, as the VM is being attached to a private network, I don't see why I am getting this message. I've already double checked the subnet that we're using and all of the public IP Address options (both dedicated and shared) are disabled. And when creating the VM, I've confirmed that I'm selecting the right virtual network and the right subnet.
All the VMs we deploy in the lab go into the same Resource Group, and there's only one Public IP object in there, which should prove that other VMs successfully did not get a Public IP Address.
Does anybody have any ideas why I'm getting this message ? Or how I can troubleshoot it further ?
I couldn't picture your Lab's exact configuration, but you seemed to have hit one of the Public IP address limits for your Subscription. I wonder if you happened to cross-check the Azure Portal to find those 10 Public IP address resources provisioned.
When you create a lab, it's created in a subnet of a virtual network. In order for all of your lab VMs to share the same Public IP address, you have to enable the option Enable shared public IP to Yes (this is anyway the default setting for new labs). You could explicitly also set the Allow public IP creation setting to No to disallow lab users to create a new public IP address when they create a lab VM. This configuration creates one public IP address for the entire subnet.
As a Lab owner, you can change this subnet policy to ensure that no one accidentally creates public IP addresses for their VMs. Or, the subscription owner can create a subscription policy preventing public IPs from being created.
For more information about configuring virtual networks and subnets with Azure DevTest Labs, check out the following resources: