I have an old legacy application listening to some tcp ports and written in visual c++ and strictly bound to run on windows.
On Prem the application is running fine within a windows server core container. But now I have to deploy this container to azure. Azure in turn does not support windows container to connect to a vnet. Why? Where is the limitation? Are there any work arounds to run windows containers (server core) within a vnet in azure? I dont want and due to policies I am not allowed to use a public ip since the service is internal only.
Thanks in advance
Currently, only Linux containers are supported in a container group deployed to a virtual network. See limitations. As a workaround, you can run Windows containers on an azure VM or on the Azure app service for windows.
On the Azure VM, it works as the on-premise server as usual. You don't need to expose it with public Ip address, instead, you can access it with a VPN connection or Azure bastion host.
On the Azure app service, you can set up Azure App Service access restrictions for the incoming traffic and set the VNet integration to restrict the outgoing traffic from your app service in a VNet. Even you can use a VPN connection to route the traffic to your on-premise network.
Note that Windows Containers on the Azure app service is limited to Azure Files and does not currently support Azure Blob. Azure VM might be a better choice.