Azure Function Running in VNet Unable to Connect to Whitelisted Azure Redis Cache
I have an Azure Function that is running in a VNet within a single subnet. I've also set up an Azure Redis Cache that is publicly accessible. Initially, the Azure Function was able to communicate with the Redis Cache without any issues. However, for security purposes, I whitelisted the outbound IPs of the Azure Function in redis cache. Since then, I've been encountering a timeout issue.
Outbound Ip's of Azure function. Function App -> Properties
Subnet information (I don't have any security groups or route tables):
Method: PutKeysAsync error while inserting key: key and value: akhil, Error: The message timed out in the backlog attempting to send because no connection became available (5000ms) - Last Connection Exception: It was not possible to connect to the redis server(s). ConnectTimeout, command=SET, timeout: 5000, inst: 0, qu: 0, qs: 0, aw: False, bw: CheckingForTimeout, rs: NotStarted, ws: Initializing, in: 0, last-in: 0, cur-in: 0, sync-ops: 0, async-ops: 4, serverEndpoint: test-pr-analyzer-redis-cache.redis.cache.windows.net:6380, conn-sec: n/a, aoc: 0, mc: 1/1/0, mgr: 10 of 10 available, clientName: pd1sdwk001NH9(SE.Redis-v2.8.0.27420), IOCP: (Busy=0,Free=1000,Min=1,Max=1000), WORKER: (Busy=2,Free=32765,Min=1,Max=32767), POOL: (Threads=5,QueuedItems=0,CompletedItems=4712,Timers=12), v:
2.8.0.27420 (Please take a look at this article for some common client-side issues that can cause timeouts: https://stackexchange.github.io/StackExchange.Redis/Timeout
Please help me in fixing the issue.
Thanks in advance
Azure Function Running in VNet Unable to Connect to Whitelisted Azure Redis Cache.
Below are the reasons why the Function App may not be accessing the Redis cache.
- If you do not add all Function App outbound IP addresses to the Redis cache firewall, it won't connect.
- If you are using a Consumption plan or a Premium plan, the outbound IP address can change at any time due to autoscaling behaviour. refer the MS Doc for more details
To resolve the issue permanently, ensure you use a virtual network NAT gateway to route traffic from your Function App subnet to the Redis cache. Follow the steps below to establish the connection using the NAT Gateway.
- Create a Vnet and Subnet (In your case, you already created Vnet and Subnets).
- Create a Public IP.
- Create a NAT Gateway with same
VNetandSubnet, and select previously created Public IP at Outbound IP Section.
Once you have created the NAT gateway, the outbound traffic will go through the NAT gateway's IP address. To establish the connection between the Azure Function App and the Redis Cache, ensure that you add the public IP address associated with the NAT gateway in Redis Cache firewall.
NAT Gateway Details
Redis Cache Firewall Settings
After adding the public IP address to the Redis cache Firewall, the Function App is able to communicate with the Redis Cache.
Redis Cache result
Reference: Azure Functions networking options]
Control Azure Functions outbound IP with an Azure virtual network NAT gateway
- Parameterize runOnStartup in function.json
- Github Action Deployment of Azure Function Without Public Access from All Networks
- Can't provide NuGet package source credentials to Azure Function
- How can i put the CRON expression in a Function app parameter in the local.settings.json file?
- Deployed functions but they are not showing up in Azure Portal
- How to get the "Function Url" which is with in a Function-App deployed using Terraform?
- Azure Function App: "Exception calling ".ctor"
- How do I reference my Azure function from pytest?
- Accessing DataVerse data and running SQL statements against it from C# code on .NET 6 (Azure Function)
- Express (bodyParser) urlencoded hangs, without callback or throwing error, when running on Azure Function
- How can I access configuration, defined in `ConfigureAppConfiguration`, in `ConfigureServices`, with only the `IServiceCollection` available?
- How to get the MaxDequeueCount in the .NET function code
- Testing manually a Time Triggered Function App in the Azure Portal fails
- Why does The behavior of "replay" ensure reliable execution in Azure durable functions?
- How can we get tenant id, client id and client secret for Azure Function App?
- HttpTrigger in Isolated Azure Function creating lots of log noise
- Azure Function (Linux) ZipDeploy not working
- Does the Microsoft.Azure.WebJobs.Blob Extension generate a non Null stream?
- How to add a new function to a dotnet-isolated (net8.0) function app using Azure Functions Core Tools?
- ODBC Driver 18 Not Found in Azure Function Using Python 3.11
- azure function blog triggered eventgrid not firing using local storage development
- Missing value for AzureWebJobsStorage in local.settings.json local development in Visual Studio 2017
- Running Code in Azure Repo from Azure Data Factory
- Adding members to MS Entra Group via MS Graph API fails via Python Azure Function App
- Copy blob from one storage account to another using Azure Function written in Java
- Azure Function App - No continuous deployment setting for "Flex Consumption" hosting plan?
- Migrate from .NET 6 to .NET 8 In-process Azure function in AKS
- Deploying a python Function App where the source is in a subdirectory
- Accessing Certificate from within a C# Azure function
- Error `Can't determine project language from files.` when using Azure Functions in VSCode