perf: Upgrade default VM size to Standard_D2s_v5#365
Open
Ayaz-Microsoft wants to merge 2 commits intodevfrom
Open
perf: Upgrade default VM size to Standard_D2s_v5#365Ayaz-Microsoft wants to merge 2 commits intodevfrom
Ayaz-Microsoft wants to merge 2 commits intodevfrom
Conversation
Ayaz-Microsoft
requested review from
Avijit-Microsoft,
Prajwal-Microsoft,
Roopan-Microsoft,
Vinay-Microsoft,
aniaroramsft,
dgp10801,
marktayl1,
nchandhi and
toherman-msft
as code owners
Ayaz-Microsoft
temporarily deployed
to
production
GitHub Actions
Inactive
Ayaz-Microsoft
temporarily deployed
to
production
GitHub Actions
Inactive
Contributor
There was a problem hiding this comment.
Pull request overview
Updates the infrastructure templates to use a newer default Jumpbox VM SKU (Standard_D2s_v5) and refreshes related guidance/docs for SKU availability and accelerated networking requirements.
Changes:
- Switch default Jumpbox VM size from
Standard_D2s_v3toStandard_D2s_v5across main and sample Bicep templates (and the generatedmain.json). - Update VM sizing guidance comments in
virtualNetwork.bicepand troubleshooting documentation. - Add a new
vmSizeparameter mapping ininfra/main.waf.parameters.jsonintended to allow overriding VM size via env var.
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| infra/samples/network/network-resources.bicep | Updates sample jumpbox module default size to Standard_D2s_v5. |
| infra/samples/network-subnet-design.bicep | Updates sample jumpbox configuration default size to Standard_D2s_v5. |
| infra/modules/virtualNetwork.bicep | Refreshes VM size guidance comments to recommend Dsv5/Dav5 SKUs. |
| infra/main_custom.bicep | Updates default vmSize fallback to Standard_D2s_v5. |
| infra/main.waf.parameters.json | Adds env-var based vmSize override (currently introduces duplicate key issue). |
| infra/main.json | Updates generated ARM template default coalesce value to Standard_D2s_v5. |
| infra/main.bicep | Updates default vmSize fallback to Standard_D2s_v5. |
| docs/TroubleShootingSteps.md | Expands SKU-not-available and accelerated networking troubleshooting to reference D2s_v5 and overrides. |
| docs/CustomizingAzdParameters.md | Documents a new env var (AZURE_ENV_VM_SIZE) for overriding jumpbox VM size. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| | **NetcfgSubnetRangeOutsideVnet** | Subnet IP range outside virtual network address space | <ul><li>Ensure the subnet's IP address range falls within the virtual network's address space</li><li>Always validate that the subnet CIDR block is a subset of the VNet range</li><li>For Azure Bastion, the AzureBastionSubnet must be at least /27</li><li>Confirm that the AzureBastionSubnet is deployed inside the VNet</li></ul> | | ||
| | **DisableExport_PublicNetworkAccessMustBeDisabled** | Public network access must be disabled when export is disabled | <ul><li>**Check container source:** Confirm whether the deployment is using a Docker image or Azure Container Registry (ACR)</li><li>**Verify ACR configuration:** If ACR is included, review its settings to ensure they comply with Azure requirements</li><li>**Check export settings:** If export is disabled in ACR, make sure public network access is also disabled</li><li>**Redeploy after fix:** Correct the configuration and redeploy. This will prevent the Conflict error during deployment</li><li>For more information refer [ACR Data Loss Prevention](https://learn.microsoft.com/en-us/azure/container-registry/data-loss-prevention) document</li></ul> | | ||
| | **VMSizeIsNotPermittedToEnableAcceleratedNetworking** | VM size does not support accelerated networking | This error occurs when you attempt to enable accelerated networking on a VM size that does not support it.<br><br>**How to reproduce:**<br><ul><li>Create or deploy a VM (e.g., via ARM/Bicep) with size `Standard_A2m_v2`</li><li>In the network interface configuration, set `"enableAcceleratedNetworking": true`</li><li>Submit the request → Azure throws `VMSizeIsNotPermittedToEnableAcceleratedNetworking`</li></ul><br>**Resolution:**<br><ul><li>Use a supported VM size that supports accelerated networking</li><li>Check the [Microsoft list of supported VM sizes for accelerated networking](https://learn.microsoft.com/en-us/azure/virtual-network/accelerated-networking-overview#supported-vm-instances)</li><li>Alternatively, disable accelerated networking if the feature is not required for your workload</li></ul> | | ||
| | **VMSizeIsNotPermittedToEnableAcceleratedNetworking** | VM size does not support accelerated networking | This error occurs when you attempt to enable accelerated networking on a VM size that does not support it. This deployment's jumpbox VM **requires** accelerated networking.<br><br>**Default VM size:** `Standard_D2s_v5` — supports accelerated networking.<br><br>**How this error happens:**<br><ul><li>You override the VM size (via `AZURE_ENV_VM_SIZE`) with a size that doesn't support accelerated networking (e.g., `Standard_A2m_v2`, A-series, or B-series VMs)</li><li>Azure rejects the deployment with `VMSizeIsNotPermittedToEnableAcceleratedNetworking`</li></ul><br>**Resolution:**<br><ul><li>Use the default `Standard_D2s_v5`, or override with a D-series VM that supports accelerated networking:<br>`azd env set AZURE_ENV_VM_SIZE Standard_D2s_v5`</li><li>**Supported alternatives:** `Standard_D2s_v4`, `Standard_D2as_v5`, `Standard_D2s_v3`</li><li>**Do NOT use:** A-series (`Standard_A2m_v2`), B-series (`Standard_B2s`) — these do not support accelerated networking</li><li>Check supported sizes: [Accelerated networking supported VM instances](https://learn.microsoft.com/en-us/azure/virtual-network/accelerated-networking-overview#supported-vm-instances)</li></ul> | |
Comment on lines
+50
to
+52
| "vmSize": { | ||
| "value": "${AZURE_ENV_VM_SIZE}" | ||
| }, |
| | `AZURE_ENV_COSMOS_SECONDARY_LOCATION` | string | *(not set by default)* | Specifies the secondary region for Cosmos DB. Required if `enableRedundancy` is `true`. | | ||
| | `AZURE_EXISTING_AI_PROJECT_RESOURCE_ID` | string | *(not set by default)* | Specifies the existing AI Foundry Project Resource ID if it needs to be reused. | | ||
| | `AZURE_ENV_ACR_NAME` | string | `cmsacontainerreg.azurecr.io` | Specifies the Azure Container Registry name to use for container images. | | ||
| | `AZURE_ENV_VM_SIZE` | string | `Standard_D2s_v5` | Overrides the jumpbox VM size (private networking only). Default: `Standard_D2s_v5`. | |
| | **InsufficientQuota** | Not enough quota available in subscription | <ul><li>Check if you have sufficient quota available in your subscription before deployment</li><li>To verify, refer to the [quota_check](../docs/quota_check.md) file for details</li></ul> | | ||
| | **MaxNumberOfRegionalEnvironmentsInSubExceeded** | Maximum Container App Environments limit reached for region |This error occurs when you attempt to create more **Azure Container App Environments** than the regional quota limit allows for your subscription. Each Azure region has a specific limit on the number of Container App Environments that can be created per subscription.<br><br>**Common Causes:**<br><ul><li>Deploying to regions with low quota limits (e.g., Sweden Central allows only 1 environment)</li><li>Multiple deployments without cleaning up previous environments</li><li>Exceeding the standard limit of 15 environments in most major regions</li></ul><br>**Resolution:**<br><ul><li>**Delete unused environments** in the target region, OR</li><li>**Deploy to a different region** with available capacity, OR</li><li>**Request quota increase** via [Azure Support](https://go.microsoft.com/fwlink/?linkid=2208872)</li></ul><br>**Reference:**<br><ul><li>[Azure Container Apps quotas](https://learn.microsoft.com/en-us/azure/container-apps/quotas)</li><li>[Azure subscription and service limits](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/azure-subscription-service-limits)</li></ul> | | ||
| | **SkuNotAvailable** | Requested SKU not available in selected location or zone | You receive this error in the following scenarios:<br><ul><li>When the resource SKU you've selected, such as VM size, isn't available for a location or zone</li><li>If you're deploying an Azure Spot VM or Spot scale set instance, and there isn't any capacity for Azure Spot in this location. For more information, see Spot error messages</li></ul> | | ||
| | **SkuNotAvailable** | Requested SKU not available in selected location or zone | This error occurs when the resource SKU you've selected (such as VM size) isn't available for the target location or availability zone.<br><br>**In this deployment**, the jumpbox VM defaults to `Standard_D2s_v5`. While this size is available in 60+ regions, certain regions or zones may not support it.<br><br>**Resolution:**<br><ul><li>**Check SKU availability** for your target region:<br>`az vm list-skus --location <region> --size Standard_D2s --output table`</li><li>**Override the VM size** if the default isn't available in your region:<br>`azd env set AZURE_ENV_VM_SIZE Standard_D2s_v4`</li><li>**Recommended alternatives** (all support accelerated networking + Premium SSD):<br>- `Standard_D2s_v4` — previous gen, identical pricing<br>- `Standard_D2as_v5` — AMD-based, similar pricing<br>- `Standard_D2s_v3` — older gen, widely available</li><li>**Avoid A-series VMs** (e.g., `Standard_A2m_v2`) — they do not support accelerated networking or Premium SSD, which are required by this deployment</li></ul><br>**Reference:**<br><ul><li>[Resolve errors for SKU not available](https://learn.microsoft.com/en-us/azure/azure-resource-manager/troubleshooting/error-sku-not-available)</li><li>[Azure VM sizes - Dsv5 series](https://learn.microsoft.com/en-us/azure/virtual-machines/sizes/general-purpose/dsv5-series)</li></ul> | |
Ayaz-Microsoft
temporarily deployed
to
production
GitHub Actions
Inactive
Ayaz-Microsoft
temporarily deployed
to
production
GitHub Actions
Inactive
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Purpose
Does this introduce a breaking change?
Golden Path Validation
Deployment Validation
What to Check
Verify that the following are valid
Other Information