11-12-2023 02:49 AM
I am using Unity Catalog to store my models. My Unity Catalog meta-store is hosted in an Azure Storage Account, which has public network access disabled. Access is restricted to certain IP ranges and private endpoint connections only.
Recently, my development team has noticed that the signatures of the models are inaccessible, although we can access every table, volume, etc., using the Private Endpoint connected to the Storage Account. Interestingly, if I open the Storage Account to the public network, the model signatures become accessible. Could you please explain why all folders within the Unity Catalog meta-store are accessible except for the 'models' folder?
11-12-2023 12:55 PM
This exception from mlflow when downloading artifact
01-02-2024 03:03 AM
Hello, your moderators are deleting my previous replies, that's funny something is not working properly, i am trying to find out the solution but you are deleting the posts.
So, the issue is with a networking for sure, not with the permissions. Where can i raise a ticket? This is critical issue for my team, we have to disable public access to Storage Account.
Cheers
12-21-2023 01:23 PM
We are facing the same issue. We can’t reconsider security setup since that is enforced by IT security. Does anyone have suggestions on how to resolve this issue so we can save and access the signatures from models stored in UC?
01-12-2024 10:28 AM
I have the same problem. It must be a permissions issue. In my case, it happens when the models are under a schema that was created without indicating a specific "MANAGED LOCATION". In those cases, I also have problems trying to load a model. When the models are under a schema created with a particular "MANAGED LOCATION" all works ok for me.
02-28-2024 03:36 AM
Fair point, what if i don't want to use External Locations for Schemas where models will be stored? Why default Metastore location does not allow accessing signatures.
3 weeks ago
Experiencing the same problem, when calling
2 weeks ago
Got issue fixed:
The issue was with Private Endpoint: we had PE with dfs sub-resource only, but mlflow uses blob, so when I created PE with blob sub-resource - the issue was fixed. (also blob DNS zone and network link is needed)
Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you won’t want to miss the chance to attend and share knowledge.
If there isn’t a group near you, start one and help create a community that brings people together.
Request a New Group