cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Product Platform Updates
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

We are opening additional ports for Azure Databricks

AlexEsibov
New Contributor III
New Contributor III
‎03-28-2024 01:58 PM

Background: To improve scalability and enable new features, the Azure Databricks control plane will communicate with the classic compute plane over 10 new ports.

We’ll be updating your existing network security groups (NSGs) used for the public and private subnets of your VNet injection workspaces with an additional rule to allow outbound traffic to the Azure Databricks control plane over 10 new ports: 3306 and 8443–8451. Existing security rules already allow outbound traffic over port 443 for VNet injection workspaces and, for back-end private link workspaces, port 6666. 

Action:

We'll open the new ports on your behalf, and most customers won’t need to take any action. However, if you have existing rules that disallow these ports, you may need to update these rules before this date.

  • If you have existing VNet injection workspaces, you’ll need to ensure that no NSGs on your public and private subnets block the new ports. 
  • If you use back-end private link, ensure that no NSGs on your private endpoints block these ports.
  • Ensure no firewall rules block these ports. 
  • Note that the NSG rules that Azure Databricks auto-provisions have been replaced with equivalent rules with custom names, duplicate rules may be created. This won't affect functionality.

If there is a rule blocking these ports at the time Databricks pushes this update, the update will fail. However, in this event, workspaces will continue to function properly for existing features. You will know that the update failed if the NSG does not have the new ports explicitly included after date of the change.

Timeline:

  • For existing workspaces, we will open the new ports on June 3, 2024
  • For new workspaces, we will open the new ports on July 1, 2024. Ensure any workspace creation automation is also updated by then. 

In both cases, please allow up to 2 weeks for the change to rollout to all regions.

If you are not the admin responsible for network connectivity to Azure Databricks, please forward this email to that person.  If you have questions, get answers from community experts in Microsoft Q&A. If you have a support plan and need technical help, please create a support request

0 Kudos
Contributors
Popular Articles