When Microsoft rolled out the original App Service Plans the recommended subnet size was 64 addresses (aka /26). The ASEv1 series was limited to 50 worker process (minus update domain overhead, etc). With the introduction of ASEv2 they now support up to 100 worker processes so naturally the question is do you need to use larger subnets - and the answer is yes.
In an ASE environment each App Service Plan (container of apps) is equivalent to 1 worker which is really a VM. Each worker consumes 1 IP address and even if you follow the general guideline of leaving 20% or more free capacity for scaling and other events that still puts you in the ball park of 80 IP addresses. On top of that, the ASEv2 consumes 7 IP addresses (with an ILB) between the hidden front end servers, file servers, and fault tolerant instances of small/med/large images. And if you're running in a multi-tenancy configuration you'll consume even more IPs depending on how many IP addresses you attach to it.
If you're never planning on exceeding more than say ~30 app service plans in your ASEv2 then you can probably get away with a /26 but you're doing so knowing that you're risking scaling or capacity issues down the road. But if you really want to cover your bases properly use a /25 (128 IP) subnet.
Friday, December 8, 2017
Subscribe to:
Posts (Atom)