Deployment issues for new customers

Currently, all new-customer deployments are non-functional. Existing customers deploying into a new region are also affected. See Known Issues for updates.

Known Issues

List of known issues in the latest release of NGINX as a Service for Azure

System Assigned identity does not work. (ID-2539)

Support for System Assigned Managed Identity has not been fully enabled yet. Please use User Assigned Identity instead.

New customer deployments failure (ID-2533)

Due to a known issue caused by a networking regression, creating deployments will fail for:

  • new customers
  • existing customers deploying in a new region

Users will see the following error message: timed out waiting for instance to connect

The root cause is a regression in the registration process for activating the necessary Azure networking features for a subscription in a region. If you’ve received this error message when creating a deployment, raise a support ticket with your subscription id and desired azure regions, and we’ll apply a mitigation which will allow subsequent attempts to succeed.

The issue is currently being investigated by the NGINXaaS and Microsoft teams. We will update with further info by 2022-11-28.

Deployment responsiveness takes approximately 5-10 seconds. (ID-872)

When creating a new deployment or exposing a new port for traffic, there might be a lag time of 5-10 seconds, during which the Azure Load Balancer does not recognize the new ports, thus preventing making new connections to the NGINX deployment.

Workaround: Wait 5-10 seconds to make requests, or make multiple requests to the instance with low connect timeout times after creating a new deployment or exposing a new port to the deployment (80/443) for the first 10 seconds after the deployment reaches the Completed state.

NGINX config allows only files mapped to an include directive. (ID-1335)

Files not listed with an include directive get an API 400 error response. NGINX configuration files are accepted if their filename matches an include directive using a glob pattern/mask (e.g. include conf.d/*).

NGINXaaS SKUs have random suffixes in the Azure Marketplace. (ID-1598)

Due to Azure Marketplace limitations, NGINXaaS for Azure SKUs have a random suffix.

Workaround: When creating deployments via ARM templates, the correct SKU to use is publicpreview_Monthly_gmz7xq9ge3py.

NGINXaaS for Azure charges do not render correctly in the Azure Portal cost center. (ID-1660)

NGINXaaS for Azure resources appear with a random suffix, and clicking the link does not lead to the NGINXaaS for Azure resource overview page. The charge details show “Unassigned” for all fields, but the charge amount is accurate.

Configuration update will not succeed with a failed certificate. (ID-1545)

If a configuration update request uses a certificate that is in failed provisioningState, the configuration update is rejected.

Workaround: Update the referenced certificate before updating the configuration. Make sure the certificate provisioning is successful and retry the configuration update.