I have a Web App and "Resource Manager" Virtual Machine. I'm running a database on the virtual machine, and the web app is connecting to that database. Presently the web app is communicating with the virtual machine using the VM'spublic IP address. I can tell, based on logs on the VM, that the web app is using any one of its 4 outgoing public IP addresses.
I have three concerns with this approach:
- This is probably not the most efficient route. I'm possibly even paying for egress traffic?
- It's not ideal from a security perspective, the surface area of my VM on the Internet is larger than it needs to be.
- Something is causing intermittent connectivity issues between my web app and VM, I suspect it's the changing outgoing public IP route being used by the web app.
How can I communicate between the web app and VM with a route internal to Azure / Azure data center?
I think the answer is a "Virtual Network" aka VNet. But getting that configured is proving challenging. It seems like a web app can only connect to a "classic" VNet, but my VM is connected to a "version 2" VNet. Can my "resource manager" VM connect to a "classic" VNet? (I can't even find how tochange the VNet once the VM is created). Is there some way to get a web app connecting to a "V2" VNet? Can I "bridge" the two VNets?
To add a further wrinkle I'm wanting to host everything in the "Australia East" data center, but it seems like classic VNet's are only available in "Australia South East". If it turns out I have to move to "Australia South East" to accommodate my needs, that's OK.