Share via

Unable to open VS Code (web) or VS Code (desktop) in AML compute with managed Vnet

Raghu Aditya Kiran Chavali 20 Reputation points Microsoft Employee
2026-04-08T20:21:41.1866667+00:00

We have allowlisted all the required hosts and domains from the troubleshooting steps. Yet, the process is infinitely stuck at "initializing VS Code server on <compute> and fails after the maximum retries saying Downloading VS Code server failed.

I am looking for AML support engineers to engage with me and help me create a non critical support request to help resolve this issue.

Azure Machine Learning
Answer accepted by question author
  1. Karnam Venkata Rajeswari 1,650 Reputation points Microsoft External Staff Moderator
    2026-04-08T21:38:45.78+00:00

    Hello Raghu Aditya Kiran Chavali,

    Welcome to Microsoft Q&A .Thank you for reaching out.

    Based on the observations, the behaviour appears to be related to restricted outbound connectivity within a Managed Virtual Network configuration, which may prevent the compute instance from retrieving the required Visual Studio Code server components during the remote connection bootstrap process.

    When a compute instance is deployed inside a secured network boundary such as Managed VNet or Private Endpoint setup, outbound access to required public repositories and service hosts becomes necessary for installing runtime dependencies used by the Azure Machine Learning VS Code remote extension.

    In such configurations, the compute instance may not have outbound internet access by default, and additional configuration is required to enable connectivity to required resources used by compute runtime components

    Please perform the following validation checks to confirm the same

    1. Verifying outbound access to required Visual Studio Code hosts -please Eesure outbound connectivity from the compute instance is permitted to the following endpoints used for installing Visual Studio Code server and extension components: • code.visualstudio.comupdate.code.visualstudio.com*.vo.msecnd.netmarketplace.visualstudio.comvscode.blob.core.windows.net*.gallerycdn.vsassets.ioraw.githubusercontent.com/microsoft/vscode-tools-for-ai/master/azureml_remote_websocket_server/*
    2. Validating DNS resolution for compute instance endpoints In Private Link or Managed VNet environments, ensure the following hostname resolves correctly within the virtual network: • *.instances.azureml.ms WebSocket communication for interactive compute sessions depends on this endpoint being reachable within the VNet boundary.
    3. Revieing network routing and outbound policies
    4. to confirm outbound HTTPS (TCP 443) traffic to required public hosts is permitted , kindly review
      1. Network Security Group outbound rules
      2. Azure Firewall policies
      3. Custom Route Tables (UDR)
      4. Forced tunneling configurations
    5. Testing outbound connectivity from compute instance Connectivity to required hosts may be validated from compute terminal using 
         curl https://update.code.visualstudio.com
      This confirms whether outbound egress required for VS Code server bootstrap is permitted.
    6. If applicable to validate proxy configuration -If outbound access is routed through an enterprise proxy, ensure proxy configuration on the compute instance allows traffic to required public repositories used by the VS Code extension runtime.
    7. Reviewing compute logs for extension installation failures - additional diagnostic information may be available within compute instance logs for VS Code server installation attempts.

    The following references might be helpful , please check them out

    Thank you.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.