As my colleague Rene van Osnabrugge wrote about on his blog original post it is possible to run your Azure DevOps agent on Azure Container instances (ACI). At Ignite 2018 Microsoft announced virtual network integration for Azure Container Instances. So now it is possible to use a ACI based Azure DevOps agent to deploy into your private network. This post explains the extra things you have to do to make this possible.
Setting up your virtual network
Start by creating a virtual network if you do not have a vnet yet. This can be done using the Azure Portal or the the Azure CLI. With the CLI it can be done using the following command:
az network vnet create -g resourcegroup -n vnetname
after the virtual network is created we have to create a subnet where our Azure DevOps agents will be deployed. This subnet has to have the delegation for Azure Container Instances. Create the subnet using:
az network vnet subnet create -g resourcegroup -n subnetname –vnet-name vnetname –address-prefix subnetprefix –delegations Microsoft.ContainerInstance.containerGroups
After creation the subnet should look like this in the Azure Portal 
.
Deploy your private Azure DevOps agent
Now that the network infrastructure is ready it is time to deploy our Azure DevOps agent. Deploy it to Azure using the Azure CLI.1
az container create -g <resoursegroup> -n <aciagentname> --image microsoft/vsts-agent --vnet-name <vnetname> --subnet <subnetname> --environment-variables VSTS_ACCOUNT=<vstsaccountname> VSTS_POOL=<vstspoolname> VSTS_TOKEN=<PAT> VSTS_AGENT=<Agent-Name>
After a while the agent should show up inside Azure DevOps.
and inside of Azure