We're planning an architecture where asp.net websites must communicate with microservices.
The plan is to hos this in Azure, with the Website being an Azure ASP.NET Website and the microservices in Kubernetes/docker containers.
I was thinking kubenet was the way to go, so that a number of microservice instances could be spawned on demand without the need for the website to know about this, but it seems like VM-Kubernetes connectivity is not supported unless initiated by the Pod, or am I misunderstanding something?
https://learn.microsoft.com/en-us/azure/aks/concepts-network#azure-virtual-networks
You can add VM in the same Virtual Network as Kubernetes Cluster. And provide private Ip to Kubernetes services using
annotation "service.beta.kubernetes.io/azure-load-balancer-internal: "true"
and VM So they can communicate with each other.
Related
I have a simple Service Fabric Mesh application with two microservices. When I deploy it I get public IP and I can access services.
What I would like is to wrap that Mesh application with Azure API management and restrict access to Mesh application. In other words, I would like to be able to use microservices only through API and disable direct access to them.
One idea is to put Mesh application and API into Virtual Network and add Application Gateway that will be visible public.
But I do not know how to put Mesh application into VNet.
AFAIK, you can't.
According to the docs, the ingress is designed to forward traffic from one network to another.
The current gateway only accept "open network(internet)" as source network(ingress).
In the future, it will accept calls from networks owned by you or within the cluster, where you can host your application gateway and forward the calls to the gateway, but is not something available at moment.
I have a App service hosted in Windows Azure in a region. When there are some issues with Azure servers in the hosted region, the app service goes down and the users are unable to see the website.
I would like to know if there is a way to geo-replicate the app service so that if the servers are down in 1 region, the website should automatically redirect it to a different server?
You can geo-replicate your app service by using Azure Traffic Manager service, which allows you to control the distribution of user traffic to your service endpoints running in different datacenters around the world.
As of today, Azure Traffic Manager provides 3 ways for routing the traffic: Priority, Weighted and Performance. For what you're looking to accomplish, I believe you would want to choose Priority routing method.
To learn more about how you can make use of this service to make your app service highly available, please see this link: https://azure.microsoft.com/en-us/documentation/articles/app-service-app-service-environment-geo-distributed-scale/.
This is an old entry but I thought I'd chime in after working with Azure for a few years.
If your statement "When there are some issues with Azure servers in the hosted region" is referring to transient outages, what you might be experiencing is your App Service Plan instance transitioning. Microsoft regularly moves ASP instances to new machines for reasons that make sense to them. Likely this is to load balance hardware or apply patches to the underlying VMs that host app services.
It has been my experience that when the ASP instances are moved, the new ASP instance needs time to warmup the app services hosted on it. If your ASP is configured with only 1 instance, your app service will be unreachable during this time.
If on the other hand, you configure your ASP with a minimum of 2 instances, Microsoft will synchronize the moving of the instances so that at least 1 remains up and available while the other is being moved.
Of course running a multi instance ASP requires your application to either be stateless or built using a session provider other than the default .Net "In Memory" session provider. CosmosDB for instance.
Every major service in OpenStack has an API service as endpoint for clients to access, eg. openstack-nova-api, openstack-glance-api etc. But for every major service, there are other minor services like openstack-nova-scheduler, openstack-nova-conductor etc. these services are suggested to be deployed on other nodes rather the node where API service is running to get some kind of isolation.
My question is how openstack-nova-api knows where the real services(openstack-nova-scheduler/openstack-nova-conductor) are running, how they communicate with other? When openstack-nova-api got a new request, how does it distribute it to the real services which can process and send back the results?
Internal communication between OpenStack modules is done through the AMQP message queue, typically managed by RabbitMQ.
I hosted some WCF Services on my client machine and this machine is connected to internet through any DSL. So, there is no live IP or any other static IP associated with it. Now, I want to utilize these WCF Services on my webpages through Asp.Net.
I need to ask, is this possible to access WCF services hosted on a machine which is connected through simple internet?
Few other things to keep in mind that, client (WCF services hosted) and server (Asp.Net pages hosted) in totally different domain. But, I know client machine IP or MAC address.
You can use services like www.dyndns.com to setup something like that.
We have two servers, both are containing a local application connecting to local web service, applications and services are identical on both servers.
One of the servers work just fine,
The other one is just dead, I have impression the the security configuration are different on those servers.
What prevents an application X from connecting a web-service, given that another application y on the same server can connect to it. and X is a windows service.
What I should check, what is chances?
Thanks
Check if there is any firewall that might need to some ports opened up.
Could there be any kind of AntiVirus or similar set up on one of the servers?
Basic troubleshooting of loosely-coupled applications means independent testing/verification of those services.
Can you access the web service locally through a different application, i.e. a web browser? If you can't reach the service through the browser, then the server configurations (at some level) are not identical.
Only after you're certain the service is reachable should you look into issues with the windows service.