Little background....
We are already using IIS server 7.5 for our .Net web applications. Now we are developing WEB API in nodejs and wants to deploy the same on the existing Production infra.
Is is possible to use port 80 for both IIS and Nginx?
One of the possible solution I think will work is to have two public IPs configured on the LIVE infra and ask each server ie IIS and Nginx(nginx as proxy for node app) to listen to port 80 for http and 443 for https of respective public IP.
Note : I do not wish to use IIS url rewrite to forward request from IIS to nginx or vice versa.
Would appreciate if you guys can point me to right direction
Thanks
Related
hopefully someone can help me.
This is the scenario I want to implement:
Server A has IIS installed and hosts a web app "mysite.com" and some web apis.
Server B has a .NET Core Web API hosted as a Windows Service.
When a client makes a request to a specific port like "mysite.com:9091/api/get-value"
I would like for IIS to re-route that call with same payload to server B on "myapi:9091/api/get-value" through HTTP.
The reason I want to do this is because We have authentication and certificates already configured on Server A, and also we want all incoming requests to go through the main site.
I have been reading on reverse proxy with IIS, and it would seem to be what I need, but it's not clear if the hosted app that will be running under Kestrel must be on the same physical machine as the IIS Web Server (i.e. Server A), or I can re-route to whichever other server I want, as long as it's on same network.
Any thoughts will be appreciated.
Hopefully my question is clear enough, otherwise please do let me know and I'll try to rephrase.
It is not necesarray to have both kestrel and iis on same server.
You could use the iis URL rewrite rule and reverse proxy to forward the request to the Kestrel server:
https://techcommunity.microsoft.com/t5/iis-support-blog/setup-iis-with-url-rewrite-as-a-reverse-proxy-for-real-world/ba-p/846222
Host ASP.NET Core on Windows with IIS
https://learn.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel?view=aspnetcore-3.1
I deplyoed my nodejs application on a AWS server with windows server as OS. The application is a simple express server running on https port 443. The application is accessible through localhost, but I can access the app through public IP.
Here are a few things I tried:
IIS with urlrewrite like so (https://dev.to/massivebrains/deploying-node-express-app-on-a-windows-server-2l5c)
iisnode
I am still not able to access my app. I setup up inbound rules in my firewall for the port and nodejs itself.
The issue was simply in my security group. I had set up the IP addresses I was expecting, but one was missing. It is working now.
I have a containerized Docker ASP.NET Core application created with
mcr.microsoft.com/dotnet/core/runtime:3.1.3-alpine
When launched the only reference to the port is this ENV variable from the base image
ASPNETCORE_URLS http://+:80
I deployed the app to Azure, setuped the registry and created a new Web Application.
I setup the TLS/SSL settings for working with https only.
Everythings works.
Question:
I want to know how this is possible since I don't config the certificate on my container, I suppose the Kudu service (the reverse proxy) rebind the 443 port to the 80 of the container. Is this true ? The plain http traffic between Kudu and the container on port 80 can cause a possible security hole ?
If I deploy a container with NGINX as a reverse-proxy for ASP.NET Core I must configure the TSL/SSL into NGINX ? On ASP.NET Core ? None at all ?
I want to understand how Kudu, NGINX, and the reverse proxy in general works with and without SSL/TSL
With a Reverse Proxy the client never connects to the HTTP server in your application, in your case Kestrel. The connections you get are requests coming from the Reverse Proxy, and you send your responses back to the Reverse Proxy. Most HTTP stuff is copied from the incoming client request and passed along to your application, but the Reverse Proxy can terminate the SSL tunnel, offload the Authentation, and perform other request transformations.
I seem to miss somehting really obvious.
Anyways, i am developing a ReactJs web app and use nodejs (browser-sync) to host a simple web server for testing on localhost. Everything's working fine.
As for the server side i have a REST Service hosted in ASP.NET WebAPI.
I want to keep the urls in the web app relative for deployment reasons (because then it doesn't matter what the hostname is, as long it's running on the same domain).
I know out of experience that it's possible to host a self hosted ASP.NET WebAPI and a Web Application in IIS Express (at least in different paths) at the same time.
But now when i start browser-sync (which uses node http server internally as far as i can tell) and then WebAPI service host, the service host tells me it can't host on this url.
When i start it the other way around, browser-sync automatically increases the port so that it's on the next free port.
Does somebody have experience with it?
EDIT:
My question maybe in a more general sense: How do you develop web apps that are hosted on a local web server (in my case via nodejs) against a local running web service? And do you use relative URLs in your web app? Which leads to the problem that the service and the web have to run on the same server
I solved my problem like this:
ASP.NET WebAPI hosts under a different port then the nodejs web server
I set up a proxy in nodejs webserver for all urls starting with '/api/' and proxy these requests to the WebAPI port
I can use relative URLs in my client
I am curious to understand how IIS 7.5 Reverse Proxy is implemented in Rewrite Module (v2).
I am planning to setup a website that will handle proxing between requests coming from users (internet) and my HTTP services that are deployed on the same server. I have setup a website within IIS and configured the reverse proxy logic. I've then setup another website on the same server and deployed all my WCF REST services there. I am planning to implement IIS offloading, common tasks (such as authentication, etc) on the reverse proxy website before the request gets to the actual services (like WCF routing service for SOAP). Configuration is working perfectly fine.
However I am trying to understand the implications of this setup. When IIS does reverse proxing, does it create a new HTTP request (and a new TCP port) between those two websites? And even if both sites are on the same server? Should I expect number of TCP connections opened on this server to get doubled when reverse proxy is used?
Furthermore, has anyone experienced any performance/resource issues with a similar setup?
Cheers,
OS