Slow notification hub registrations - azure

I've implemented Azure Mobile App Service which uses Azure Mobile Apps .NET Server, connected it to the Notification Hub and it works.
However according to application insights my slowest calls are actually client registrations, for example:
PUT /push/installations/{installationId}
My app is deployed on azure under different resource group than notification hub. Can this be the cause?

Resource Group is just a container that holds the related Azure resources, and it would stores metadata about the resources, so the location for a resource group determines the data center for storing the metadata of the resources. Details you could follow here.
PUT /push/installations/{installationId}
This is the build-in endpoint for the mobile client to create / update the registration with the installation model. The server side code would be similar to the PutInstallation method under NotificationInstallationsController.cs.
As you commented that the data center for hosting your Notification Hub is North Europe. You need to check the location of your App Service plan for running your mobile app. Details about Azure App Service plan, you could follow here.
I would recommend you scale up your app service plan to a higher tier to check this issue. Also, you could try to make your Notification Hub and Mobile App under the same data center to narrow this issue. Additionally, you could provide the detailed comparison between the requests trace logging in your application insights for us to troubleshoot this issue.

Related

Securing and configuring Azure Service Bus for public facing webapp (using B2C) to call downstream APIs and services using AAD

Follow up to other question posted here:
Azure microservices: authenticating downstream APIs from B2C to Azure AD, how to configure AD?
All our apps and microservices are hosted in a AKS cluster.
Want to have a single webapp decoupled from other services: using a message broker seems a good approach.
How should a public-facing portal be setup to be able to push data down into a queue or endpoint
How can calls to specific API endpoints and microservices to and from the webapp be secured from the public FE?
How would this be configured in terms of authentication, app reg etc.?
Lets answer your questions one after another which you have.
The first question
How should a public-facing portal be setup to be able to push data down into a queue or endpoint ?
For this first we need to use a Web API to push data to Azure Service Bus Queue. You can create a new ASP.NET Core Web API project and install Azure Service Bus NuGet package. Check this document for the way to do it.
Then we can use Service Bus Queue trigger Azure function to read the message from the queue and the process it or store it depending on the requirement. Check Azure Service Bus trigger for Azure Functions for more information.
The second question
How can calls to specific API endpoints and microservices to and from the webapp be secured from the public FE ?
We can achieve this requirement by securing the front end using Application Gateway. We need to configure Application Gateway in front of the Web API.
Check this Configure App Service with Application Gateway document from Microsoft for more information.
Lastly, the third question
How would this be configured in terms of authentication, app reg etc.?
In this case we can use Azure Managed Identity. Managed identities provide an identity for applications to use when connecting to resources that support Azure Active Directory (Azure AD) authentication.
So, we can use Azure Managed Identities with the Azure Resources like AKS. Check this Use managed identities in Azure Kubernetes Service for more information.

Send Data from a azure webapp to 2 azure application insights in two different azure subscriptions

Hello I hope you can help me.
I have a azure webapp that is basically an api programmed in dotnet core, this is connected to an azure application insights, where we monitor the api, the problem I have is that only one person on the team has access to these two resources(webapp and app insights), basically the permission for all rest of the team is a bureaucratic management that does not end resolving.
I need the data stored in the application insights to be replicated in another insights application in a new azure subscription that we already created where all team members have access.
What can I do to solve this problem?

Is there a way for me to offload an App Service Plan to Log Analytics?

I wan to see logs of the nodes of my app service plan in Log Analytics. I DONT want to do it with app service. I need to query data of my nodes with KQL
Unfortunately, it's impossible as of now. Please vote up for this user voice: Request to manage diagnostic settings for App Service Plan from Azure portal.
I also tried from both azure portal and rest api:
From azure portal, there is no the option of Diagnostic settings for app service plan.
From api Diagnostic Settings - Create Or Update: It throws an error says that app service plan is not in the whitelist which means that it's not supported currently.
Hope Microsoft can implement this feature for service plan asap:).

Azure - monitoring resources using REST APIs

I am new to Azure and have been going through various tutorials.
I am looking specifically at Azure Monitoring using REST APIs.
What I am trying to do is get the status of various resources like Virtual Networks, AD, Load Balancers etc on a custom dashboard using REST APIs.
I have found some list of REST APIs that allow monitoring here(https://learn.microsoft.com/en-us/rest/api/monitor/)
But do they provide Resource health and Status.Also, do i have a create a new Service API Managament Resource(which is a paid resource) in the Azure Account for these APIs to run?.
Please let me know if you have any insights or reference materials on this
I don't think rest API is good for monitoring. I will suggest use Azure Monitor service under that you can use Azure resource metrics, Activity logs and service health. based on these metrics and logs you can set alert and show live data on the dashboard.
We are using Microsoft OMS for live monitoring (visualization of data) and Email/SMS for notification.
List item
Audit and receive notifications about important actions in your Azure subscription

How To Migrate Existing Azure Assets to Azure App Service

Can existing Azure assets, i.e. cloud services, notification hubs, SQL servers and databases, storage accounts and service buses be migrated to a Azure App Service? If so, how?
The Azure App Service (Mobile Service App) can use an existing Notification Hub. Using the "Push" setting, you can select a hub within the same resource group.
For Azure App Services, when you configure the notification hub for your app service, you could choose an existing Notification Hub. Note: You could choose an existing notification hub across different resource groups and under different locations. Moreover, when you add a new hub under "SETTINGS > Push" of your app service on Azure Portal, it would create a new notification hub within the same resource group for your app service and the location for the new hub would use the location of your resource group. I would recommend you follow Azure Resource Manager overview and Azure App Service plan overview for a better understanding of Resource Group and App service plan.
Can existing Azure assets, i.e. cloud services, notification hubs, SQL servers and databases, storage accounts and service buses be migrated to a Azure App Service?
For cloud services, I just found migrate an cloud services to service fabric and migrate the web application to cloud service. AFAIK, if you want to migrate your cloud services application to azure app service, you need to adjust your project and deploy it to your app service.
For SQL servers and databases, storage accounts and service buses, you just need to change the connection string for the specific services when communicating with them programmatically in your app service. Moreover, in order to reduce the latency between your app service with other azure services, you need to make sure they are in the same data center or closer to each other.

Resources