I am using Application Insights to track my user location, but I run into this error:
running my code locally works fine, but as soon as I deploy my application on Azure, my user location is always the same as the server location.
I look around for a solution, but can't find any clear solution.
Anyone any idea?
Thanks a lot!
There are two different things here:
If your service / application is instrumented with AI and hosted on Azure then and if you see the incoming request on that service you should see the IP address of the client when you look into the details on analytics portal.
If your service sends telemetry data using some track() API then that would ofcourse get the ip of the location where the service is deployed.
So it depends on what you are looking at.
Most likely your server sits behind a reverse proxy and needs forwarded headers.
Try this in your startup:
app.UseForwardedHeaders(new ForwardedHeadersOptions{ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto});
Related
I have an Azure App Gateway connected to 3 different App Service apps all running as part of the same App Service Plan (3 different back-end pools). In the Backend Health section of the AG, one of the app/pool is constantly flipping between Healthy and Unknown states. I have checked the entire network configuration according to this article and everything seems to be configured properly.
I have configured ip restrictions on the app services according to this article specifying the subnet the AG resides in as allowed. I have also temporarily allowed my ip address and every time the health for the 1 app goes to "unknown", I am still able to access the app service using its native .azurewebsites.net url locally on my machine.
Any ideas how I can troubleshoot this?
Please check if below points help to work around the issue.
As a workaround initially,try to restart the application gateway after the backend is deployed .
Also check this discussion on github issue
Sometimes Appgateway will cache the response indefinitely and the fix
maybe "Dynamic DNS" which ensures that the "no existing domain" is not
cached on the Appgw.Also check for the fix using v16.
Also check this > similar issue which says to use custom domain names as the request looks for some domain.
Hello i was wondering if someone could answer this question for me:
Is there a way for me to view logs of incoming requests and their IP Addresses.
Here is the scenario:
We have multiple host machines that every 5 minutes submit data into our .NET Web Application via a simple MVC controller. One of the machine's configuration is pointing to a correct domain, but the wrong controller name.
So every 5 minutes this generates a 404 error on Azure Portal. I would like to identify which machine is configured wrongly by identifying the IP Address of the incoming request that is causing this issue. We are running .NET web application with 12 VM Instances and I have checked the ApplicationInsights/Logs section, but can not find any references to the IP Address.
Any way to track it via Azure Portal site ?
Thanks in advance.
As long as the Application Insights .NET or .NET Core SDK is installed and configured on the server to log requests, you can create/update an Application Insights resource on Azure that shows the client's IP address.
You may currently be seeing the IP 0.0.0.0 in logs, which is the default:
This behavior is by design to help avoid unnecessary collection of personal data. Whenever possible, we recommend avoiding the collection of personal data.
From the same article you can see the setting to configure as follows (shortened for brevity).
{
// ...
"properties": {
// ...
"DisableIpMasking": true
}
}
After this setting is configured, logs will begin showing with the client ip addresses when queried in Application Insights.
I have Azure App Services behind the Azure Application Gateway/Firewall. There are few application that talks between them. Does that applications talk internally(using xxx.azurewebsites.net) or they talk with public domain(mydomain.com)?
Also, how to check these things in logs.
Current configuration:
HTTPSettings: Pick hostname from the backend address has checked.
Probes: pick hostname from backend https settings has checked.
To answer your question, No if your applications are inside azure's network, it usually wont go through the public domain. But it will go through the firewall/gateways and follow the same networking restriction you have defined.
What logs you want to check? if you want to see the application event logs you can do it using scm. You can access it via Diagnostics/Advanced Tools in your azure app services.
You can enable Access Logs in the Application gateway to see all the request that hits Application Gateway. It has the hostname field where you can check how the site is being accessed.
Let me know if you have any further questions.
Hi, I am trying to configure a basic traffic manager on my azure account. But I always got 404 not found when I using the traffic manager URL.
I have two app service for the TM endpoints:
1. xxxus.azurewebsites.net
2. xxxeu.azurewebsites.net
TM Url is:
xxxtm.trafficmanage.net
I was able to use www.whatsmydns.net to check what the tm is heading to.
But when I use the TM url, I got this:
Did anyone has the same issue? Looking forward to your help
Thank you
I ran into the exact same thing and just found the solution - the app service plan needs to be at least a standard SKU. I was using a free tier, and that was causing my 404.
From Microsoft's Traffic Manager documentation:
Only Web Apps at the 'Standard' SKU or above are eligible for use with Traffic Manager. Attempts to add a Web App of a lower SKU fail. Downgrading the SKU of an existing Web App results in Traffic Manager no longer sending traffic to that Web App.
Currently, you could not add web apps from different subscriptions to the same traffic manager configuration since It is not possible to use Web Apps from multiple subscriptions with the same domain name. Refer to this. You can check this on your side. If so, you can remove one website from your endpoint, then add the website to the same subscriptions.
Moreover, the 404 error always happen due to the domain name could not be resolved by its IP address. It may be one of the following reasons:
The custom domain configured is missing an A record and/or a CNAME record.
The browser client has cached the old IP address of your domain. Clear the cache and test DNS resolution again. On a Windows machine, you clear the cache with ipconfig /flushdns.
You can follow the quickstart to create a Traffic Manager profile, then follow this to verify your traffic manager settings.
I encountered similar issue. My problem is one of my app service is a free tier, so I scaled it up to standard one. And delete my traffic manager and reinstalled and add the service endpoint again, the issue gone.
It's strange. Nslookup will take you to the right web app but the browser will show 404. Changing the app service plan to 'Standard' SKU fixed it for me.
I deployed a sample "WordCount" Azure sample to service fabric cluster. I see that both the service: fabric://wordcount/WordCountService and fabric://WordCount/WordCountWebService are running OK, however, when I try to access the app from browser with below URL, the app does not come up.
http://tenantname.southcentralus.cloudapp.azure.com:19080/wordcount
NOTE: On local SF cluster, it comes up perfectly fine: http://localhost:8081/wordCount
Does anyone ran into same issue and able to resolve. Any help will be appreciated.
Thanks.
Nick
19080 is used by SF Explorer (the management web UI), so when you access the app, use it's own port, like you did locally with 8081.
Update to answer follow-up question from comments:
For the Word Count sample, the default port is 8081, see here:
https://github.com/Azure-Samples/service-fabric-dotnet-getting-started/blob/master/Services/WordCount/WordCount.WebService/PackageRoot/ServiceManifest.xml#L25
You can check the port in Service Fabric explorer, like so:
I found the solution of this issue: I needed to setup the load balancer rule so that external request is mapped to the Azure SF's internal TCP port. Appreciate much Itaysk for looking into it.