microsoft azure hosted database and firewalls - azure

I am doing mobile development on Xcode and using hosted database from Microsoft Azure.
I noticed there is firewall settings on Microsoft Azure in order to add clients.
How will this work when the mobile app is deployed? Should all ports be opened on the database? Or do I need to use Web Services?

How will this work when the mobile app is deployed? Should all ports
be opened on the database? Or do I need to use Web Services?
You should definitely NOT open all ports and direct connectivity to the database from mobile apps is strongly discouraged.
Recommended way would be to use some kind of service layer sitting between your mobile app and the database. All the requests from the app should go to this service layer which will perform database operations. This service layer could be deployed as Azure Mobile App Service, Azure API App Service or a Web API hosted in Azure Web Apps Service.

Related

Why should I prefer Azure App Service over .NET REST Web API?

Why should I use Azure App Service and not just implement a common .NET RESTful Web API backend?
What's the explicit benefit of this service compared to a common .NET RESTful Web API backend hosted on Azure?
An Azure App Service is a place to host your web application or API. Normally when you have a .NET web API you host it behind IIS or something on a virtual machine.
Azure helps you with these common scenarios wit Platform as a Service (PaaS). An App Service completely abstracts the operating system and the way you host your web application.
App Service can host web apps both on Windows and Linux. You can use all kinds of frameworks such as PHP, .NET or Java. You can even host containers without worrying about the host.
A good sample to start with hosting your .NET Web App on Azure App Services can be found here: Quickstart: Create an ASP.NET Core web app in Azure
Yes, there is a huge difference between Azure App Service and .Net REST WebAPI backend on Azure.
Hosting on Azure can be done using two ways
Create your own VM, then install IIS and do all the required stuff
Use AppService Plan
AppService Plan allows you to leverage the powerful functionality of Azure. Here a separate VM is not assigned to you. Azure App service can scale automatically depending upon the Scaling rule which is not present in restful API hosted on Azure VM.
My question blatantly was a stupid Newbie question, and as such, I'm afraid it is non-sense, which I now know by the answers you've given.
I'm currently reading the book "Azure and Xamarin Forms" to learn Xamarin and Azure. Apparently it's outdated. It suggests to "create a Mobile App on Azure". From the book that Mobile App is just a plain App Service running a RESTful Web API with EF, but utilizing completely different namespaces to do so.
My question targeted towards these other namespaces. I didn't see a reason for them.
Apparently, Microsoft noticed the same. There is no "Mobile App" available in the Azure Marketplace anymore.
Azure App Service is a PaaS solution from Microsoft hosted on Azure. You can think of Azure App Service as some sort of "Micrsoft Heroku", because they work on a similar fashion. For many REST Projects, it can save you hours, if not DAYS of development. It has automatic TLS like heroku, but it is hosted on Azure instead of AWS and it can integrate very well with your existing Azure resources. One common pattern is to host the REST API on App Service and use a database service from Azure such as Azure SQL or Cosmos DB (which is a NoSQL service that, from the point of view of your app, it operates as MongoDB, but can be configured to behave as other DBMS).

Azure Hybrid Connection to API hosted on Websphere (on premise)

I have an API that is hosted on Websphere Application Server (bound to a specific port), on a Windows 2012 R2 Server (on-prem), that I would like to expose to Azure API Management in the cloud. Ideally, the plan was to use Azure Hybrid Connections. Is that even possible? How could I go about doing this?
You can setup Azure Website and use the Hybrid Connection feature to expose your API via a simple WebApi Controller.
API Management will just talk to the Azure Website. You can limit access to the Azure Website from only the Public IP address of the API Management.

Access Azure App Service RESTful endpoints from On Premise resources using VPN

I have an on premise desktop application and I need it to hit Web APIs I have living in an App Service Web App (on an App Service Plan) in Azure.
My on premise resources are connected over a site to site VPN and I was wondering if there is a way I can call these Web API services(in an app service) directly over the VPN instead of going to the public endpoint.
The "normal" App Service Plan exists in a multi-tenant environment so this is not possible. You would need to use an ASE (App Service Environemnt) to use advanced networking features like VPN and NSG.

Hosting a web application in Azure that consumes on premise web services and ActiveMQ

I'm looking at ways to host our web site in Azure. The Web application consumes on-premise web services and send/receive messages from ActiveMQ hosted on-premise. Is this possible? Any pointers will be helpful.
Short Answer: Yes, it's possible. Mixing Azure and On-Prem resources is what's called the Hybrid Cloud.
Long Answer:
You can use Azure App Service Environment to setup a Virtual Network with an Azure Web App that will allow for a VPN connection to be setup between your on-premises network and the Azure VNet. If VPN setup isn't an option of you, then you could use the Azure Service Bus Relay service to connect an on-premises WCF Web Service to the Azure Web App. Additionally, a Biztalk Hybrid Connection could be used to tunnel through the firewall between your on-premises resources and the Azure Web App. Hybrid Cloud is fully supported in Microsoft Azure and there are a few options to choose depending on which fits your needs / scenario best.
You can create a VPN on Azure, add the web site to it and then create a site to point VPN connection to add the VM that has the on-premise web service to it.
Another solution, if your web service is developed in WCF, you can use Service Bus Relay with your web service, this will make it accessible from your Azure web site.

Failover planning for Azure Mobile Services

I have an azure mobile service that is running on top of SQLAzure DB. The Database is geo-replicated. I am looking to setup a failover for mobile service in case if the primary endpoint goes down. I have looked into traffic manager but it does not support mobile service endpoints also setting up another mobile service that talks to the replicated DB not possible as the replicated copy is read-only.
What are the possibilities of setting up a failover for mobile services endpoints.
There are several mechanisms for hosting mobile APIs on Azure - Azure Mobile Services is tied to a single region, so you can't fail that over. Azure Mobile Apps is the next generation of Azure Mobile Services and is built on top of Azure App Service Web Apps - it's an extension of the work there. As a result, you can leverage all the cool features of Azure App Service for your mobile service. If you haven't taken a look yet, then take a look at migrating your service to Azure App Service Web Apps.
Once there, Traffic Manager is definitely what you want. You can read about the process of using Traffic Manager with an Azure web app here: http://blogs.msdn.com/b/benjaminperkins/archive/2014/06/02/using-traffic-manager-with-microsoft-azure-web-site.aspx

Resources