I am trying to use Azure Traffic Manager (GTM) to geographically distribute load to function apps in each region.
I have tried adding an 'app service endpoint' and an 'external endpoint' (including adding the GTM name as a custom CNAME to the function app), but both result in "Error 404 - Web app not found.". The custom CNAME also never adds correctly.
According to the last comment on this post, the ability to do this should now be supported:
Setting up a custom domain with an Azure Function app
I am unable to comment back on the post as I am a new user.
I have tried adding an 'app service endpoint' and an 'external endpoint' (including adding the GTM name as a custom CNAME to the function app)
Azure Traffic Manager is only eligible for use with App Services at the 'Standard' level or above as mentioned here. If your function isn't host in an app plan at the 'Standard' level or above, Azure Traffic Manager will not work.
If you are not using 'Standard' or higher level app plan, Azure Functions Proxies would be a workaround for you. Please check following thread which discuss the similar problem.
Azure Functions Traffic Manager
Here is the quick reference from the answer provided by Dakota Kincer.
So the answer I arrived to after Traffic manager didntsupport Azure functions was to overall build 3 Azure functions. I built an East and a West that has my azure function code on it. Then I built a main Azure Function that has 0 code. It only has Azure proxies on it that route to my 2 other Azure Functions. The route is controlled by a variable in the proxy string that is help in the main API app settings. Using %myvariable% you can set part of the url. When I need to publish I switch the variable to the secondary URL location. Update the Primary and then switch the URL to its original primary location. This will have to work for now till traffic manager is integrated into functions or a better solution arises.
I am unable to comment back on the post as I am a new user.
You could modify your post if you want to provide more information.
Traffic Manager supports Azure functions monitoring. You can enable this by going to TM settings -> endpoints -> add endpoint -> choose Azure endpoint type -> App Service for Target resource type -> under Target Resource choose Function app which you want to monitor.
Most likely you want to be able to access function apps under specific domain domain, for example my-domain.com. For that under Custom Header Settings specify host:my-domain.com. You'll need to setup custom domain in function apps configuration too.
Related
How does Azure availability zone work? For example I have set up 3 web api as app service, I need to ensure that whenever 1 of the API was down, It will redirect to the next available service.
Ex:
Main API - Down
Secondary API - Up
Tertiary API - Up
Expected: Calls to Main API will be redirected to next available (Secondary, or Tertiary if Secondary was also down)
AZ support for App Services (the multi tenant offering) is actually just offered since yesterday: https://azure.github.io/AppService/2021/08/25/App-service-support-for-availability-zones.html
Follow that guide how to enable it. Basically you need to run at least 3 instances in the app services plan and the platform will make sure those are spread out over different Zones.
I have an Azure webapp and normally if I want to block an IP address, I go to Azure dashboard panel and under networking>Configure Access Restrictions, I add a rule to do so. This picture shows which menu item I mean:
However, I would like to do this programmatically. I see that the documentation shows how you can do this through Powershell.
I have also managed to find the API documentation for WebApp. But I can't find the last piece of the puzzle which is the API that does what I need.
Can someone please tell me if it is possible and which API I should use? Thank you in advance.
According to the doc: Use an Azure REST API PUT operation on the app configuration in Azure Resource Manager. The location for this information in Azure Resource Manager is:
management.azure.com/subscriptions/subscription ID/resourceGroups/resource groups/providers/Microsoft.Web/sites/web app name/config/web?api-version=2020-06-01
Then I searched the Azure Rest API and found this:
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites/{name}/config/web?api-version=2019-08-01
We could update the field properties.ipSecurityRestrictions to update the value of Access Restrictions.
In addition, you could also check this blog: Bulk add IP Access Restrictions to Azure App Service using Az PowerShell
There does not appear to be a one-to-one match between powershell commands and api.
The closest I could find is:
https://learn.microsoft.com/en-us/rest/api/appservice/webapps/putprivateaccessvnet
This allows you to define which vnet has access to your web app. By controlling access to your vnet, you can control access to your app.
I have an Azure Function app running on dynamic pricing and am trying to set up a custom domain.
I have added and verified the domain and setup the CNAME record accordingly. The custom domain shows up correctly as the "URL" when I view the App Service settings in the Azure portal. If I try to use this domain, however (to access an HTTP trigger function), I am returned with "Error 404 - Web app not found."
When I look at the Function URL in the portal, it still shows the x.azurewebsites.net domain, not the custom domain I have added. Is there anything additional I need to do to get Functions working with a custom domain?
Copying from my answer on MSDN forum:
Indeed, custom domains are not yet supported for Dynamic Function plans. This support will come a bit later (no clear ETA to share at this point).
Thanks to #David Ebbo I figured out how to do this for a Function App running in a consumption plan (e.g. Y1). Here is the MSFT docs article:
https://learn.microsoft.com/en-us/azure/app-service/scripts/cli-configure-custom-domain
It seems that it cannot currently be done via the Azure Portal GUI and instead you must use Azure CLI to run the commands. It's easy to do directly from that article page using the "Try It" link to the embedded azCLI.
We have BizSpark subscription with shared app service plan, where we are hosting our product. I need to host another version of the project for testing purpose, which fits into a free tier. I have checked the azure portals, but there is no provision to add a new service plan. does the BizSpark subscription support only one app service plan or am I missing anything?
Because an App Service services is an underlying component to other services, there isn't a simple way to directly create an App Service.
Since the only use case to create an App Service is to put something in it, the logic (I imagine) behind the Portals is that you create the resources you require and and it will create dependent resources within that process.
(Using the New Portal)
In order to create a new App Service plan, presuming you are deploying a new Web App. Click on New, Web + Mobile and then Web App.
When you click on Web App you will get this screen, if you fill in the details, and click App Service plan / Location at the bottom, you will be given the opportunity to select either an existing App Service or to create a new one.
The easiest solution would be to create a new Web app and when asked for App Service create a new one .. or use Azure Resource Manager template to achieve this: https://azure.microsoft.com/en-gb/documentation/templates/.
If it's another version of the App for testing purposes, why not use Deployment Slots? Slots have their custom URL separate from the Production app, separated configuration, domain bindings, it's like an App inside an App. You'll be able (if you want) to even swap the content of the Production environment with the Testing one for example.
And you don't incur in any extra cost because it runs on the resources of the current App Service :)
Is there a way to execute some script on Azure Web Role Instances ? I am kind off new to Azure and Azure Management APIs.
Basically what i want to achieve is, depending on the environment type, i would like to switch ON/OFF couple of services in all Azure Web Role Instances. So for e.g. if i have a single web role with 5 instances, then the script should execute in all the 5 instances.
Determine the staging/production environment
Get all the web roles for staging and production environment
For each role get all the instances
Run script in all instances (remotely)
Any help here would be much appreciated.
EDIT: I am able to fetch the staging/production environment details and the web role details for each environment as well. I am using the Service Management Rest APIs and the Get Cloud Service Properties method:
https://management.core.windows.net//services/hostedservices/?embed-detail=true
The above URL returns a list of role instance with their IP address.
But when i am trying to hit the Cloud Service (Web API) it is giving 404 error. Not sure if we can use the IP to hit a web api project hosted on IIS.
Thanks in advance,
Jash
Not exactly sure what you are trying to achieve. But if you have a Cloud Service with Web/Worker roles you cannot directly access each individual instance from the Internet. There is an Azure load balancer that sits in front of your deployment and routes Internet requests to instances. This would be useful for you to read.
What you can do, however, is to implement RoleEntryPoint class exactly like you would do for a Worker Role. Then you could check at regular intervals for a trigger - say a Blob in a container, a record in Table Storage, etc. When this happens - decide what to do: fetch special URL from Localhost, directly execute script with Process.Start(). Your choice, you have full control. All you have to do is to add a new class in your Web project that inherits from RoleEntryPoint.
You can refer to this resources for a bit more information on the use of RoleEntryPoint in WebRole projects:
https://code.msdn.microsoft.com/windowsazure/Combine-WorkerRole-and-f97d0487
http://blog.syntaxc4.net/post/2011/04/13/windows-azure-role-startup-life-cycle.aspx