Azure region based WebApi for mobile app - azure

I'm currently developing a mobile app which will be pushed world-wide across the app stores. This app uses a WebAPI REST service as the backend which I currently have running on MS Azure in Europe (which backs onto a database also in Europe).
My problem is, I'd like to create multiple Azure WebApi endpoints (i.e. Australia, US, etc for latency reasons), each with their own database which has geo-replication enabled.
Does anyone know a method/product/service I could use which allows me from the app to either:
Connect to a single domain which behind the scenes picks the closest server to the user.
OR
The app itself is able to determine based on a given list the closest server and connect to that?
I've looked at Azure CDN but this is for static content which is great but I need something for dynamic content.

What you're looking at is Traffic Manager. Traffic manager enables that exact scenario, of finding the closest service that hosts your REST API.
Keep in mind though, that the database replication is (for the time being) a thing you have to do yourself, although we do provide you with the tooling and guidance on how.

Related

How to set up Azure Application Gateway with multiple App Services that also talk to each other

I want to protect a number of Azure App Services with Web Application Firewall.
I was able to make it work with one app and on the way to adding the other apps.
Is there any recommended way or things to consider given the fact that some of these apps talk to each other?
If AppA queries AppB, I understand that the call would not be routed through the internet since it's all between azure IPs, is that right?
But would that skip the Application Gateway?

How to make an API accessible all the time and not just when the project is executed?

I am making my first mobile app using Xamarin.Forms and FreshMVVM as the architecture and I want this app to get info off my SQL database (which is located in azure) by calling an API Rest. I already know how to develop an Api, and all the SQL and Azure related stuff, as well as how to get info from my API.
But what I don't know is how to access this API when the project in which is created is not executed, in other words, I don't know how to make my API Rest accessible all the time, so the App can access to it whenever is needed.
How do you do this?
Thank you all for your time, hope you have a good day.
You need to publish the API to a web host. Azure App Services. AWS. Digital Ocean VM running a web server. Possibly GoDaddy, though I have never used them. Your own server.

should I choose azure application gateway or load balancer or front door or traffic manager?

I have a SaaS web app developed with Angular 8 and Asp.net Core Web API. I have deployed web api to a azure web app and deployed angular front-end web app to another azure web app as well.
The users are from China and Australia and other countries. I want to have region load balance like Chinese users uses web app on china azure region and australian users use Australian azure region web app so that it has best performance. Azure SQL DB will be in one place (in australia).
In addition, i want to prevent attacking to web front app and web api like d-dos, web scraping and SQL injection. For web scraping, i want to add access rate limitation from one ip.
Can you please advise what service i should use? I saw the blog talking about azure application gateway, azure load balancer, azure front door and azure traffic manager. It is a bit confusing to me. I need a best practise based on my this real world scenario. Should I use one of the service or should I use multiple services?
Based on your requirement:
Since the Backend Resource is Web App, you can ignore Load balancer (Layer 4) where you can only add VMs or VMSS
Your another requirement is WAF, and it is only available in AFD and AppGW. But you can use Traffic Manager as first Tier Load balancing and have AppGW in the different regions to provide high resilience.
As you want users from specific country to reach nearest backend resource, it seems like, the best solution for you is AFD.
AFD is a global Load balancer. It has WAF capability. It can Cache the data and provide quicker responses(CDN functionality). AFD uses an intelligent probing mechanism, through which it chooses the endpoint which is closer to the client who is making the request.
Hope this helps.

Azure cloud service and web sites communication lock down

I have a azure cloud service (a server) where i host a Redis database. I also have a web site hosted in azure web sites. I want the web site to be able to talk to the Redis DB on port 6379. I know I can configure a public endpoint for that port on my server but that would open it for whole Internet. I want it opened only for azure web sites (or even better, only for my web site). How can i do this?
Windows Azure Web Sites is in an isolation bubble separate from your Cloud Services and there's no way to bridge that gap. Ideally you'd do this by connecting the web site machine to other Azure services via a Virtual Network, but this FAQ confirms you can't do that right now:
Can I use Windows Azure websites with Virtual Network?
No. We do not support websites with virtual networks.
Opening Redis up over the internet shouldn't even be considered as it doesn't have the kind of security you'd want out of the box to be opening up its port publicly as it is meant to be co-located with your application, so you really wouldn't want to do that. Never mind the added network overhead which will eat into the performance you expect to get by leveraging something like Redis anyway.
I believe your best bet given your current configuration is to add a Web Role that's part of the same Azure Cloud Service and run your web based application out of that so that it can communicate with worker role. It only requires a little bit of configuration to get this going (i.e. adding an InternalEndpoint to the Redis Worker Role). While I realize Web Roles don't offer as frictionless a development model as Web Sites, you have to choose the right tool for the job.
Another option, if you want to setup your Redis on a VM instead of tying it to the Cloud Service directly, is that you can setup a Virtual Network, put the Redis VM on the virtual network and then configure the Cloud Service so that it's part of the same affinity group and add the NetworkConfiguration/VirtualNetworkSite configuration section to the Cloud Service's .cscfg.
Which approach makes more sense all depends on how you leverage your Redis instance, but the main benefit of the latter approach is that the Redis instance is not recreated each time you deploy your Cloud Service and, so, any data that's in it will stay available between deployments. Another benefit is if you want to build and leverage a Redis cluster across multiple Cloud Services this enables you to do that.

Website running in the cloud - Azure, replication globally all over MS datacentres?

I am new to Azure and website deployment, and I am trying to make sure I understand how things work. As far as I understand, once I create a website, a web application is created and begins to run in the cloud before publishing my own site even.
I know that the cloud provides scalability, load-balancing (among multiple datacenters), ease of publishing/testing, etc...things that don't exist in traditional web hosting.
So my question is since my website is in the cloud/Azure now, would my website be replicated globally in MS datacenters? If yes, is it something different from load-balancing? in other words, is the idea behind it is to get my site replicated to provide faster access from all over the world. And if all these are correct, I suppose traditional web hosting doesn't support replication.
Sorry for the simple questions, but I really need to understand, and I would appreciate any details you could provide.
Q: So my question is since my website is in the cloud/Azure now, would my website be replicated globally in MS datacenters?
A: Your website won't be automatically replicated globally to all MS datacenters. Each azure service, whether it is an cloud-service, sql-azure, storage, website or VM is located at a location of your choice. Within a location you can scale some of the services to run in multiple instances. If you spawn a new instance your website gets replicated. But it still runs at the same geo-location.
Q: If yes, is it something different from load-balancing?
A: In Azure you need to distinguish between load-balancing and traffic-management. If you run multiple instances within one location, there is only one external URL to reach it. The load-balancer distributes traffic equally to every running service instance.
The Traffic Manager allows you to control the distribution of user traffic to Windows Azure hosted services. The hosted services can be running in the same data center or in different centers across the world. Traffic Manager works by applying an policy engine to the Domain Name Service (DNS) queries on your domain name(s).
So in general, if you want to spread your application all over the world, you have to do it by yourself.
Create your service on all the location of your choice and use Traffic Manager to connect them.

Resources