I have created a CDN endpoint at [id].vo.msecnd.net, and I have deployed a production mvc4 cloud service web role.
It has images in a root-level /cdn folder, but I cannot get those images to load via cdn. I can access them via direct URL. For example, this works:
[site].cloudapp.net/cdn/eb303.gif
but not:
[id].vo.msecnd.net/eb303.gif
The cdn endpoint is enabled and set up under the hosted service that the web role is in. The documentation I have been reading indicates that nothing more is required. I am using a bizspark license, but as far as I can tell that should include CDN endpoints.
Is there a step I am missing?
Thanks!
Sometime it may take up to 1 hour before your CDN endpoint is ready to server your content. It does work with any kind of deployment staging or production.
Do you still have the problem? If you still have the problem you may need to contact Azure Support because if you have enabled the CDN, you should be good to go.
Related
I'm trying to access my app, hosted on azure.
I've a finished c# solution. When I commit changes to Azure DevOps it triggers a (working & successful) build-pipeline.
It runs tests, publishes an artifact & testresults.
In my ServicePlan status is Ready and I see Data Exchanges on DataIn & DataOut graphs.
The Deployment Center:
Bu when I click the https://mywebsite.azurewebsites.net, No webpage was found for the web address.
I have Some basic Azure DevOps expierence, but this Azure Portal is something else :)
My basic questions would be:
Why is it not working?
Do I need a second pipeline, only for release? Or can I recycle the build pipeline?
Do I need some kind of deployment slots? Before I select a not-free slot, I want to know if this is necessary
What else could I be missing?
(My Azure resources include a sql-server, a sql-db, the actual appservice & a app service plan)
Thanks!
If you deploy web app to Azure and login https://<app-name>.azurewebsites.net, then the page still shows Microsoft page instead you owner page. You need check the default document, please ensure that the default page is listed in here.
Steps: login azure portal->App Service->configuration->Default documents
In Azure Web Apps, the default document is the web page that is displayed at the root URL for a website. The first matching file in the list is used. Refer File structure on azure to know more about the files and directories on Azure Web App.
Update1
When I go to the azurewebsites.net url I get a 404: No webpage was found for the web address.
Check this doc:
If you receive an HTTP 404 (Not Found) error when you browse to the URL of your custom domain, verify that your domain resolves to your app's IP address by using WhatsmyDNS.net. If not, it might be because of one of the following reasons:
The custom domain configured is missing an A record or a CNAME
record.
The browser client has cached the old IP address of your domain.
Clear the cache, and test DNS resolution again. On a Windows machine,
you clear the cache with ipconfig /flushdns.
Update2
the URL in my appservice is Azure-generated right?
Yes, then app service url is generated by Azure.
With making a new app service and going to the URL I do get a message app service is up and running.Time to take the next step and deploy your code.
And now, we should get this page, we need create new service connection and re-configure build and release pipeline and deploy your app.
Note: We need use the same user account and AAD domain to do this.
I'm new to Google Cloud and trying to understand the relationship between a Google Cloud endpoint and a back-end app on App Engine.
It looks like when I deploy my application (gcloud app deploy) I get a URL that looks something like https://my-service-dot-my-app#appspot.com/path/operation/etc. Is this URL going through the cloud endpoint, or right to the container?
When I call the service in this way I don't see any traffic to the cloud endpoint. In fact when I try to access the service using what I think is the cloud endpoint it just gives me a 404 (https://my-app#appspot.com/path/operation/etc). Why can't I access with the endpoint? Permissions?
My initial thought was that the endpoint was something separate that routes traffic to the back-end. However, when I do something like change the security configuration in openapi.yaml and just redeploy the endpoint definition (gcloud endpoints services deploy openapi.yaml), this does not seem to actually have any effect.
For example, the initial deployment had Firebase security. I removed it and redeployed the endpoint definition but security remains on when calling the service. Seems I have to redeploy the back-end to disable security.
Any insight would be appreciated.
Cloud Endpoint is a security layer in front of your API. It acts as a proxy and performs security checks (based on API Key, OAuth, SAML,...) and routing to the correct Endpoint. The endpoint definition is based on OpenAPI 2 (not 3, be careful!). There is new advance feature like rate limit and soon billing.
Initially integrated to AppEngine, this product has been open sourced and can be deployed on Cloud Run, Cloud Function and on GKE/Kubernetes. A similar paid and more powerful product is Apigee.
I wrote an article for using Endpoint deployed on Cloud Run, with API Key security and which route requests to Cloud Run, Cloud Function and App Engine.
Cloud Endpoint also offers a developer portal to allow your customer, prodiver and developer to view your API specification and to test it dynamically on line.
I hope these elements provide you a better overview of Cloud Endpoint to abstract your underlying API deployment.
I believe we need to address a few points before providing the correct way forward:
For your first question:
Is this URL going through the cloud endpoint, or right to the container?
Deploying an application to App Engine will generate an #appspot URL for the app. This URL is used to access the application directly, and it will remain available to the internet unless you enable Cloud IAP, or set any other restrictions to the service.
For your second question:
Why can't I access with the endpoint?
If you are referring to the https://my-app#appspot.com/path/operation/etc, there can be a lot of reasons for it to not work, it will depend on which step of the setup process you are.
Normally for setting up Cloud Endpoints with OpenAPI, with an App Engine backend, you need to limit access to the #appspot URL, but also deploy an Extensible Service Proxy (ESP) to Cloud Run to access it later.
Conclusion:
Now, for actually achieving this setup, I suggest you follow the Getting Started with Endpoints for App Engine standard environment.
As per the guide, the following is the full task list required to set Endpoints for an App Engine Standard backend, using Cloud Endpoints:
1 - Configure IAP to secure your app.
2 - Deploy the ESP container to Cloud Run.
3 - Create an OpenAPI document that describes your API, and configure
the routes to your App Engine.
4 - Deploy the OpenAPI document to create a managed service.
5 - Configure ESP so it can find the configuration for your service.
Keep in mind that once you set up the ESP configuration, any calls will need to go through the [YOUR-GATEWAY-NAME].a.run.app.
If you happen to be stuck in any particular step, please provide what you have done so far.
I hope this helps.
Is this URL going through the cloud endpoint, or right to the container?
App engines are container based deployments on Google's infrastructure. The url are created when you deploy it and please note its not API.
When I call the service in this way I don't see any traffic to the cloud endpoint
I dont think a Cloud Endpoint is created by default
One way to check if a Cloud Endpoint is created is to check if its API is enabled in your project or a service account is created in IAM page
To configure a Cloud Endpoint for App engine, following this procedure
My website and my domain are hosted on a different service provider from azure. I created a CNAME record and I have added my custom domain to the azure. So right now I can go to http://images.mysite.com/images/myimage.png. The image that loads comes from the blob storage from azure. However, if I try to do this via https, I get NET::ERR_CERT_COMMON_NAME_INVALID error.
I've been through many guides, and seen just about every setting in azure portal and I can't figure out how to import my ssl into azure so that this will work. I have a feeling it has to do something with Azure CDN option, which I don't have configured and don't want to pay extra just for this one feature. Can I do this without it somehow?
I've been through many guides, and seen just about every setting in
azure portal and I can't figure out how to import my ssl into azure so
that this will work.
Simple answer to your question is that it is not possible as of today. Azure Storage still doesn't support HTTPS with custom domain. You'll need to use CDN if you wish to use your SSL certificates to facilitate secure connection.
From https://learn.microsoft.com/en-us/azure/storage/blobs/storage-custom-domain-name:
Azure Storage does not yet natively support HTTPS with custom domains.
You can currently Use Azure CDN to access blobs by using custom
domains over HTTPS.
Good evening,
I currently have deployed a VPN in azure, in this network I have added a cloud service and have also granted access to an azure website, so far so good.
Now I want the cloud service to be available only to the nodes of my VPN, especially the azure website. In order to achieve this I have created some ACLs which grant access to every node of my subnet i.e,
<Rule action="permit" description="test2" order="200" remoteSubnet="172.16.0.0/27" />
However, once the ACL Rule is enforced, the website has no access to the cloud service and therefor a timeout exception is thrown. Am I doing something wrong or the only way to achieve this is to deploy both of my projects on cloud services instead of a website and a cloud service? It is vital for this project that the cloud service is only available locally.
Thanks in advance
You can't currently restrict Azure Websites to only be accessible via a private VNet and as you suggested you will need to use either Web Role (Cloud Service) or a VM.
With an Azure CDN endpoint that is mapped to a hosted service, how do I manage the difference between staging and production? I want users of my staging site to see CDN pages fetched from my staging deployment, and similarly for the production service. But since I cannot create an endpoint per deployment, I cannot see how the correct content can be served - they will both be using the same xx123456.vo.msecnd.net address. (Perhaps it is possible to create CDN endpoints associated with a particular deployment using the REST API, but the documentation is missing.)
According to a support ticket I put into Microsoft, you cannot do this. The CDN only works with production hosted services.