连接应用网关与应用服务 Azure
[英]Connect Application Gateway with App Service Azure
问题描述
My idea is to connect a Application Gateway with a App Service in a single .NET, but I'm getting a 502 if I try to access my public IP.
我的想法是在单个 .NET 中将应用程序网关与应用程序服务连接起来,但如果我尝试访问我的公共 IP,我将收到 502。
I've been reading already this question but I cannot find how to solve my issue.我一直在阅读这个问题,但我找不到解决问题的方法。
Right now I have this setup:现在我有这个设置:
Main .NET Su.net 1 -> Application gateway Su.net 2 -> App Service Main .NET Su.net 1 -> 应用网关 Su.net 2 -> App Service
What I tried until now was this configuration using access restrictions on the app service using the public IP of the gateway and also the IP for the private .NET:到目前为止,我尝试的是此配置使用网关的公共 IP 和私有 .NET 的 IP 对应用程序服务使用访问限制:
Even with this I'm having this 404 on the health probe.即使这样,我在运行状况探测器上也有这个 404。
Should I add in another way the APP Service to the .NET?我是否应该以其他方式将 APP 服务添加到 .NET? Is this the good one?这是好的吗? What am I doing wrong here?我在这里做错了什么?
2 个解决方案
解决方案1
0 2022-11-30 13:15:06
I tried to replicate the same issue in my workaround and got the below results我试图在我的解决方法中复制相同的问题并得到以下结果
I am able to access the app service using application gateway while restricting the IP address in the App service我可以使用应用程序网关访问应用程序服务,同时限制应用程序服务中的 IP 地址
I have followed the below steps to access the app service through application gateway using private endpoint我已按照以下步骤使用专用端点通过应用程序网关访问应用程序服务
I have created the application gateway and configured the我已经创建了应用程序网关并配置了
Backend pool
Access restrictions
Http settings
Health probe
I have created the private endpoint with same V.net我用相同的 V.net 创建了私有端点
Created the virtual machine to access the app service创建虚拟机以访问应用程序服务
Connected the bastion service to check weather I am able to access the app service连接堡垒服务以检查天气我能够访问应用程序服务
nslookup url
For related information please refer this document
解决方案2
0 2022-12-04 23:32:30
Luckily because you are receiving a 404 that rules out several other potential causes related to reachability.幸运的是,因为您收到了一个 404,它排除了与可达性相关的其他几个潜在原因。 In the image you provided for your Backend Settings, the "Override with New Hostname" switch is set to No, which means that whatever hostname you reach your App Gateway with will be passed as the hostname to your App Service.在您为后端设置提供的图像中,“使用新主机名覆盖”开关设置为“否”,这意味着您到达应用程序网关时使用的任何主机名都将作为主机名传递给您的应用程序服务。 Typically, App Service uses a subdomain of *.azurewebsites.net and if you send either the wrong hostname or no hostname it will respond with a 404. You can test this by hitting your App Service by the IP address in the browser;通常,应用服务使用 *.azurewebsites.net 的子域,如果您发送错误的主机名或没有发送主机名,它将以 404 响应。您可以通过在浏览器中输入 IP 地址来测试您的应用服务; you will receive a 404.您将收到 404。
If you switch this to Yes, you have two options: You can opt to override the hostname with the FQDN from your Backend Pool, which in your case is an azurewebsites.net subdomain, or you can set this manually.如果将其切换为“是”,您有两个选择:您可以选择使用后端池中的 FQDN 覆盖主机名,在您的例子中是 azurewebsites.net 子域,或者您可以手动设置。 Either should work in your case.两者都适用于您的情况。
On top of this, you can configure a custom probe.在此之上,您可以配置自定义探测器。 If you do not see a probe listed, it's because you are using the default, which sends a hostname of "127.0.0.1" to the backend pool member.如果您没有看到列出的探测器,那是因为您使用的是默认设置,它会将主机名“127.0.0.1”发送到后端池成员。 This is the hostname being used to reach your App Service's IP address which is likely why probes are failing with a 404.这是用于到达应用服务的 IP 地址的主机名,这可能是探测失败并显示 404 的原因。
By creating a custom probe you can opt to pick the hostname from the Backend Settings or use a custom one.通过创建自定义探测器,您可以选择从后端设置中选择主机名或使用自定义探测器。 You'll also see you can adjust the range of acceptable status codes from the default 200-399.您还会看到您可以调整默认的 200-399 可接受状态代码的范围。 This can be useful in the future if you have a backend that requires authentication and returns a 401 Unauthorized as App Gateway probes are not capable of performing authentication.如果您的后端需要身份验证并返回 401 Unauthorized 因为 App Gateway 探测器无法执行身份验证,这在将来会很有用。
Source Documentation on App Gateway probes: https://learn.microsoft.com/en-us/azure/application-gateway/application-gateway-probe-overview App Gateway 探测器的源文档: https://learn.microsoft.com/en-us/azure/application-gateway/application-gateway-probe-overview
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.