I created a sample Stateless Web API Service Fabric Application and tested in local. I also created a Fabric cluster from Azure portal and deployed this application into cloud.
The endpoint of the cluster is - http://somename.westus.cloudapp.azure.com. When I am accessing the application with the endpoint specified in the ServiceManifest.xml, I am not getting response. I see timeout from the request trying for long time.
The url I tried is - http://somename.westus.cloudapp.azure.com:8901/api/values. 8901 is the endpoint defined in the ServiceManifest.xml.
Please let me know what I am missing here.
Many Thanks, Thirumalai M
As jimpaine suggested, the below url given solution for configuring prob port number from client.
https://azure.microsoft.com/en-gb/documentation/articles/service-fabric-connect-and-communicate-with-services/
I added the port 8901 in the prob, and the service started working.
You might want to ensure that the custom endpoint 8901 is enabled when you create your service fabric cluster in the portal, as described here
https://azure.microsoft.com/en-in/documentation/articles/service-fabric-cluster-creation-via-portal/#create-cluster-in-the-azure-portal
Related
I deployed a containerized app to my IBM Cloud Kubernetes service in a VPC. The app uses App ID for authentication. The deployment pipeline ran successfully. The app seems ready, but when accessing its URL it gives an internal server error (500 status code).
From the Kubernetes dashboard I found that the ALB Oauth Proxy add-on is failing. It is deployed, but does not start.
The deployment seems to fail in the health checks (ping not successful). From the POD logs I found the following as last (and only) entry:
[provider.go:55] Performing OIDC Discovery...
Else, there is not much. Any advise?
Guessing from the missing logs and the failing pings, it seemed related to some network setup. Checking the VPC itself, I found that there was no Public Gateway attached to the subnet. Enabling it allowed outbound traffic. The oauth proxy could contact the App ID instance. The app is working as expected now.
Make sure that the VPC subnets allow outbound traffic and have a Public Gateway enabled.
I was trying to deploy docker service using aws app-runner. Deploying a service and running it is very street forward. Once I deployed the app, aws gives me url to access my service. Now I want to route traffic from my domain to this url. In route 53 it doesn't seems this option is not available, I might be wrong. In aws app-runner it self there is an option to link the url generated by aws with my domain name. I follow that option but it seems I have to do dns configuration change and CNAM configuration. Is there anyone who have tried this option and able to guid me? Thanks!
I'm trying to deploy a service fabric application to an unsecure Azure Service Fabric cluster. When I open the publish window in VS 2017 I get the following. If my cluster is unsecure, shouldn't I be able to publish it w/o configuring the cert?
I tried a publish anyways and I got:
Try accessing the server via powershell to maybe get a better error. Usually, errors like this are caused by firewalls blocking the port 19000.
I'm currently deploying on cloud foundry, Now I have a frontend server and a backend server.
Both deployed as micro services with the Cloud Foundry nodejs build pack.
I would like to hide the backend server from the outside world, that only my frontend server can access it. How do I do that?
If I remove the route to the backend server the server is hidden from the outside but then I do not know how to access it from my frontend.
I'm new to Cloud Foundry maybe there is an easy way.
Thanks
Andreas
Thanks for the information so far.
I do however not understand how I could now hide my backend instance from being accessed from the outside, but allow for access of the frontrontend?
Basically what roule would I need to set in my space in order to allow only port 80 to be accessed of my frontend instance (lets say the frontend ip is 168.192.0.5).
could you make an example?
If you are using OSS Cloud Foundry, you can put the backend services into their own space, and then set the security group rules for that space so that they will not respond to outside IP addresses:
https://docs.pivotal.io/pivotalcf/adminguide/app-sec-groups.html
If you are using Pivotal Cloud Foundry, you can use Spring Cloud Service Discovery, as Amit said.
What about using "cf push myjavaapp --no-route"?
The no-route option tell Bluemix that your backend is not a web application.
Another solution to hide the back-end microservice from the public is to use containers (also available on Bluemix, based on Docker, see https://www.ng.bluemix.net/docs/containers/container_gettingstarted.html). Containers have a private IP by default and can access other containers in the same space. You can assign the front-end microservice a public IP using e.g. following command
cf ic ip bind {public_ip} {container_name}
but don't assign a public address to your back-end microservices.
(A few weeks ago I've created a simple example for a microservice in a container, you can find the code at
https://hub.jazz.net/project/matthiashub/bluemix-unistuttgart-container/overview I admit that this was done in Java and not in nodejs but I think you get the idea.)
I get that it wont be possible to bind the service and therefore not use the VCAP_SERVICES, and credentials would need to be managed in another way.
Since the communication would go via the internet, I guess the question is really:
Does the SSO service have an API that can be reached from outside of Bluemix?
Yes the SSO service can be reached from outside Bluemix and therefore also from apps deployed on UK.
However, to retrieve the credentials you need to create an SSO service on US and then bind an app to it and inspect the VCAP_SERVICES. This is due to how Cloud Foundry works. Read more here