How do you set up two microservices that both use https port?

依然范特西╮ 提交于 2019-12-08 21:08:30

I'm answering this in case someone else has the same question. Not sure this is the only way but the way i solved it was to use a reverse proxy. You could also use Application Gateway which is more powerful but for my needs i just needed the reverse proxy.

I had to recreate my service fabric (couldn't get it to use a reverse proxy after the fact). Select reverse proxy when creating the service fabric.

Note: if you want https, create a key vault first and add two certificates. on the certificates page select 'Custom' and use different ones for the cluster and reverse proxy. Azure fails deployment if you use the same one.

Also select at least a D1_s2 size machine or Azure will hang indefinitely when deploying and not tell you anything. I have no hair left after this.

when you call the reverse proxy you specify the fabric and service:

https://.eastus2.cloudapp.azure.com:19081/MyFabric/MyService/Controller/route

when talking from one service to another you can use localhost:19081 instead of the url.

in your servicemanifest.xml set the endpoint something like:

<Resources>
  <Endpoints>
    <Endpoint Protocol="http" UriScheme="http" Name="EndpointHttp" Type="Input" />
  </Endpoints>
</Resources>

the proxy knows where to send to. I set up an Application Management API that forwards the request to the proxy. Note this is for a single partition cluster. if you have multiple partitions you need to specify the partition id in the url also.

https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-reverseproxy

To answer your questions:

  1. Yes, there is a built-in reverse proxy in Service Fabric that you can use. As you are on Kestrel, using a reverse proxy would be the recommended approach, although not necessary. This would look like:

    Kestrel used as an edge server without a reverse proxy server doesn't support sharing the same IP and port among multiple processes. When Kestrel is configured to listen on a port, Kestrel handles all of the traffic for that port regardless of requests' Host headers. A reverse proxy that can share ports has the ability to forward requests to Kestrel on a unique IP and port.

    Here are some references:

  2. In a distributed system, services may move from one machine to another over time. This can happen for various reasons, including resource balancing, upgrades, failovers, or scale-out. This means service endpoint addresses change as the service moves to nodes with different IP addresses, and may open on different ports.

    Service Fabric provides a discovery and resolution service called the Naming Service. The Naming Service maintains a table that maps named service instances to the endpoint addresses they listen on. All named service instances in Service Fabric have unique names represented as URIs, for example, "fabric:/MyApplication/MyService". The name of the service does not change over the lifetime of the service, it's only the endpoint addresses that can change when services move. This is analogous to websites that have constant URLs but where the IP address may change. And similar to DNS on the web, which resolves website URLs to IP addresses, Service Fabric has a registrar that maps service names to their endpoint address. That way, we wouldn't have to worry about service discovery and resolution as it is offloaded to a reverse proxy or a Load balancer.

    Here are some great articles for your reference:

Hope this helps.

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!