Jump to content
Sign in to follow this  
  • entries
    142
  • comments
    0
  • views
    79567

Azure App Service, get data from on-premises databases securely

Sign in to follow this  
proximagr

376 views

Azure App Service, get data from on-premises databases securely
There are many scenarios where we want to have the Web Application on the Cloud but on the other hand, due to various limitations, the database stays on-premises. Azure has a service, called Azure Hybrid Connections, that allows the Web App to connect to on-premises databases, using internal IP address or the database server host name, without a complex VPN setup.
The Connection diagram
hybridconn-connectiondiagram.png
I have tested the connection with Microsoft SQL, PostgreSQL, MySQL, mongodb and Oracle. The databse requirements is to have a static port. So the first step in case of a Microsoft SQL instance is to assign a static port. In my test environment I have a Microsoft SQL 2016 and I assigned the default port 1433, using the Sql Server Configuration Manager / SQL Server Network Configuration / Protocols for INSTANCENAME (MSSQLSERVER)
img_5aa6ff237b5c6.png
All paid service plans supports hybrid connections. The limits are on how many hybrid connections can be used per plan, as the below table shows. Pricing plan Number of Hybrid Connections usable in the plan Basic 5 Standard 25 Premium 200 Isolated 200
To start creating the Hybrid Connections, go to the App Service / Networking / Hybrid Connections and press the “Configure your hybrid connection endpoints”
img_5aa6ffd20fd5d.png
At the Hybrid connections blade there are two steps, the first is to “Add hybrid connection” and the second is to “Download the connection manager”.
img_5aa70131c0565.png
First click the “Add hybrid connection” and then press “Create new hybrid connection”
img_5aa7a2c511da8.png
The “Create new hybrid connection” blade will open. Add a Hybrid connection name, this must be at least 6 characters and it is the display name of the connection. At the Endpoint host add the hostname of the database server and at the Endpoint port, the port of the database. At my case I added 1433, as this is the port I assign to my SQL instance before.
Finally you will need to specify a name for a Servicebus namespace. As you realize, the hybrid connection uses Azure Servicebus for the communication, and press OK.
img_5aa7a33b06f77.png
Once the connection is created it will be shown at the portal as “Not connected”
img_5aa7a5bdeb037.png
Now we need to download and install the hybrid connection manager by clicking the “Download connection manager”. For this test I will install the hybrid connection manager at the same server as the SQL database, but for a production environment it is recommended to install the hybrid connection manager to a different server that will have access to the database servers only to the required ports. For the best security install it to a DMZ server and open only the required ports to the database servers.
Run the downloaded msi and just click Install.
img_5aa8371299074.png
Open the “Hybrid connection manager” UI and press “Add a new Hybrid Connection.
img_5aa8379f58529.png
Sign in to your Azure account
img_5aa837f4d0eb1.png
Once logged in, choose your Subscription and the hybrid connection configured previously will appear. Select it and press Save.
img_5aa838431ab4c.png
Now at the connection manager status it will show “Connnected”
img_5aa83898e0f74.png
The same at the Azure Portal and your Hybrid connection is ready.
img_5aa8393ba0032.png
Test, test, test and proof of concept. Open the Console, form the Wep App Blade, and tcpping the SQL server’s hostname atthe port 1433
img_5aa83e8b94c55.png
and also sqlcmd
img_5aa83fdd583e6.png

Sign in to follow this  


0 Comments


Recommended Comments

There are no comments to display.

Guest
Add a comment...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...