Shulou(Shulou.com)06/01 Report--

Because of the dependence on WCF, the use of WCF relay to build hybrid applications has some limitations, which is basically only suitable for .NET applications where the local service is WCF. The hybrid connection makes up for the deficiency of this block. It not only supports the original WCF relay function, but also provides multi-platform and multi-language support, as long as the hybrid connection is based on the open standard protocol web sockets.

The following is a comparison with WCF trunks:

WCF relay hybrid connection to establish a secure connection between the local and the cloud √√ does not need to modify the firewall add station port √√ does not need to make major changes to the network configuration √√ based on open standard protocol X (only supports WCF) √ cross-platform support X (only support Windows) √ multilingual support X (.NET only) √

There are three main situations to introduce the use of hybrid connections:

I. based on hybrid connection SDK

II. Hybrid connection tool based on Azure Web App

3. Based on PortBridge sample program

Create a hybrid connection

You can log on to the Azure China portal and follow the interface tips to create it step by step. You can also use the PowerShell command, as follows.

# login to AzureChina with your accountLogin-AzureRmAccount-Environment AzureChinaCloud$rgName = "relaydemorg" $namespaceName = "relaydemons" $location = "China East" $hcName = "hcdemo" New-AzureRmResourceGroup-Name $rgName-Location $locationNew-AzureRmRelayNamespace-ResourceGroupName $rgName-Name $namespaceName-Location $locationNew-AzureRmRelayHybridConnection-Namespace $namespaceName-ResourceGroupName $rgName-Name $hcName-RequiresClientAuthorization $true

The mixed connection string created is sb://relaydemons.servicebus.chinacloudapi.cn/hcdemo.

Based on hybrid connection SDK

At present, Microsoft officially provides two SDK, one is the. Net language version, the other is the Node.JS version. Both SDK are also open source on Github: azure-relay-net,azure-relay-node.

Local service (listener)

First of all, as the listener, the local server needs to use the connection string with listening permission to create an outbound WebSocket connection, that is, to register with the Azure relay service. If there are multiple listeners locally, incoming access requests are sent randomly. A mixed connection supports up to 25 listeners.

Private const string ConnectionString = "connection string with listen permission"; / / Listenvar listener = new HybridConnectionListener (ConnectionString); await listener.OpenAsync (); / / AcceptHybridConnectionStream relayConnection = await listener.AcceptConnectionAsync (); / / Readvar reader = new StreamReader (relayConnection); var line = await reader.ReadLineAsync (); / / OutputConsole.WriteLine (line); / / Closeawait relayConnection.CloseAsync (CancellationToken.None)

External service (sender)

The sender provides a connection string with send permission (not required if client authentication is not required when establishing a mixed connection, but from a security point of view, it is recommended that authentication be required), establish a WebSocket connection with the mixed connection service, and eventually establish a connection with a listener to communicate.

Private const string ConnectionString = "connection string with send permission"; / / Connectvar client = new HybridConnectionClient (ConnectionString); HybridConnectionStream relayConnection = await client.CreateConnectionAsync (); / / Writevar writer = new StreamWriter (relayConnection) {AutoFlush = true}; await writer.WriteLineAsync ("hello from outside"); / / Closeawait relayConnection.CloseAsync (CancellationToken.None)

Of course, because the built WebSocket is a two-way channel, the local server can also send messages to the external server.

Connection string

As mentioned earlier, connection strings with different permissions are needed. There are three kinds of permission management, monitoring and sending. You can create security access policies with different permissions as needed, and then automatically generate the corresponding connection strings in its specific interface, as shown in the figure below.

If a local service cannot or does not want to be modified to invoke SDK, such as a cloud Web App calling a local Web Api or SQL database, how do you use a hybrid connection? Azure Web App has integrated hybrid connections that can be easily configured without any changes to the local service.

The complete code example can be seen in my Github.

Hybrid connection tool based on Azure Web App

At present, Azure China does not support the integration of hybrid connections, but it is already on its way and should be available soon. The following is demonstrated by Azure Global, and eventually Azure China will have the same experience.

Configure hybrid connection end nodes

Log in to the azure portal, find your web app, click Network under Settings, click "configure your mixed connection end node" in the expanded page, and open the page as follows:

Click "download connection Management tool" to download, which will be used later.

Click "add mixed connection", and click add on the open page, as shown in the following figure. Enter the appropriate information, in which the name can be customized, and the end node host must be the name of the machine running your local service, and the end node port is also the port where the local service is located. Select the namespace that was previously created, or you can create a new one here.

After the creation is complete, install the connection management tools downloaded earlier on the machine running the local service. Then open the mixed connection management tool and click "Configure another Hybrid Connection". At this time, the login box will pop up, enter your azure subscription account and log in, which will show the existing mixed connections in the current subscription, as shown in the following figure.

Select the mixed connection with the correct end node configured, and then click "Save" to save. This hybrid connection establishes a local connection to the cloud web app with a status of "Connected".

In this way, local services can be accessed in web app through the way of "end node name: port". For example, as I demonstrated here, I run a web api service (api/values) locally on port 16782 and return the string "value from on-premises". Then through a hybrid connection, the cloud web app can easily access the local service as follows:

Using (var httpClient = new HttpClient ()) {var onPremSvcUri = "http://mc-allenl-01:16782/api/values"; using (var response2 = httpClient.GetAsync (onPremSvcUri) .result) {if (response2.IsSuccessStatusCode) {ViewBag.Message = $" {response2.Content.ReadAsStringAsync () .Result} ";}

Results:

Other local services, such as SQL services, can also be connected in the same way.

Based on PortBridge sample program

If external services do not use Azure Web App, how do you use hybrid connections? Port forwarding can be achieved through a hybrid connection to establish a connection channel. The official Microsoft example PortBridge demonstrates this feature. Next, we use it to demonstrate that the web application in the cloud virtual machine invokes the local web api.

Create a hybrid connection with the name of the machine running by the local service (demo name mc-allenl-01). Please refer to the PowerShell command at the beginning of the article. And create shared access policies for send and listen permissions, respectively.

Download and compile the PortBridge, and modify the portBridge-related configuration in the PortBridgeServerAgent.exe.config file, where the targetHost configuration costs the name of the machine on which the service is running, and the port is the port where the local service is located. The configuration of this example is as follows. Then copy the entire folder to the machine where the local service is running, and double-click PortBridgeServerAgent.exe to run.

Modify the relevant configuration of portBridgeAgent in the PortBridgeClientAgent.exe.config file, where targetHost sets the name of the machine on which the cost service is running, localTcpPort is set to the port you expect to access, and remoteTcpPort is the port on which the local service is running. The configuration of this example is as follows. Copy the entire folder into the Azure virtual machine and double-click PortBridgeClientAgent.exe to run it.

Accessing http://localhost:81/api/values in the Azure virtual machine will fail before running PortBridge, but after enabling PortBridge, that is, establishing a channel through a hybrid connection, the access will be successful, as shown below:

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.