calling service fabric reverse proxy through standard port

0
votes

I have setup a reverse proxy in my service fabric with kestrel so calls are made with https (details here : Service Fabric https endpoint with kestrel and reverse proxy). So I can access the front of my SF this way https://mycluster.westeurope.cloudapp.azure.com:19081/myapp/myservice

but those doesn't work

http://mycluster.westeurope.cloudapp.azure.com:19081/myapp/myservice/api/healthcheck/ping https://mycustomdomain:19081/myapp/myservice/api/healthcheck/ping http://mycustomdomain:19081/myapp/myservice/api/healthcheck/ping

Now what I need to achieve is to call http://mycustomdomain.com that will redirect the call to the working endpoint.

Is it possible? Can I just modify my LB rules/health probes? What is the correct approach to do so?

Health probes
NAME                    PROTOCOL    PORT    USED BY
AppPortProbe            TCP         44338   AppPortLBRule
FabricGatewayProbe      TCP         19000   LBRule
FabricHttpGatewayProbe  TCP         19080   LBHttpRule
SFReverseProxyProbe     TCP         19081   LBSFReverseProxyRule

Load balancing rules
NAME                    LOAD BALANCING RULE                 BACKEND POOL                    HEALTH PROBE
AppPortLBRule           AppPortLBRule (TCP/44338)           LoadBalancerBEAddressPool       AppPortProbe
LBHttpRule              LBHttpRule (TCP/19080)              LoadBalancerBEAddressPool       FabricHttpGatewayProbe
LBRule                  LBRule (TCP/19000)                  LoadBalancerBEAddressPool       FabricGatewayProbe
LBSFReverseProxyRule    LBSFReverseProxyRule (TCP/19081)    LoadBalancerBEAddressPool       SFReverseProxyProbe
1
reverse-proxyazure-service-fabric

1 Answers

0
votes

To access your cluster from a custom domain name, you'll need to add a CNAME to your custom domain registration at mycustomdomain.com, that points to the cluster DNS name mycluster.westeurope.cloudapp.azure.com.

More info on the blog post here.

After that, you can enforce the use of HTTPS in ConfigureServices:

services.Configure(options =>
{
   options.Filters.Add(new RequireHttpsAttribute());
});

and redirect to HTTPS from HTTP in Configure:

var options = new RewriteOptions()
   .AddRedirectToHttps();
app.UseRewriter(options);

More info here.

The load balancer needs an adjustment, change the load balancing rule to forward external ports 80 and 443 on the internal reverse proxy endpoint.