连接到混合连接管理器服务的混合连接 [英] Connecting to an Hybrid connection served by the Hybrid connection manager

问题描述

我进行了一些测试，据我所知，Azure Relay需要侦听器显式连接到总线.在我们的方案中，我们想从Azure中的VM(或Internet上的其他系统)的VM中使用它来连接到现有的内部部署资源，该资源无法进行修改以支持混合连接.我还测试了混合连接管理器，但找不到任何有关如何创建连接到混合连接的客户端的文档，该客户端使用混合连接管理器将流量路由到目标系统.它可以通过Azure Web应用程序运行，但是在我们的方案中，它们不是可行的解决方案. 可以从Azure Web应用程序外部使用混合连接管理器吗?

I've made a couple of tests and, as far as I've understood, Azure Relay requires the listener to explicitly connect to the bus. In our scenario, we would like to use it from a VM in Azure (or a different system on Internet) to connect to an existing On-Premise resource that cannot be modified to support Hybrid connections. I've tested also the Hybrid Connection manager and I wasn't able to find any documentation on how to create a client that connects to a Hybrid connection that routes the traffic to the target system by using the Hybrid Connection manager. It works from an Azure Web app, but they are not a viable solution in our scenario. Is it possible to use the Hybrid connection manager from outside an azure web app?

推荐答案

我已经花了两天时间才能找到答案，并且从本文看来，这是不可能的:

I've digged two days more to find an answer and from this article, it seems it's not possible:

https://docs.microsoft .com/zh-CN/azure/biztalk-services/integration-hybrid-connection-overview

混合连接提供了一种轻松便捷的方式来连接 Azure App Service(以前称为网站)中的Web Apps功能以及 Azure应用服务中的移动应用功能(以前称为移动服务) 防火墙后的本地资源.

Hybrid Connections provide an easy and convenient way to connect the Web Apps feature in Azure App Service (formerly Websites) and the Mobile Apps feature in Azure App Service (formerly Mobile Services) to on-premises resources behind your firewall.

这听起来是正确的，因为它们需要由Azure在幕后进行一些网络级别的调整:移动应用程序进行特定的dns查询，而azure内部dns返回一个伪装"的ip，它为混合提供了入口请求的端口上的连接隧道.然后，混合连接将tcp流转发"到内部混合连接管理器，该管理器将请求代理到服务的真实ip.这样，由于目标dns主机与最终SSL端点相同，因此混合连接不会中断任何SSL连接.

And it sounds correct since they requires some adjustments at network level that are made under the hood by Azure: the mobile app makes a specific dns query and the azure internal dns returns a 'ghosted' ip that offers an entrance to the hybrid connection tunnel at the requested port. The hybrid connection then 'forwards' the tcp stream to the on-premise hybrid connection manager that proxy the request toward the real ip of the service. In this way, hybrid connections does not breaks any SSL connections since the target dns host is the same of the final SSL endpoint.

不过，我进行了进一步的挖掘，发现了两个示例，这些示例提供了预先阐述的示例，可在我的情况下提供帮助:

However, digging a bit more, i've found two examples that offer a pre-elaborate that it's helpful in my scenario:

混合连接反向代理

https://github.com/Azure/azure-relay/tree/master/samples/hybrid-connections/dotnet/hcreverseproxy

港口大桥

https://github.com/Azure/azure-relay/tree/master/samples/hybrid-connections/dotnet/portbridge

这篇关于连接到混合连接管理器服务的混合连接的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！