Azure Web应用程序访问服务矩阵的虚拟网络 [英] Azure web app accessing service fabric's virtual network
问题描述
我有一个Service Fabric群集,该群集承载许多旧版WCF服务,并且我想将Azure App Service(运行网站)连接到Fabric群集的VNET,以便它可以与群集中的WCF服务进行通信.
I have a Service Fabric cluster hosting many legacy WCF services and I would like to connect an Azure App Service (running a website) to the fabric cluster's VNET, such that it can communicate with the WCF services in the cluster.
我使用VNET对等连接将光纤网络群集的VNET连接到组织的现有虚拟网络,并且可以从现有虚拟网络中的VM连接到WCF服务.
I connected my fabric cluster's VNET to an existing virtual network of our organization using VNET peering and I can connect to the WCF services from VMs within the existing virtual network.
但是,从应用程序服务连接时,出现以下错误:
However, when connecting from the app service, I got the following error:
无法连接到net.tcp://10.0.0.250:8020/.连接尝试 持续时间为00:00:00. TCP错误代码10013:尝试以其访问权限10.0.0.250:8020禁止的方式访问套接字.
Could not connect to net.tcp://10.0.0.250:8020/. The connection attempt lasted for a time span of 00:00:00. TCP error code 10013: An attempt was made to access a socket in a way forbidden by its access permissions 10.0.0.250:8020.
如果从虚拟网络内部连接,我已经配置了内部负载均衡器,并且可以正常工作.有谁知道为什么它不适用于网络应用?
I have configured an internal load balancer and its working ok if I connect from within the virtual network. Does anyone know why it doesn't work for the web app?
推荐答案
如果要从Azure App Service访问VNet中的资源,则可以
If you want to access the resources in a VNet from Azure App Service, you could enable networking for app service. Note that
VNet集成使您的Web应用可以访问您的资源 虚拟网络,但不授予对您的Web的入站私有访问权限 虚拟网络中的应用程序.私人网站访问是指 您的应用只能通过专用网络(例如从 Azure虚拟网络. VNet集成仅用于出站 从您的应用程序调用到您的VNet.
VNet Integration gives your web app access to resources in your virtual network but doesn't grant inbound private access to your web app from the virtual network. Private site access refers to making your app only accessible from a private network such as from within an Azure virtual network. VNet Integration is only for making outbound calls from your app into your VNet.
VNet集成有两种版本,如果服务结构的虚拟网络与Web应用程序位于同一区域,则可以使用区域VNet集成".
There are two versions of VNet integration, you could use Regional VNet Integration if service fabric's virtual network in the same region as your web app.
这篇关于Azure Web应用程序访问服务矩阵的虚拟网络的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
