Sunday, July 30, 2023

 

The previous articles discussed how to rewrite location headers. This is a complete sample for the application gateway that achieves the following rewrite:

 

Demo:

 

curl -i -k "https://23.99.215.80/fn/api/HttpTrigger1/?name=Ravi"

HTTP/2 202

date: Fri, 28 Jul 2023 13:35:12 GMT

content-type: text/plain; charset=utf-8

location: https://fn-demo-3.azurewebsites.net/

request-context: appId=cid-v1:fafb5add-e9fb-41fc-9155-291d3695ce53

 

Hello, Ravi Rajamani. This HTTP triggered function executed successfully.%

 

 

curl -i -k "https://23.99.215.80/fn/api/HttpTrigger1/?name=Ravi"

HTTP/2 202

date: Fri, 28 Jul 2023 13:37:15 GMT

content-type: text/plain; charset=utf-8

location: https://fn-demo-3.azurewebsites.net

request-context: appId=cid-v1:fafb5add-e9fb-41fc-9155-291d3695ce53

 

Hello, Ravi Rajamani. This HTTP triggered function executed successfully.%

 

 

curl -i -k "https://23.99.215.80/api/HttpTrigger1/?name=Ravi"

HTTP/2 200

date: Fri, 28 Jul 2023 13:37:24 GMT

content-type: text/plain; charset=utf-8

request-context: appId=cid-v1:24f74c4b-1489-467a-8a11-41bb8d141d4f

 

Hello, Ravi. This HTTP triggered function executed successfully.%

 

 

curl -i -k "https://23.99.215.80/fn/api/HttpTrigger1/?name=Ravi"

HTTP/2 202

date: Fri, 28 Jul 2023 13:38:32 GMT

content-type: text/plain; charset=utf-8

location: https://23.99.215.80

request-context: appId=cid-v1:fafb5add-e9fb-41fc-9155-291d3695ce53

 

Hello, Ravi Rajamani. This HTTP triggered function executed successfully.%

 


 

 

IaC Defintion:

{

  "version": 4,

  "terraform_version": "1.4.3",

  "serial": 1,

  "lineage": "cab6c06f-7c91-2893-bcf4-4f421b4ed5c1",

  "outputs": {},

  "resources": [

    {

      "mode": "managed",

      "type": "azurerm_application_gateway",

      "name": "gwy-demo-3",

      "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]",

      "instances": [

        {

          "schema_version": 0,

          "attributes": {

            "authentication_certificate": [],

            "autoscale_configuration": [

              {

                "max_capacity": 10,

                "min_capacity": 0

              }

            ],

            "backend_address_pool": [

              {

                "fqdns": [

                  "aks-demo-3-dns-ujqod62b.hcp.centralus.azmk8s.io"

                ],

                "id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/backendAddressPools/aks-demo-3",

                "ip_addresses": [],

                "name": "aks-demo-3"

              },

              {

                "fqdns": [

                  "fn-demo-3.azurewebsites.net"

                ],

                "id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/backendAddressPools/fn-demo-3",

                "ip_addresses": [],

                "name": "fn-demo-3"

              },

              {

                "fqdns": [

                  "fn2-demo-3.azurewebsites.net"

                ],

                "id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/backendAddressPools/fn2-demo-3",

                "ip_addresses": [],

                "name": "fn2-demo-3"

              }

            ],

            "backend_http_settings": [

              {

                "affinity_cookie_name": "ApplicationGatewayAffinity",

                "authentication_certificate": [],

                "connection_draining": [],

                "cookie_based_affinity": "Disabled",

                "host_name": "",

                "id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/backendHttpSettingsCollection/bset-demo-3",

                "name": "bset-demo-3",

                "path": "/",

                "pick_host_name_from_backend_address": true,

                "port": 443,

                "probe_id": "",

                "probe_name": "",

                "protocol": "Https",

                "request_timeout": 20,

                "trusted_root_certificate_names": []

              }

            ],

            "custom_error_configuration": [],

            "enable_http2": true,

            "fips_enabled": false,

            "firewall_policy_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/pol-demo-3",

            "force_firewall_policy_association": false,

            "frontend_ip_configuration": [

              {

                "id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/frontendIPConfigurations/appGwPublicFrontendIpIPv4",

                "name": "appGwPublicFrontendIpIPv4",

                "private_ip_address": "",

                "private_ip_address_allocation": "Dynamic",

                "private_link_configuration_id": "",

                "private_link_configuration_name": "",

                "public_ip_address_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/publicIPAddresses/pep-gwy-demo-3",

                "subnet_id": ""

              }

            ],

            "frontend_port": [

              {

                "id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/frontendPorts/port_443",

                "name": "port_443",

                "port": 443

              }

            ],

            "gateway_ip_configuration": [

              {

                "id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/gatewayIPConfigurations/appGatewayIpConfig",

                "name": "appGatewayIpConfig",

                "subnet_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/virtualNetworks/vnet-demo-3/subnets/default"

              }

            ],

            "global": [],

            "http_listener": [

              {

                "custom_error_configuration": [],

                "firewall_policy_id": "",

                "frontend_ip_configuration_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/frontendIPConfigurations/appGwPublicFrontendIpIPv4",

                "frontend_ip_configuration_name": "appGwPublicFrontendIpIPv4",

                "frontend_port_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/frontendPorts/port_443",

                "frontend_port_name": "port_443",

                "host_name": "",

                "host_names": [],

                "id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/httpListeners/list-demo-3",

                "name": "list-demo-3",

                "protocol": "Https",

                "require_sni": false,

                "ssl_certificate_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/sslCertificates/gwy-cert",

                "ssl_certificate_name": "gwy-cert",

                "ssl_profile_id": "",

                "ssl_profile_name": ""

              }

            ],

            "id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3",

            "identity": [

              {

                "identity_ids": [

                  "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.ManagedIdentity/userAssignedIdentities/gwy-demo-3-identity"

                ],

                "type": "UserAssigned"

              }

            ],

            "location": "centralus",

            "name": "gwy-demo-3",

            "private_endpoint_connection": [],

            "private_link_configuration": [],

            "probe": [],

            "redirect_configuration": [],

            "request_routing_rule": [

              {

                "backend_address_pool_id": "",

                "backend_address_pool_name": "",

                "backend_http_settings_id": "",

                "backend_http_settings_name": "",

                "http_listener_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/httpListeners/list-demo-3",

                "http_listener_name": "list-demo-3",

                "id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/requestRoutingRules/rule-demo-3",

                "name": "rule-demo-3",

                "priority": 1001,

                "redirect_configuration_id": "",

                "redirect_configuration_name": "",

                "rewrite_rule_set_id": "",

                "rewrite_rule_set_name": "",

                "rule_type": "PathBasedRouting",

                "url_path_map_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/urlPathMaps/rule-demo-3",

                "url_path_map_name": "rule-demo-3"

              }

            ],

            "resource_group_name": "rg-demo-3",

            "rewrite_rule_set": [

              {

                "id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/rewriteRuleSets/rewrite-demo-3",

                "name": "rewrite-demo-3",

                "rewrite_rule": [

                  {

                    "condition": [

                      {

                        "ignore_case": true,

                        "negate": false,

                        "pattern": "(https?):\\/\\/.*azurewebsites\\.net(.*)$",

                        "variable": "http_resp_Location"

                      }

                    ],

                    "name": "LocationRewrite",

                    "request_header_configuration": [],

                    "response_header_configuration": [

                      {

                        "header_name": "Location",

                        "header_value": "{http_resp_Location_1}://23.99.215.80{http_resp_Location_2}"

                      }

                    ],

                    "rule_sequence": 100,

                    "url": []

                  }

                ]

              }

            ],

            "sku": [

              {

                "capacity": 0,

                "name": "WAF_v2",

                "tier": "WAF_v2"

              }

            ],

            "ssl_certificate": [

              {

                "data": "",

                "id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/sslCertificates/gwy-cert",

                "key_vault_secret_id": "https://kv-demo-3.vault.azure.net/secrets/gwy-demo-3",

                "name": "gwy-cert",

                "password": "",

                "public_cert_data": ""

              }

            ],

            "ssl_policy": [],

            "ssl_profile": [],

            "tags": {},

            "timeouts": null,

            "trusted_client_certificate": [],

            "trusted_root_certificate": [],

            "url_path_map": [

              {

                "default_backend_address_pool_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/backendAddressPools/fn2-demo-3",

                "default_backend_address_pool_name": "fn2-demo-3",

                "default_backend_http_settings_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/backendHttpSettingsCollection/bset-demo-3",

                "default_backend_http_settings_name": "bset-demo-3",

                "default_redirect_configuration_id": "",

                "default_redirect_configuration_name": "",

                "default_rewrite_rule_set_id": "",

                "default_rewrite_rule_set_name": "",

                "id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/urlPathMaps/rule-demo-3",

                "name": "rule-demo-3",

                "path_rule": [

                  {

                    "backend_address_pool_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/backendAddressPools/fn2-demo-3",

                    "backend_address_pool_name": "fn2-demo-3",

                    "backend_http_settings_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/backendHttpSettingsCollection/bset-demo-3",

                    "backend_http_settings_name": "bset-demo-3",

                    "firewall_policy_id": "",

                    "id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/urlPathMaps/rule-demo-3/pathRules/fn2",

                    "name": "fn2",

                    "paths": [

                      "/fn2/*"

                    ],

                    "redirect_configuration_id": "",

                    "redirect_configuration_name": "",

                    "rewrite_rule_set_id": "",

                    "rewrite_rule_set_name": ""

                  },

                  {

                    "backend_address_pool_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/backendAddressPools/aks-demo-3",

                    "backend_address_pool_name": "aks-demo-3",

                    "backend_http_settings_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/backendHttpSettingsCollection/bset-demo-3",

                    "backend_http_settings_name": "bset-demo-3",

                    "firewall_policy_id": "",

                    "id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/urlPathMaps/rule-demo-3/pathRules/aks",

                    "name": "aks",

                    "paths": [

                      "/aks/*"

                    ],

                    "redirect_configuration_id": "",

                    "redirect_configuration_name": "",

                    "rewrite_rule_set_id": "",

                    "rewrite_rule_set_name": ""

                  },

                  {

                    "backend_address_pool_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/backendAddressPools/fn-demo-3",

                    "backend_address_pool_name": "fn-demo-3",

                    "backend_http_settings_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/backendHttpSettingsCollection/bset-demo-3",

                    "backend_http_settings_name": "bset-demo-3",

                    "firewall_policy_id": "",

                    "id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/urlPathMaps/rule-demo-3/pathRules/fn",

                    "name": "fn",

                    "paths": [

                      "/fn/*"

                    ],

                    "redirect_configuration_id": "",

                    "redirect_configuration_name": "",

                    "rewrite_rule_set_id": "/subscriptions/abc12345-495c-475e-9349-dfb252897b9e/resourceGroups/rg-demo-3/providers/Microsoft.Network/applicationGateways/gwy-demo-3/rewriteRuleSets/rewrite-demo-3",

                    "rewrite_rule_set_name": "rewrite-demo-3"

                  }

                ]

              }

            ],

            "waf_configuration": [],

            "zones": []

          },

          "sensitive_attributes": [],

          "private": "<encrypted_string>"

        }

      ]

    }

  ],

  "check_results": null

}

Saturday, July 29, 2023

 Using the Azure Database Migration Service to transfer data from source to destination MySQL database servers. 

When we want to transfer data and schema between databases whether they are on-premises or in the cloud, the azure data migration service instance comes helpful.  

Some highlights: 

  1. One instance works across all subscriptions. 

  1. Can transfer between on-premises and cloud and cloud to cloud. 

  1. Pay-per-use billing. 

  1. Provides a wizard to create data transfer activity. 

Some cons: 

  1. Limited features via IaC as compared to the portal but enough to get by. 

  1. Not recommended for developer instances or tiny databases that can be exported and imported via mysqldump. 

  1. binlog_expire_logs_seconds must be set to non-zero value on source server. 

The steps to perform the data transfer activity between the source and destination MySQL servers involves: 

  1. Create a source mysql instance mysql-src-1 in rg-mysql-1 

  1. Create a database and add a table to mysql-src-1 

  1. Create a destination mysql instance mysql-dest-1 in rg-mysql-1 

  1. Deploy the DMS service instance and project. 

  1. Create and run an activity to transfer data. 

  1. Verify the data. 

IaC: 

resource "azurerm_database_migration_service" "single-to-flexible-dms" { 

  name                = var.name 

  location            = var.location 

  resource_group_name = var.resource_group_name 

  subnet_id           = var.subnet_id 

  sku_name            = var.sku_name 

  tags                = var.tags 

} 

 

resource "azurerm_database_migration_project" "dms-project" { 

  name                = format("prj-%s", azurerm_database_migration_service.single-to-flexible-dms.name) 

  service_name        = azurerm_database_migration_service.single-to-flexible-dms.name 

  resource_group_name = azurerm_database_migration_service.single-to-flexible-dms.resource_group_name 

  location            = azurerm_database_migration_service.single-to-flexible-dms.location 

  source_platform     = try(var.source_platform, "SQL") 

  target_platform     = try(var.target_platform, "SQLDB") 

  tags                = azurerm_database_migration_service.single-to-flexible-dms.tags 

  depends_on = [ 

    azurerm_database_migration_service.single-to-flexible-dms 

  ] 

}