0

I have web and api app deployed within ILB ASE fronted by Application Gateway.Would I be able to make the calls from my web app to api app without exposing api app externally? If so, how can I do that?

I configured application gateway to point to the front end web app. I created internet routable domain and added to custom domain in my web app. In my DNS, I pointed the custom domain to hostname of the application gateway and I am able to logon to my web app. But, I see my web app written in AngualarJS is making XMLHttpRequest to backend API URL and as the backend API URL can not be resolved from my desktop, it is failing.

My requirement is not to expose API app outside of the ILB ASE VNET. Any suggestions?

Continuous Learner
  • 1

1 Answers1

0

If you want the web app and API could communicate with each other in an ILB ASE, you need to deploy an internal DNS service. For example, you could deploy a custom DNS server on Azure VM in the same Azure VNet. You can specify DNS server IP addresses in the VNet settings. The VNet is your ASE subnet located.

Please note that restart ASE after DNS IP address is added to VNet if you add the DNS after you deploy ASE. You could refer to this and read more details about custom DNS in ASE. Let me know if this works.

Nancy
  • 26,865
  • 3
  • 18
  • 34
  • Thanks for your reply. I tried this, but it did not work. I created custom DNS server inside the VNET and changed the VNET DNS Servers to point to this VM. From the KUDU console of the web app, I verified that namresolver resolving the hostname for the API app to ILB IP address using the custom DNS Server. Also, I added WEBSITE_DNS_SERVER application setting pointing to the custom DNS Server IP. It works fine from the VM within VNET without using any entries in local hosts file. But, from internet it still fails :-(. FYI, I do not have VPN connectivity setup. Any thing I am missing? Thanks. – Continuous Learner May 12 '19 at 14:43
  • You don't need entries in local hosts file. The DNS server should have DNS entries pointing to web API. Also, the browser must either be on a host that is either in or connected to the virtual network. If you test in the on-premise environment, you need a VPN connection to connect to this VNet. Have your reboot the Azure VM and ASE? It sounds like from the VM where you're using browser could not resolve DNS name to web API. – Nancy May 13 '19 at 02:04