Application Gateway redirect to Container Instance for TCP connection

Lucas Harskamp 20 Reputation points
2023-05-09T16:47:17.5766667+00:00

Imagine the following scenario: you have an IoT Hub. However, because the devices that have been in use for decades are very old, they can only connect through TCP and deliver a simple payload in the form of a byte array. Their internal memory cannot even store a large url to send everything to, so you end up having to use a direct IP Address and a port. So, a container instance is made with a port opened for that TCP connection, an image is made from a C#.NET console application that opens a TCP listener, gets the payload data from the device (e.g. a heartbeat), translates it into a useful format and proceeds to send that to the IoT Hub. That is all tested and working as intended. However, container instances do not have a static ip nor can one be assigned to it. Thus, to make it useful, one has to redirect the static ip to the container instance. I've tried many options, foremostly with an Application Gateway/Virtual Network, but whenever I try to set that up it complains that the backend pool cannot become healthy. (I suspect this is because the container only teceives messages but never replies, it's a fire&forget mechanism) What would be the best way to set this up?

Azure Container Instances
Azure Container Instances
An Azure service that provides customers with a serverless container experience.
661 questions
Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
988 questions
0 comments No comments
{count} votes

Accepted answer
  1. Konstantinos Passadis 17,376 Reputation points MVP
    2023-05-09T18:47:23.79+00:00

    Hello @Lucas Harskamp !

    Welcome to Microsoft QnA!

    To make this container instance useful, you'll need to redirect a static IP to it. One option you could consider is using an Azure Load Balancer. You could create a public IP address and then create a Basic Load Balancer with a single backend pool that points to your container instance.

    In the Load Balancer's backend pool configuration, you can configure a health probe that checks the TCP port on the container instance to determine if it is healthy. Since your container instance doesn't reply to requests, you can configure the probe to simply check if the port is open.

    Once you have the Load Balancer configured, you can configure a DNS record to point to the public IP address associated with the Load Balancer. This will allow your devices to connect to the Load Balancer using the static IP.

    Another option you could consider is using an Azure Application Gateway with a custom probe that checks the TCP port on the container instance. This would allow you to use the same IP address for the Application Gateway as well as the container instance, but it may require more configuration than the Load Balancer approach.

    https://learn.microsoft.com/en-us/azure/application-gateway/configure-application-gateway-with-private-frontend-ip

    https://learn.microsoft.com/en-us/azure/application-gateway/application-gateway-create-probe-portal

    I hope this helps!

    Kindly mark the answer as Accepted and Upvote in case it helped!

    Regards

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful