Azure Hybrid Connect

Background:

The organization I work for needed to move over 100 internally hosted apps to Azure's web app hosting functionality due to soon-to-be legacy OS of the platforms, reducing the need for new servers, eliminating the admin overhead, and enabling developers to work efficiently. For the proof of concept, two applications were selected, and the requirement was for both to connect to an MS SQL server on-premises with a secondary requirement to have custom domains for the apps once live.

Solution Overview

To connect to the on-premises MS SQL server, we had the options of using VNET integration and VNET peering or Azure Hybrid Connect. VNET peering would have taken longer as finding non-overlapping IP ranges in a large organization could be time-consuming. Therefore, we opted for Azure Hybrid Connect, which was simpler and provided more control over what endpoints we wanted to target. 

Azure Hybrid Connect
Azure Hybrid Connect

To achieve the second requirement - custom domains, we used the "Azure App Service Custom Domains" option, which was easy to set up, only requiring adding custom domain name, validating domain ownership, provisioning an SSL cert, and binding it to the app. 

Since this was a POC, and to minimize cost, everything currently is barebones and uses the Basic App Service Plan. Once we've "settled" and there is more comfort (and budget), the intent is to transition to the Standard plan, allowing to host more apps, define scaling out rules, and unlock the ability to use deployment slots.

Crawl, walk, run. 😉

Gotchas:

To avoid latency, it is advisable to use a Service Bus namespace in the same region as the app(s) being targeted.

Azure Hybrid Connect has some limitations such as the inability to mount a drive, use UDP, access TCP-based services that use dynamic ports, support LDAP, or Active Directory because an App Service worker cannot be domain-joined. Overall, leveraging Azure Hybrid Connect with Web Apps was quick, easy, and the right recipe for the use case.

Conclusion

Overall, leveraging Azure Hybrid Connect with Web Apps was quick, easy, and the right recipe for the use case. Highly recommended - 10/10 😁.

You should also read:

Azure Key Vault Pt.1

As you learn to use IaC and Terraform, it is natural to progress from initially supplying credentials for a resource in the main.tf…