Friday, May 11, 2012

Azure Service Bus Relay: Hybrid OnPrem/Cloud App

There is a lot of buzz around IT departments and development teams about Azure and "the cloud" regarding moving applications, services and data to Azure. If you are planning (or dreaming) about moving to Azure, the nice thing is that you don't have to go all-or-nothing, and if you do, you can migrate to the cloud one application at a time. Having some apps/data in the cloud and some on-premise is usually referred to as "Cloud Hybrid".

One of the easiest ways to achieve this is to host applications in Azure that can consume the WCF services you already know and love that live within your corporate network. This is made possible by Service Bus relay and the netTcpRelayBinding. And by the way, this does not require any custom firewall rules or any other changes to your network infrastructure, which makes it extremely clean and completely configuration-driven. Here are the steps:

 1. If you don't already have one, create a namespace in Azure Management Portal.  Goto Service Bus and click the {}New button on the top left:

Figure 1


2. Make note of the default namespace credentials (Default Issuer and Default Key) from the namespace properties, found by selecting your namespace and clicking the "View" button on the bottom-right in the properties pane:

Figure 2

3. In both your client (application in Azure) and service (internal corporate network), ensure you have all the Windows Azure Service Bus references and config values properly set.  The easiest way to do this is via NuGet.  Right-click, references, search for "WindowsAzure.ServiceBus".  Add this package to your internal WCF project and your client (Web/service) project.

Figure 3


4. Expose your internal service by adding an endpoint using the netTcpRelayBinding protocol, as well as the new behavior setting to specify your authentication issuer and secret.  The <servicename> can be anything, just make sure the setting matches on your client and service.  See Figure 4 below

Figure 4
<system.serviceModel>   
   <services>        
      <endpoint contract="MyCo.Services.IOrderService"                 
           binding="netTcpRelayBinding"                 
           address="sb://<namespace>.servicebus.windows.net/<servicename>"
           behaviorConfiguration="sbTokenProvider"/>   
   </services>  


   <behaviors>     
      <endpointBehaviors>         
         <behavior name="sbTokenProvider">            
            <transportClientEndpointBehavior> 
               <tokenProvider>                    
                  <sharedSecret issuerName="owner" issuerSecret="**key**" />  
               </tokenProvider>            
            </transportClientEndpointBehavior>         
         </behavior>      
      </endpointBehaviors>   
   </behaviors>
</system.serviceModel>

5. Configure your client - the Web app or service in Azure, by adding the following:

Figure 5
<system.serviceModel>   
   <client>      
     <endpoint name="orderservice"                 
                contract="MyServiceProxy.IOrderService"                 
                binding="netTcpRelayBinding"                 
                address="sb://<namespace>.servicebus.windows.net/<servicename>"                  behaviorConfiguration="sbTokenProvider"/>   
  </client>   

   <behaviors>     
      <endpointBehaviors>         
         <behavior name="sbTokenProvider">            
            <transportClientEndpointBehavior> 
               <tokenProvider>                    
                  <sharedSecret issuerName="owner" issuerSecret="**key**" /> 
               </tokenProvider>            
            </transportClientEndpointBehavior>         
         </behavior>      
      </endpointBehaviors>   
   </behaviors>
</system.serviceModel>

It's really as simple as that.  You now have an internal service listening on an Azure Service Bus endpoint, secured by server-generated tokens.  Once you deploy your app to Azure, you've just created your first hybrid cloud application!