locked
Role endpoints don't always work RRS feed

  • Question

  • I have one worker role and one web role; I need to have two tcp internal endpoints on the worker role and one tcp internal endpoint on the web role. I started on this project a while back when I had one tcp internal endpoint on each role; the worker role internal endpoint always worked just fine, but I had a lot of trouble to make the one on the web role work, it eventually did work and I didn't even know how because I seriously didn't change a thing, I just kept republishing the project. Today I needed to go back to the project, and to my surprise, the tcp endpoint on the web role didn't work, and I tried adding a second tcp endpoint on the worker role and that didn't work either.

    The ports that I'm using are 55777 and 55667 for the worker role and 55800 for the web role.

    Any help would be appreciated. 

    This is my SerficeDefinition.csdef:

    <?xml version="1.0" encoding="utf-8"?>
    <ServiceDefinition name="KNetEngineCS" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceDefinition" schemaVersion="2015-04.2.6">
      <WorkerRole name="KNetEngine" vmsize="Small">
        <Startup>
          <Task commandLine="InstallService.cmd" executionContext="elevated" taskType="simple" />
        </Startup>
        <ConfigurationSettings>
          <Setting name="Microsoft.WindowsAzure.Plugins.Diagnostics.ConnectionString" />
          <Setting name="APPINSIGHTS_INSTRUMENTATIONKEY" />
        </ConfigurationSettings>
        <Imports>
          <Import moduleName="RemoteAccess" />
          <Import moduleName="RemoteForwarder" />
        </Imports>
        <Endpoints>
          <InternalEndpoint name="ForEngine" protocol="tcp" port="55777" />
          <InternalEndpoint name="ForServer" protocol="tcp" port="55667" />
        </Endpoints>
      </WorkerRole>
      <WebRole name="TestWebRole" vmsize="Small">
        <Sites>
          <Site name="Web">
            <Bindings>
              <Binding name="Endpoint1" endpointName="Endpoint1" />
            </Bindings>
          </Site>
        </Sites>
        <ConfigurationSettings>
          <Setting name="Microsoft.WindowsAzure.Plugins.Diagnostics.ConnectionString" />
        </ConfigurationSettings>
        <Endpoints>
          <InputEndpoint name="Endpoint1" protocol="http" port="80"/>
           <InternalEndpoint name="WebInternal" protocol="tcp" port="55800"/>
        </Endpoints>
        <Imports>
          <Import moduleName="RemoteAccess" />
        </Imports>
      </WebRole>
      <NetworkTrafficRules>
        <OnlyAllowTrafficTo>
          <Destinations>
            <RoleEndpoint roleName="KNetEngine" endpointName="ForEngine" />
          </Destinations>
          <WhenSource matches="AnyRule">
            <FromRole roleName="TestWebRole" />
          </WhenSource>
        </OnlyAllowTrafficTo>
        <OnlyAllowTrafficTo>
          <Destinations>
            <RoleEndpoint roleName="KNetEngine" endpointName="ForServer" />
          </Destinations>
          <WhenSource matches="AnyRule">
            <FromRole roleName="TestWebRole" />
          </WhenSource>
        </OnlyAllowTrafficTo>
         <OnlyAllowTrafficTo>
          <Destinations>
            <RoleEndpoint roleName="TestWebRole" endpointName="WebInternal"/>
          </Destinations>
          <WhenSource matches="AnyRule">
            <FromRole roleName="KNetEngine"/>
          </WhenSource>
        </OnlyAllowTrafficTo>
      </NetworkTrafficRules>
    </ServiceDefinition>
    
    • Edited by Tofla Tuesday, April 24, 2018 8:09 AM
    Monday, April 23, 2018 11:27 AM

Answers

  • It turned out that the Network Traffic Rules were actually the blockers here; I removed them and everything went smoothly.

    • Marked as answer by Tofla Tuesday, April 24, 2018 11:21 AM
    Tuesday, April 24, 2018 11:21 AM

All replies

  • After you define internal endpoints, you can add network traffic rules (based on the endpoints that you created) to control how role instances can communicate with each other. 

    Kindly go through common scenarios for controlling role compunction and modify accordingly.

    For more details, refer “Network traffic rules to control role communication”.

    -----------------------------------------------------------------------------------------------

    If this answer was helpful, click “Mark as Answer” or “Up-Vote”. To provide additional feedback on your forum experience, click here

    Tuesday, April 24, 2018 5:10 AM
  • I did add network traffic rules (as you can see in the code that I posted), and the link that you posted was actually my start point for roles communication.
    Tuesday, April 24, 2018 8:08 AM
  • It turned out that the Network Traffic Rules were actually the blockers here; I removed them and everything went smoothly.

    • Marked as answer by Tofla Tuesday, April 24, 2018 11:21 AM
    Tuesday, April 24, 2018 11:21 AM
  • Glad to hear that your issue has been resolved.
    Wednesday, April 25, 2018 2:40 AM