Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Need clarification on how to configure an internal multi-region API Management? #39015

Closed
pacodelacruz opened this issue Sep 17, 2019 · 10 comments
Closed

Need clarification on how to configure an internal multi-region API Management? #39015

pacodelacruz opened this issue Sep 17, 2019 · 10 comments
Assignees
@dlepow
Labels
api-management/svc assigned-to-author doc-enhancement Pri2 triaged

Comments

@pacodelacruz
Copy link

This page describes how to configure a multi-region API Management, however, it does not cover the scenario when API Management is deployed inside a VNET in internal mode.

In this type of setup, it's common to have Azure App Gateway front facing API Management. So the questions are:

  • How is Azure App Gateway meant to resolve to a load-balanced API Management, if APIM is internal, thus the managed Traffic Manager cannot reach APIM?
  • How are internal consumers (within the VNET) meant to resolve a load-balanced API Management when the APIs are not public to the internet?

Round Robin at DNS level would not be ideal as it wouldn't cover cases when an instance is down (https://docs.microsoft.com/en-us/windows-server/networking/dns/deploy/app-lb).

Please include in the documentation what's the recommended setup.

Document Details

Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
@KetanChawda-MSFT KetanChawda-MSFT self-assigned this Sep 17, 2019
@KetanChawda-MSFT
Copy link

@pacodelacruz Thank you for your feedback! We will review and provide an update as appropriate.

@mikebudzynski any thoughts here?

@KetanChawda-MSFT
Copy link

@mikebudzynski can you please share your thoughts here.

@KetanChawda-MSFT KetanChawda-MSFT removed their assignment Sep 20, 2019
@mikebudzynski
Copy link
Contributor

API Management in internal VNET doesn't have the built-in traffic manager in multi-region configuration and you need to use your own traffic management solutions. The built-in traffic manager is provided with API Management in external VNET as well as outside VNET.

@andremarques023
Copy link
Contributor

API Management in internal VNET doesn't have the built-in traffic manager in multi-region configuration and you need to use your own traffic management solutions. The built-in traffic manager is provided with API Management in external VNET as well as outside VNET.

This should be a note section on the docs page.

@mikebudzynski
Copy link
Contributor

This should be a note section on the docs page.

It will be. We'll use this Issue to track progress.

@asubmani
Copy link
Contributor

This page describes how to configure a multi-region API Management, however, it does not cover the scenario when API Management is deployed inside a VNET in internal mode.

+1.. I am testing this..
The docs indicate that Traffic Manager is an optional feature to route traffic.
What is NOT clear is if in an APIM with PVT VNET setup; without Traffic manager, will the @(context.Deployment.Region) config setting still work?

Another thing the doc doesn't clearly mention is the below:

<set-backend-service base-url="http://contoso-us.com/" />

Is the base url the url of Backend service? It seems it is the base url of the APIM service itself. If yes, it would save a lot of frustration if the docs update it to:

<choose>
            <when condition="@("West US".Equals(context.Deployment.Region, StringComparison.OrdinalIgnoreCase))">
                <set-backend-service base-url="http://apim.contoso-us.com/" />
            </when>
            <when condition="@("East Asia".Equals(context.Deployment.Region, StringComparison.OrdinalIgnoreCase))">
                <set-backend-service base-url="http://apim.contoso-asia.com/" />
            </when>
            <otherwise>
                <set-backend-service base-url="http://apim.contoso-other.com/" />
            </otherwise>

@derekschauland
Copy link
Contributor

This is not clear at all for Internally configured APIM. If there is an internal APIM there is no load balancing of any kind unless explicitly configured by the customer? That should be called out. In addition, the steps to accomplish this:

App gateway forwards traffic to Traffic manager instance which watches two or more instances of APIM to determine which one is healthy to route traffic toward. Also if using this option, how would the APIs be kept in sync between APIM instances... checking both and updating both seems unweildy.

@adrianhall
Copy link
Contributor

#reassign:dlepow

@dlepow
Copy link
Contributor

dlepow commented Jan 26, 2023

Closing this issue as the considerations for configuring multi-region API Management instance with internal VNet are added to the article, for example: https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-deploy-multi-region#virtual-networking

@dlepow
Copy link
Contributor

dlepow commented Jan 26, 2023

#please-close

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dlepow dlepow

Labels
api-management/svc assigned-to-author doc-enhancement Pri2 triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
9 participants
@adrianhall @dlepow @pacodelacruz @andremarques023 @derekschauland @asubmani @KetanChawda-MSFT @PRMerger14 @mikebudzynski