Securely expose data from legacy system to cloud — Azure Relay
Recently I have been working on one of the modules where I need to grab data from a legacy system and pass the data to Azure component (in my case Azure functions).
There were few restrictions which I need to keep in mind
- We can’t open up ports to connect to the legacy system from outside world.
- We can’t overload the system with increase in the number of requests.
Azure Relay’s: Azure Relay service enables us to expose an on-premise service to the public cloud without opening up ports in firewall.
Below fig’s.
- Shows an existing on-premise application which sits behind the firewall.
- After migrating web application onto cloud, Service will be segregated into 2 parts. One sits in the cloud and other one will be behind the firewall(on-premise).
Creating Azure Relay:
Azure Relay’s can be created in the portal as shown here. After creating the Relay make sure to copy the SAS key and relay namespace.
Create Service.Service:
Create a console application, add below code into your program.cs file
Add the below configuration to your App.config file.
netTcpRelayBinding, provides a secure binding for on-premise and cloud communications. More about netTcpRelayBinding here.
Create yourService.cs, this is where the actual implementation of the service resides. It can have logic call your legacy application and get the data or can have logic to read data from your on-premise database.
Create Service.Client:
Create a console application, add below code into your program.cs file
Create IServiceChannel, which implements IClientChannel (from System.ServiceModel)
Both IYourService and YourObject, will be used in Service.Service and Service.Client projects.
Add below configuration to your app.config file
In the solution properties, set both Service.Service and Service.Client as startup projects, and Service.Client should be dependent on Service.Service project.
Conclusion: Azure Relay service is helpful when dealing the legacy systems/ on-premise database servers, where client is not shift the database from on-premise to cloud.
You can access the complete code here.
Thanks for reading, if you have any suggestions please drop me a note.