How to add an app service to Azure Gateway having an ASE
I have a new app service to deploy to an existing Azure App Gateway which already manages some app services.
After copying the configuration of those others applications, I found that the new app service is unreachable from external calls while all others are and I'm struggling to find out why.
The custom certificate and custom domain binded to the app service seems fine :
I can see in the backend pool the new app rule :
the http setting is set, the same way as the other applications, with the certificates of the ASE :
The new listener appears in the Frontend Ip configuration:
The listener is set and linked to its rule and hostname:
the rule is set :
The probe is set as well and the Health Check gives me a green status for the app. I can see in App Insights of the app service the pings from the health probe succeeding, so the gateway can communicate with the app.
But when I try from an outside source (postman or browser) I get an Error: getaddrinfo ENOTFOUND.
Did I miss a step? Does that mean that the domain has not been set correctly? Something else? (sorry, probably too many screenshots)
Thanks for any help
• You may not be able to access the app service from outside source or internet because you need to have DNS entries for your ASE (Application Service Environment) so that the deployment task can reach it; but if you have an internal only ASE, those entries aren't created in public DNS, and Microsoft doesn't manage private DNS. Thus, Microsoft proposes creating the DNS entries in your internal DNS zone as below: -
Create Zone {ASE Name}.appserviceenvironment.net
Type: Primary Zone
Store the zone in AD: True
Zone Replication: To all DNS servers in the domain
Zone Name: {ASE Name}.appserviceenvironment.net
Allow only secure updates: true
Create A Record under {ASE Name}.appserviceenvironment.net
Name: *
IP: {ASE's Private IP}
Create Child Zone under {ASE Name}.appserviceenvironment.net
Name: scm
• Please check whether the FQDN for the app service is present or not and the IP mapped to the ASE alone won't work since all apps on the ASE will have the same IP as we need for hostname resolution. Since you have an application gateway in front of the app service, and you have multiple app services hosted behind the same application gateway which are resolved to FQDN. And this fails since the application gateway can’t resolve FQDN to an IP, so the DNS needs to be updated.
I would also suggest you to please go through the below documentation link for detailed information on DNS configuration regarding the ASE deployed: -
https://learn.microsoft.com/en-us/azure/app-service/environment/create-ilb-ase#dns-configuration
- Deploy filtered metrics on Azure dashboard with Bicep
- IAsyncEnumerable JSON streaming is not streaming on azure web app running on IIS
- node-fetch azure document translator
- Need help getting Azure AD B2C SSO with Azure AD
- Unable to get all users from Microsoft Graph using Python SDK
- You need to ensure that WebApp1 uses the ASP.NET v4.7 runtime stack
- MS Graph API - How to query additional pages
- how to hash users into random values in azure databricks
- How can I manage Azure SQL user/login/credentials
- How to connect secrets value stored in Azure key vault to Azure app service env variables directly
- AVD Insights Host Performance Blade Empty after vhange to new Azure Monitoring Agent
- How to get a list of users from azure graph API
- Azure App Service Flask Deployment Error: "Failed to Respond to HTTP Pings on Port 8000; Site Start Failed. Check Container Logs for Debugging."
- Azure Function App - No continuous deployment setting for "Flex Consumption" hosting plan?
- Az-GetRoleAssigments Not returning Data for DisplayName, SignInName & Object Type - Azure Powershell Runbook
- Can you publish a new standalone Angular project (esproj) directly from VS2022 to Azure?
- Cors configuration
- Publish error: Found multiple publish output files with the same relative path
- remove event subscriptions from system topics
- Is it possible to use .env in a React Web project?
- Sign in to Azure Account from VS Code
- How to copy blobs from azure to aws using python?
- AKV10032: Invalid issuer error when connecting to Azure Key Vault from App Service
- how to mask hash users into random values [email protected] in azure databricks
- Can we use PostgREST API with Azure
- Bicep adding DNS Records saying already exists when it doesn't
- Issue in sending personal message in MS Teams with Graph API
- import files to databricks workspace
- Create an Api connection to log analytics workspace via bicep
- az funcapp publish .net8 Isolated breaking Azure configuration runtime settings on Sync