Wildcard domains and cluster DNS?

Question

Wildcard domains and cluster DNS?

jezzsantos opened this issue 5 years ago · 0 comments

I have a local cluster running using all defaults. I am migrating existing services from Azure CloudServices to Azure ServiceFabric, but doing this work locally first, on a local cluster in Windows.

I have 3 existing .NETCore services, that I have converted to StatelessService, each one configured for HTTPS on its own fixed port.
For example:
service1 is on port 4431
service2 is on port 4432
service3 is on port 4433.

I have configured these services correctly (in the ServiceManifest and ApplicationManifest), and deployed them into the cluster successfully. They are all running in the cluster and I can reach each and every one of them from the desktop on their respect ports.
For example:
GET https://localhost:4431/api/health works just fine.

I have also setup the DnsServiceName for each service in the ApplicationManifest.
For example: the DNS name for:
service1 is svc1
service2 is svc2, etc

The DNS service is running in the cluster.

I have also set up a wildcard self-signed cert (for *.localhost.dev) and added entries into C:\windows\system32\drivers\etc\hosts file to work for multiple values of the wildcard subdomain:
For example:
127.0.0.1 acme.localhost.dev
127.0.0.1 contoso.localhost.dev
127.0.0.1 fabricam.localhost.dev

Now, each service uses a host header to determine which customer tenancy the service is for.
For example:
https://acme.localhost.dev.com:4431/api/health is the endpoint address for the acme tenant. The subdomain is how know which customer is calling our services.

If service1 is going to call an API on service2 (internally within the same cluster), and we do that via cluster DNS, the URL of the request would be: https://svc2:4432/api/health as far as I understand SF.

Problem 1:

This setup does not work. I get an error like "" when I try to connect from service1 to service2 (within the cluster) using a URL like: https://svc2:4432/api/action1

Problem 2:

(I cant confirm this yet because I am blocked by Problem 1 above)

Won't I lose the host header for acme now when the call arrives into service2.
What would I need to do to preserve the Host header when the call is forwarded by the DNS service?