了解 Azure 应用服务计划的出站数据传输
Understanding Outbound Data Transfer for Azure App Service Plan
为了将非常小的业务 Web 应用程序从本地迁移到 Azure PaaS 服务环境,我们确定了以下暂定解决方案..
- Use Azure Storage Account to Host the front end (Angular SPA).
- Use App Service Plan to run the Back-End Spring Boot Application.
- Use Application Gateway V2 (with WAF) as public end point which will re-route traffic to both Storage account and App Service (SSL will be hosted in Gateway as it is the public endpoint)
- Use Azure SQL Server as database.
- Use VPN gateway Site to Site connection from Azure service to on-premise for out going SFTP file transfer.(very small in size).
但应用服务计划似乎不会放在应用程序 VNET 中,因此首先需要从 Azure 服务到应用程序 VNET 的 VNET 集成才能启用 VPN 连接。我们的应用程序非常小,没有 HA 或其他多重 zone/region 要求,因此使用专用 ASE(Azure 服务环境)对我们来说不可行。由于与应用程序服务的通信不会在应用程序 VNET 本地进行,因此我们正在尝试理解 Azure 网络中术语 'Out bound data transfer (specifically which are charged and not)' 与上述 PAAS 服务相关的概念。
- Does the traffic from Application Gateway (in Application VNET) to Azure Service (Plan) are considered outbound data transfer?
- If there a VNET integration is in place from Azure Service to application VNET, does the traffic going out of Azure service to application VNET is considered outbound data transfer?
由此article,我们知道
Outbound data transfer: The first 5 GB per month of outbound data
transfer is free for all Azure zones, but following that the Azure
pricing tiers will kick in based on various slabs (5–10 TB, then 40TB,
100TB, 350TB, and then everything above 500 TB).
This charge should be considered if the applications deployed in Azure
are accessed over the internet. For example, when downloading data
from Azure storage accounts or websites, accessing VMs over RDP and
SSH will incur charges as data is being transferred out of an Azure
data center.
Another scenario where these charges will be applied is with hybrid
connectivity through VPN or ExpressRoute. For VPNs, the outbound data
from the VPN Gateways will be billed at outbound data charge rates.
For ExpressRoute, outbound data transfers are chargeable for metered
data plans, and the cost will vary based on the selected plan.
针对您的问题:
- 从应用程序网关(在应用程序 VNET 中)到 Azure 服务(计划)的流量将被视为出站数据传输
因为如果后端池是 public 端点(Azure 应用程序服务),应用程序网关将使用其前端 public IP 访问服务器。如果没有前端 public IP 地址,则会为出站外部连接分配一个。阅读How an application gateway routes a request。此外,如果您在不同地区有应用程序度假和应用程序服务计划,则会收取费用。
- 通过 VNet 集成,应用服务连接到 VNet 和 Internet。从 Azure 服务到应用程序 VNET 的流量不会被视为出站数据传输
因为流量通常通过 Azure backbone 网络,并且托管您的 Web 应用程序的 VM 被分配了来自该集成子网的私有 IP 地址。这些 IP 地址用于出站连接。如果跨区域部署所有资源,您也需要付费(为此,您可以使用需要网关的 VNet 集成)。
如果您有兴趣,可以阅读other Azure services can reduce your cloud costs。
为了将非常小的业务 Web 应用程序从本地迁移到 Azure PaaS 服务环境,我们确定了以下暂定解决方案..
- Use Azure Storage Account to Host the front end (Angular SPA).
- Use App Service Plan to run the Back-End Spring Boot Application.
- Use Application Gateway V2 (with WAF) as public end point which will re-route traffic to both Storage account and App Service (SSL will be hosted in Gateway as it is the public endpoint)
- Use Azure SQL Server as database.
- Use VPN gateway Site to Site connection from Azure service to on-premise for out going SFTP file transfer.(very small in size).
但应用服务计划似乎不会放在应用程序 VNET 中,因此首先需要从 Azure 服务到应用程序 VNET 的 VNET 集成才能启用 VPN 连接。我们的应用程序非常小,没有 HA 或其他多重 zone/region 要求,因此使用专用 ASE(Azure 服务环境)对我们来说不可行。由于与应用程序服务的通信不会在应用程序 VNET 本地进行,因此我们正在尝试理解 Azure 网络中术语 'Out bound data transfer (specifically which are charged and not)' 与上述 PAAS 服务相关的概念。
- Does the traffic from Application Gateway (in Application VNET) to Azure Service (Plan) are considered outbound data transfer?
- If there a VNET integration is in place from Azure Service to application VNET, does the traffic going out of Azure service to application VNET is considered outbound data transfer?
由此article,我们知道
Outbound data transfer: The first 5 GB per month of outbound data transfer is free for all Azure zones, but following that the Azure pricing tiers will kick in based on various slabs (5–10 TB, then 40TB, 100TB, 350TB, and then everything above 500 TB).
This charge should be considered if the applications deployed in Azure are accessed over the internet. For example, when downloading data from Azure storage accounts or websites, accessing VMs over RDP and SSH will incur charges as data is being transferred out of an Azure data center.
Another scenario where these charges will be applied is with hybrid connectivity through VPN or ExpressRoute. For VPNs, the outbound data from the VPN Gateways will be billed at outbound data charge rates. For ExpressRoute, outbound data transfers are chargeable for metered data plans, and the cost will vary based on the selected plan.
针对您的问题:
- 从应用程序网关(在应用程序 VNET 中)到 Azure 服务(计划)的流量将被视为出站数据传输
因为如果后端池是 public 端点(Azure 应用程序服务),应用程序网关将使用其前端 public IP 访问服务器。如果没有前端 public IP 地址,则会为出站外部连接分配一个。阅读How an application gateway routes a request。此外,如果您在不同地区有应用程序度假和应用程序服务计划,则会收取费用。
- 通过 VNet 集成,应用服务连接到 VNet 和 Internet。从 Azure 服务到应用程序 VNET 的流量不会被视为出站数据传输
因为流量通常通过 Azure backbone 网络,并且托管您的 Web 应用程序的 VM 被分配了来自该集成子网的私有 IP 地址。这些 IP 地址用于出站连接。如果跨区域部署所有资源,您也需要付费(为此,您可以使用需要网关的 VNet 集成)。
如果您有兴趣,可以阅读other Azure services can reduce your cloud costs。