Question - In case the front-end hosting of an application is done on Azure, if the user needs the database hosting to be done on an on-premise server due to security concerns, how will you handle the Azure connectivity?
Answer -
There are a few possibilities to resolve this:
- Azure VNET based point-to-site service can be used to connect one on-premise DB to an Azure-hosted application. This is valid where there are limited resources to be connected via VPN.
- In case of more resources for connection, site to site or express routes are the solution. Site to site might cause network latency as the VPN works only via public infrastructure, which is the internet. In that case, express routes can be used as it has a dedicated leased line that solves latency issues.
- In case VNET is not preferred, Windows Communication Foundation (WCF) service can be developed and hosted on-premise. It will have CRUD operations intended solely for the database that is hosted on-premise. It uses the service bus relay that can build communication between the Azure-hosted app to the WCF service for database access.