Board Review: Event Hubs - Custom Endpoint Support

[jsquire]

The Basics

• Service team responsible for the client library: Event Hubs
• Link to documentation describing the service: https://azure.microsoft.com/en-us/services/event-hubs/
• Contact email (if service team, provide PM and Dev Lead): SeongJoon Kwak, Javier Fernandez , Shubha Vijayasarathy

About this client library

• Name of the client library: azure-messaging-eventhubs
• Languages for this review: Python, Java, .NET, JS
• Link to the service REST APIs: N/A

Artifacts required (per language)

.NET

• API View
• Design Proposal (includes samples)

Java

• API View
• Java Samples

Python

• API View
• Python Samples

TypeScript

• API View
• JavaScript Samples

Champion Scenarios

Connecting on a restricted network

A local hospital employs a strict set of network policies to ensure the safety of their network and the security of their patient information. As part of this strategy, all traffic is routed through a security proxy which performs a threat analysis and logging of connections.

In order to allow for trusted internal applications to embrace cloud services, a special bank of IP addresses has been reserved which passes through a secure DMZ path rather than the security proxy. In order for trusted connections to work appropriately, they must resolve to one of the reserved IP addresses using a CNAME configured in the local DNS service.

Because of these restrictions, applications are unable to perform direct connections to the Azure Event Hubs service using the standard endpoint address and require the ability to specify a custom host name to ensure they route through the proper intermediary for the connection to be made.

[jsquire]

//cc: @KrzysztofCwalina

[KrzysztofCwalina]

This (one additional property on client options) looks good to me.

[bterlson]

Same here.

[johanste]

Is this only an issue for EventHubs?

[JonathanGiles]

Fine with me.

[jsquire]

Is this only an issue for EventHubs?

This will also be an issue in Service Bus, due to the Messaging infrastructure for routing to a node in their cluster. It should not, to my knowledge, impact other services.

[johanste]

Should it be considered a proxy setting?

[jsquire]

I don't believe that would work, unless I'm misunderstanding the question. For the Messaging clients, a proxy can only be used when WebSockets are selected as the transport. The custom endpoint needs to be applied for both TCP and WebSocket.

For some languages, like C#, we're expecting a built-in framework type for the proxy, which is provided by the caller and for which there are no additional options passed. The proxy as well as the other transport values are supplied as part of the EventHubConnectionOptions, which is where this setting was added, since it is also related to how connections are established.

[JeffreyRichter]

I spoke to Jesse and I'm OK with this.

[ramya-rao-a]

Closing as this has been implemented across languages