我的书签
添加书签
移除书签Azure Event Grid binding spec
To setup Azure Event Grid binding create a component of type . See this guide on how to create and apply a binding configuration.
See for Azure Event Grid documentation.
Warning
The above example uses secrets as plain strings. It is recommended to use a secret store for the secrets as described .
Scope is the identifier of the resource to which the event subscription needs to be created or updated. The scope can be a subscription, or a resource group, or a top level resource belonging to a resource provider namespace, or an Event Grid topic. For example:
'/subscriptions/{subscriptionId}/'for a subscription'/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}'for a resource group'/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}'for a resource'/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}'for an Event Grid topic
This component supports output binding with the following operations:
create
Event Grid Binding creates an event subscription when Dapr initializes. Your Service Principal needs to have the RBAC permissions to enable this.
# First ensure that Azure Resource Manager provider is registered for Event Gridaz provider register --namespace Microsoft.EventGrid# Give the SP needed permissions so that it can create event subscriptions to Event Gridaz role assignment create --assignee <clientId> --role "EventGrid EventSubscription Contributor" --scopes <scope>
Make sure to also to add quotes around the [HandshakePort] in your Event Grid binding component because Kubernetes expects string values from the config.
- Run locally using custom port
9000for handshakes
# Using random port 9000 as an examplengrok http -host-header=localhost 9000
- Configure the ngrok’s HTTPS endpoint and custom port to input binding metadata
- Run Dapr
Azure Event Grid requires a valid HTTPS endpoint for custom webhooks. Self signed certificates won’t do. In order to enable traffic from public internet to your app’s Dapr sidecar you need an ingress controller enabled with Dapr. There’s a good article on this topic: .
To get started, first create dapr-annotations.yaml for Dapr annotations
controller:podAnnotations:dapr.io/enabled: "true"dapr.io/app-id: "nginx-ingress"dapr.io/app-port: "80"
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginxhelm repo updatehelm install nginx-ingress ingress-nginx/ingress-nginx -f ./dapr-annotations.yaml -n default# Get the public IP for the ingress controllerkubectl get svc -l component=controller -o jsonpath='Public IP is: {.items[0].status.loadBalancer.ingress[0].ip}{"\n"}'
If deploying to Azure Kubernetes Service, you can follow the official MS documentation for rest of the steps
- Add an A record to your DNS zone
- Install cert-manager
- Create a CA cluster issuer
Final step for enabling communication between Event Grid and Dapr is to define http and custom port to your app’s service and an in Kubernetes. This example uses .NET Core web api and Dapr default ports and custom port 9000 for handshakes.
Deploy binding and app (including ingress) to Kubernetes
# Deploy Dapr componentskubectl apply -f eventgrid.yamlkubectl apply -f dotnetwebapi.yaml
Troubleshooting possible issues with Nginx controller
After initial deployment the “Daprized” Nginx controller can malfunction. To check logs and fix issue (if it exists) follow these steps.
$ kubectl get pods -l app=nginx-ingressNAME READY STATUS RESTARTS AGEnginx-nginx-ingress-controller-649df94867-fp6mg 2/2 Running 0 51mnginx-nginx-ingress-default-backend-6d96c457f6-4nbj5 1/1 Running 0 55m$ kubectl logs nginx-nginx-ingress-controller-649df94867-fp6mg nginx-ingress-controller# If you see 503s logged from calls to webhook endpoint '/api/events' restart the pod# .."OPTIONS /api/events HTTP/1.1" 503..$ kubectl delete pod nginx-nginx-ingress-controller-649df94867-fp6mg# Check the logs again - it should start returning 200
