Running with Azureite in Https mode?

[richardjharding]

Is it possible to have the azureite container run in https enabled mode (by supplying key files via volume mount)

when I tried I observed the following in the logs

ail: a.a.aaW[0]
2024-08-05 16:59:31       Emulator Start up probe Unsuccessful. MetadataStore Health status: Unhealthy BlobStore Health status: Unhealthy
2024-08-05 16:59:31 fail: Microsoft.Extensions.Diagnostics.HealthChecks.DefaultHealthCheckService[103]
2024-08-05 16:59:31       Health check Emulator Health Check with status Unhealthy completed after 28887.9225ms with message 'Emulator Start up probe Unsuccessful. MetadataStore Health status: Unhealthy BlobStore Health status: Unhealthy'
2024-08-05 16:59:31 Retry 1 encountered an exception: Emulator Health Check failed.. Waiting 00:00:00 before next retry.
2024-08-05 16:59:56 fail: a.a.aaW[0]
2024-08-05 16:59:56       Emulator Start up probe Unsuccessful. MetadataStore Health status: Unhealthy BlobStore Health status: Unhealthy
2024-08-05 16:59:56 fail: Microsoft.Extensions.Diagnostics.HealthChecks.DefaultHealthCheckService[103]
2024-08-05 16:59:56       Health check Emulator Health Check with status Unhealthy completed after 25109.2576ms with message 'Emulator Start up probe Unsuccessful. MetadataStore Health status: Unhealthy BlobStore Health status: Unhealthy'
2024-08-05 16:59:56 Retry 2 encountered an exception: Emulator Health Check failed.. Waiting 00:00:00 before next retry.
2024-08-05 17:00:23 fail: a.a.aaW[0]
2024-08-05 17:00:23       Emulator Start up probe Unsuccessful. MetadataStore Health status: Unhealthy BlobStore Health status: Unhealthy
2024-08-05 17:00:23 fail: Microsoft.Extensions.Diagnostics.HealthChecks.DefaultHealthCheckService[103]
2024-08-05 17:00:23       Health check Emulator Health Check with status Unhealthy completed after 26998.6305ms with message 'Emulator Start up probe Unsuccessful. MetadataStore Health status: Unhealthy BlobStore Health status: Unhealthy'
2024-08-05 17:00:23 An error occurred: Emulator Health Check failed.

I assume this is as the azureite connection is fixed to use HTTP? - can it be overridden somehow?

It would make it easier to use the single azureite container for multiple purposes

[richard-leon-130524]

Any feedback on this?. I have the same error :(

[Saglodha]

Hi @richardjharding / @richard-leon-130524 ,

We don't support running Azurite in HTTPs mode today. I would like to know more about your topology and understand if it's blocking your use cases. Could you please elaborate more?

[richardjharding]

The reason for preferring to run azurite in https mode is that where possible we want to make use of the Azure Default Credentials to make the code portable from developing locally to then running in azure with a managed identity.
To do this with azurite it needs to be running in https mode - https://learn.microsoft.com/en-us/azure/storage/common/storage-use-azurite?tabs=visual-studio%2Cblob-storage#oauth-configuration

The ideal would be if we could also connect to the event hub emulator in the same way by passing just the host and default credential as we do when developing against the real event hub in azure

[victor-malod-se]

Exact same use case as @richardjharding today.

When running Azurite under HTTPS+OAuth, you could use this:

var fullyQualifiedEndpoint = new Uri("https://127.0.0.1:10000/devstoreaccount1/blobcontainername"/*example value, different when deployed*/);
var blobClient = new BlobContainerClient(fullyQualifiedEndpoint, new DefaultAzureCredential());
blobClient.CreateIfNotExists();

That would work in both scenarios with local and cloud environment. You just have to configure the endpoint of the storage.

But currently you can't have a way to make eventhub-emulator work with such resource (because of no OAuth and HTTPS support).
Today we have 4 options that I can see:

1. fall back to non-https azurite, which will make impossible to connect to azurite using DefaultAzureCredential() (see https://learn.microsoft.com/en-us/azure/storage/common/storage-use-azurite?tabs=visual-studio%2Cblob-storage#azure-sdks), which is not acceptable
2. fall back to use of connection strings everywhere, which I want to avoid in our current implementations (usage of Managed Identities is a must for my project)
3. stop using eventhub emulator and fall back to cloud resources, which is just sad considering that you could have eveything running locally.
4. Do checks in code to switch to the approriate resource according to the environment you are currently running on.

I'm stuck looking at this list trying to consider what is the best option...

[krishankumar95]

@victor-malod-se For Option 4 : Spinning up an isolated instance of Azurite container specifically for Emulator Azurite With Custom Endpoints Docker Compose and not reusing same within client code would mitigate the the need for code changes around AzureBlob connections.

EH Client will be connection string based given the current capabilities of the Emulator ; and will still require test code bifurcation when using Managed Identities.

@Saglodha for visibility : "Feature Request : Managed identity support for EH Emulator."