Skip to main content
Version: 3.8

azure-functions

Description#

The azure-functions Plugin is used to integrate APISIX with Azure Serverless Function as a dynamic upstream to proxy all requests for a particular URI to the Microsoft Azure Cloud.

When enabled, the Plugin terminates the ongoing request to the configured URI and initiates a new request to Azure Functions on behalf of the client with configured authorization details, request headers, body and parameters (all three passed from the original request). It returns back the response with headers, status code and the body to the client that initiated the request with APISIX.

Attributes#

NameTypeRequiredDefaultValid valuesDescription
function_uristringTrueAzure FunctionS endpoint which triggers the serverless function. For example, http://test-apisix.azurewebsites.net/api/HttpTrigger.
authorizationobjectFalseAuthorization credentials to access Azure Functions.
authorization.apikeystringFalseGenerated API key to authorize requests.
authorization.clientidstringFalseAzure AD client ID to authorize requests.
timeoutintegerFalse3000[100,...]Proxy request timeout in milliseconds.
ssl_verifybooleanFalsetruetrue/falseWhen set to true performs SSL verification.
keepalivebooleanFalsetruetrue/falseWhen set to true keeps the connection alive for reuse.
keepalive_poolintegerFalse5[1,...]Maximum number of requests that can be sent on this connection before closing it.
keepalive_timeoutintegerFalse60000[1000,...]Time is ms for connection to remain idle without closing.

Metadata#

NameTypeRequiredDefaultDescription
master_apikeystringFalse""API Key secret that could be used to access the Azure Functions URI.
master_clientidstringFalse""Azure AD client ID that could be used to authorize the function URI.

Metadata can be used in the azure-functions Plugin for an authorization fallback. If there are no authorization details in the Plugin's attributes, the master_apikey and master_clientid configured in the metadata is used.

The relative order priority is as follows:

  1. Plugin looks for x-functions-key or x-functions-clientid key inside the header from the request to APISIX.
  2. If not found, the Plugin checks the configured attributes for authorization details. If present, it adds the respective header to the request sent to the Azure Functions.
  3. If authorization details are not configured in the Plugin's attributes, APISIX fetches the metadata and uses the master keys.

To add a new master API key, you can make a request to /apisix/admin/plugin_metadata with the required metadata as shown below:

curl http://127.0.0.1:9180/apisix/admin/plugin_metadata/azure-functions -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
"master_apikey" : "<Your Azure master access key>"
}'

Enable Plugin#

You can configure the Plugin on a specific Route as shown below assuming that you already have your Azure Functions up and running:

curl http://127.0.0.1:9180/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
"plugins": {
"azure-functions": {
"function_uri": "http://test-apisix.azurewebsites.net/api/HttpTrigger",
"authorization": {
"apikey": "<Generated API key to access the Azure-Function>"
}
}
},
"uri": "/azure"
}'

Now, any requests (HTTP/1.1, HTTPS, HTTP2) to the endpoint /azure will invoke the configured Azure Functions URI and the response will be proxied back to the client.

In the example below, the Azure Function takes in name from the query and returns a message "Hello $name":

curl -i -XGET http://localhost:9080/azure\?name=APISIX
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Request-Context: appId=cid-v1:38aae829-293b-43c2-82c6-fa94aec0a071
Date: Wed, 17 Nov 2021 14:46:55 GMT
Server: APISIX/2.10.2

Hello, APISIX

Another example of a request where the client communicates with APISIX via HTTP/2 is shown below (make sure you have configured enable_http2: true in your default configuration file (config-default.yaml). You can do this by uncommenting the port 9081 from the field apisix.node_listen):

curl -i -XGET --http2 --http2-prior-knowledge http://localhost:9081/azure\?name=APISIX
HTTP/2 200
content-type: text/plain; charset=utf-8
request-context: appId=cid-v1:38aae829-293b-43c2-82c6-fa94aec0a071
date: Wed, 17 Nov 2021 14:54:07 GMT
server: APISIX/2.10.2

Hello, APISIX

Configuring path forwarding#

The azure-functions Plugins also supports URL path forwarding while proxying requests to the Azure Functions upstream. Extensions to the base request path gets appended to the function_uri specified in the Plugin configuration.

IMPORTANT

The uri configured on a Route must end with * for this feature to work properly. APISIX Routes are matched strictly and the * implies that any subpath to this URI would be matched to the same Route.

The example below configures this feature:

curl http://127.0.0.1:9180/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
"plugins": {
"azure-functions": {
"function_uri": "http://app-bisakh.azurewebsites.net/api",
"authorization": {
"apikey": "<Generated API key to access the Azure-Function>"
}
}
},
"uri": "/azure/*"
}'

Now, any requests to the path azure/HttpTrigger1 will invoke the Azure Function and the added path is forwarded:

curl -i -XGET http://127.0.0.1:9080/azure/HttpTrigger1\?name\=APISIX\
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 01 Dec 2021 14:19:53 GMT
Request-Context: appId=cid-v1:4d4b6221-07f1-4e1a-9ea0-b86a5d533a94
Server: APISIX/2.11.0

Hello, APISIX

Delete Plugin#

To remove the azure-functions Plugin, you can delete the corresponding JSON configuration from the Plugin configuration. APISIX will automatically reload and you do not have to restart for this to take effect.

curl http://127.0.0.1:9180/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
"uri": "/azure",
"plugins": {},
"upstream": {
"type": "roundrobin",
"nodes": {
"127.0.0.1:1980": 1
}
}
}'