I have two GKE cluster (GKE-OLD and GKE-NEW) running behind two separate load balancers.
The GKE-OLD cluster runs behind a L4 global load balancer where as the GKE-NEW cluster runs behind a L7 load balancer.
The services of the clusters are accessible through two separate domain names.
www.service.company.com points to the L4 load balancer behind which the GKE-OLD cluster is running.
www.service-1.company.com points to the L7 load balancer behind which the GKE-NEW cluster is running.
I want to eventually get rid of the old cluster and LB associated with it. However, I want to keep the domain name (www.service.company.com) from the old cluster and eventually retire the www.service-1.company.com domain name that is associated with the new cluster.
Before I decommission the old cluster, the current setup I want to have should look something like this:
My questions are:
Can we have multiple domains pointing at same IP address (LB) and same domain pointing at multiple IP addresses (LBs) at the same time?
www.service.company.com and www.service-1.company.com pointing at the same load balancer. And www.service.company.com pointing at both L4 and L7 LBs.
Can we have multiple domains pointing at same IP address (LB) and same domain pointing at multiple IP addresses (LBs)
Yes you can have multiple names resolve to the same IP address (either directly with A and AAAA or through CNAME records),
and yes you can have a name resolving to multiple IP addresses (again through direct A+AAAA records or through CNAME records), but in which case, except if there is some specific tooling on the client side (the application consuming those records), things will work in a load balancing fashion among all addresses, not in failover fashion.
Related
Currently my LB has a IPv4 frontend address and one backend pool with 5 VMs with IPv4 private addresses.
We would like to add IPv6 support to our Service Fabric cluster. I found this article: https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-ipv6-overview and I see a lot of "Currently not supported" texts.
The IPv6 address is assigned to the LB, but I cannot make rules:
Failed to save load balancer rule 'rulename'. Error: Frontend ipConfiguration '/subscriptions/...' referring to PublicIp with PublicIpAddressVersion 'IPv6' does not match with PrivateIpAddressVersion 'IPv4' referenced by backend ipConfiguration '/subscriptions/...' for the load balancer rule '/subscriptions/...'.
When I try to add a new backend pool, I get this message:
One basic SKU load balancer can only be associated with one virtual machine scale set at any point of time
Questions:
When can we expect the feature to have multiple LBs before one VMSS?
Is it possible to add IPv6 frontend without adding IPv6 to the backend (NAT64?)?
Is it possible to add IPv6 addresses to an existing VM scale set without recreating it?
Not sure I am understanding you exactly, It seems that some limitations are in that article.
For your questions:
I guess you mean mapping multiple LB frontends to one backend pool. If so, the same frontend protocol and port are reused across multiple frontends since each rule must produce a flow with a unique combination of destination IP address and destination port. You can get more details about multiple frontend configurations with LB.
It is not possible. The IP version of the frontend IP address must match the IP version of the target network IP configuration.
NAT64 (translation of IPv6 to IPv4) is not supported.
It is not possible, A VM Scale Set is essentially a group of load balanced VMs. There are a few differences between VM and A Vmss, you can refer to this. Also, If a network interface has a private IPv6 address assigned to it, you must add (attach) it to a VM when you create the VM. Read the network interface constraints.
You may not upgrade existing VMs to use IPv6 addresses. You must
deploy new VMs.
I am curious, I am analyzing the DNS section for the website imgur.com. My doubt is that when I run "dig imgur.com" dig only returns an IP address, if I run again the same command dig returns another IP address or sometimes the same.
Another question:
By using dig www.imgur.com get a CNAME to another domain, is this normal?, Can someone explain to me?
Thanks
You should check Round-robin DNS.
Round Robin DNS is a technique of load distribution, load balancing,
or fault-tolerance provisioning multiple, redundant Internet Protocol
service hosts, e.g., Web server, FTP servers, by managing the Domain
Name System's (DNS) responses to address requests from client
computers according to an appropriate statistical model.
In its simplest implementation, Round-robin DNS works by responding to
DNS requests not only with a single potential IP address, but with one
out of a list of potential IP addresses corresponding to several
servers that host identical services. The order in which IP addresses
from the list are returned is the basis for the term round robin. With
each DNS response, the IP address sequence in the list is permuted.
Usually, basic IP clients attempt connections with the first address
returned from a DNS query, so that on different connection attempts,
clients would receive service from different providers, thus
distributing the overall load among servers.
We have 2 servers hosting a particular service on google cloud. How to do a simple round-robin DNS configuration to distribute the load?
According to this thread Google Cloud DNS does not support round-robin.
You can set up DNS round robin with Cloud DNS simply by adding more than one IP address to your DNS record.
You might want to look into Google Compute Engine's Load Balancing options. This will allow you to have one IP address that sends traffic to your two servers. This has a few advantages, including that you can configure it to automatically stop sending traffic to an instance if it fails a health check.
I want to make a coreos cluster consists of local machines behind one public ip address and coreos hosts on a cloud service like digitalocean.
I am wondering whether this is possible? Since all the local machines will have the same public ip address. If this is possible please let me know how to do this setup.
Thank you
Jake He
You can achieve this using DNS since it can hold multiple records for the same domain name. look here
You can achieve this using load balancer - create a virtual IP and a pool with all the local IPs of the CoreOS servers - but take into consideration that some load balancers force you to create a single pool and virtual server for each service port you would like to balance. (Such as bigip-api for instance)
I want to have three public ip addresses for my VM in azure. I got one when I created the VM and now I want to assign two reserved ip addresses to my VM. I was able to create the reserved ip address but not sure how to assign them to existing VM or assign multiple to a new VM. Any suggestions on how to do this?
In Azure, a Load Balancer is required in order to direct traffic from multiple VIP addresses to a single (or multiple) VMs.
If, for example, you want a single VM to host multiple websites, all of which need to be accessible externally via port 443, you'd need three VIP addresses assigned to the Load Balancer, with a NAT on each at least two of the VIPs; i.e.
Site a: Incoming 443-443 to VM
Site b: Incoming 443-444 to VM
Site c: Incoming 443-445 to VM
All the traffic from the Load Balancer could then be routed to one VM, where you'd direct traffic on each incoming port to the required website based. This MS article explains it really well: https://azure.microsoft.com/en-gb/documentation/articles/load-balancer-multivip/
Reserved IP addresses are a way of ensuring that your VIP is no longer dynamic, which they are by default. The following article explains it well, including how to take an existing Cloud Service's currently-running dynamic VIP and making it static (Reserved): https://azure.microsoft.com/en-gb/documentation/articles/virtual-networks-reserved-public-ip/
An Azure VM can have two public IP addresses - one is the VIP of the cloud service containing the VM (as long as there are endpoints configured for the VM) and the other is the PIP (or public instance IP address) associated with the VM. A reserved IP address is an orthogonal concept to VIPs and PIPs and its use is documented here. I did a post on VIPs, DIPs and PIPs that you may find helpful.