Hello I have Virtual Machine Scale Set behind Load Balancer Basic and I would like to migrate to Load Balancer Standard tier. Is it possible with no downtime, or do I have to simply remove backend LB pool for basic and afterwards create backend pool for my VMSS within the LB Standard?
Thank you in advance.
Since you can't add multiple load balancers to VMSS, the only alternative you'd have for no downtime would be to place an alternative load balancer there for a while.
Build an HA PRoxy box out front, configure it to load balance your apps, switch over DNS to the new IP. When DNS has propagated delete old load balancer, build new one. switch back.
If you're using the frontend IP rather than DNS, then I can't think of a way to do this without downtime. But swapping frontend IP to a temp VM would be quicker than deleting / recreating an LB.
Related
I have Azure Container Instances inside a vnet and I want to implement load balancing but cannot think of a workable solution. For context, it will be a set of VMs contacting the load balancing resource which would direct the request to one of the ACIs.
Things I have tried thus far are Azure Load Balancer (does not work with ACI) and Azure Traffic Manager (cannot be inside a vnet). I don't think an application gateway is a feasible solution either. I want to know if anyone has faced this scenario before and how did they overcome it or if someone has a potential solution that I can test out?
Well, to access the ACI inside a VNet through a Load Balancer, you just need to create a Load Balancer and add the backend pool with the IP address of the ACI, here is a screenshot for it:
Then create a health probe and load balancer rule for the port you need. When all things are OK, you can access the ACI inside the VNet through the Public IP address:
Result:
ACI:
Load Balancer:
I'm configuring/testing Azure (Standard) load balancer, currently with a backend pool that has a single VM; in the future, additional VMs will be added.
With only a single VM in the BP, I assumed my app can still be configured to use the LB. However, I'm finding that the app is not able to connect to the VM in the BP e.g. winhttp timeout (12002).
The only reason I can think of as to why the LB is not sending traffic to the VM is because maybe there is an unwritten requirement that a backend pool is required to have at least two VMs/nodes. I cannot find documentation that confirms or denies.
Of course I can just test myself by adding a second VM to the BP, but not quite ready to do that yet. So thought I'd ask
FYI - the LB has two backend pools: #1 has two VMs for that component of the app, #2 has one VM for that component of the app.
#1 works fine; the LB is spreading the load across both VMs.
#2 does not work
Just really wanting to know if Azure LB can work when the backend pool has a single node, or are two or more nodes required.
Any thoughts/details on this topic?
Just really wanting to know if Azure LB can work when the backend pool
has a single node, or are two or more nodes required.
As far as I know, you can target a single VM to the backend pool. There are SKU comparison.
For example, I have a single VM that host a default website with port 8080, then I can configure it like this,
Backend pool setting
Health probes
Load balancer rules
Access the backend website via load balancer public IP address
For the error message, you may check if your configuration is well and read troubleshoot Azure Load Balancer for more details.
SETUP:
I have 2 Ubuntu VMs sitting behind an internet facing standard load balancer. LB is zone redundant, 2 VMs are set up as HA in zones 1 and 2.
VMs are spun up with a Virtual Machine Scale Set, and entire infrastructure is deployed with Terraform.
Applications running on containers in VMs are exposed on port 5050.
Inbound rules are set to allow traffic on port 80, 5050.
Vms are in the LB backend pool.
PROBLEM:
When VMs are up and running, I access the console the VMs are unable to connect to Ubuntu repo or any external package for download.
Deleting and scaling out VMs - same issue.
Load balancer rules
Load balancer health probe
However, when I delete the LB rules and Lb-probe, and recreate them, I immediately am able to download packages from ubuntu repo or any other external link.
I also deleted one VM and scaled out new a VM(after recreating lb rules and probe) and ubuntu packages, and docker packages install successfully.
This is driving me crazy, has anyone come across this?
I can not reproduce this issue in the same scenario when I deploy the entire infrastructure via the Azure portal.
According to control outbound connectivity for Standard Load Balancer:
If you want to establish outbound connectivity to a destination
outside of your virtual network, you have two options:
assign a Standard SKU public IP address as an Instance-Level Public IP address to the virtual machine resource or
place the virtual machine resource in the backend pool of a public Standard Load Balancer.
Both will allow outbound connectivity from the virtual network to outside of the virtual > network.
So, this issue may happen due to the load balancer rules that have not taken effect on the initial time or not got configuration correctly or the public-facing load-balancing frontend IP has not got provisioned. Or, you may check if there is any firewall or restriction on outbound traffic from your vmss instance.
When I have provisioned these resources. I have to associate an NSG that whitelist the allowed traffic to the subnet of VMSS instances. This will trigger Standard LB to begin to receive the incoming traffic. Also, I have changed the Upgrade policy to automatic.
Hope this information could help you.
I had the same issue. Once I added a load balancing rule, my VMs had internet access.
I created a Scale Set (using a template) with an existing virtual network.
This existing virtual network has already a Load Balancer (with a public IP) with specific VMs.
Now, I can't connect to the VMs in the scale set, There's no option to add the scale set to the Load Balancer or to add the scale set's VMs to the Load Balancer. Creating a new Load Balancer doesn't help.
It seems that the only option for adding a backend pool is using an availability set or a single VM (which is not in the Scale Set).
Is there any way to solve this? to somehow add the Scale Set to the Load Balancer or to connect to it?
The goal was to create the scale set to be in the existing Load Balancer (in the network with the other VMs), but unfortunately it didn't work.
It is not posible to add vms in different availability sets to the same lb. VMSS has its own availability set (by desing). so this is not possible.
https://social.msdn.microsoft.com/Forums/sqlserver/en-US/ccf69a9c-0a6a-47bc-afca-561cf66cdebd/multiple-availability-sets-on-single-load-balancer?forum=WAVirtualMachinesVirtualNetwork
You can work around by creating vm in the network that will act as a load balancer, but that's obviously not a PAAS solution
The goal was to create the scale set to be in the existing Load
Balancer (in the network with the other VMs), but unfortunately it
didn't work.
It is not possible and no need. Please refer to this official document. Azure VMSS instances are behind a load balancer. Also VMSS's intance could not add to a existing load balancer.
Now, I can't connect to the VMs in the scale set.
Do you create inbound NAT rules for your instance? Also, you could create a jump VM in the same VNet to login one instance. See this question.
If you could not login your VM from a jump VM, it is not a VMSS issue. You should check your instance. If you don't do any change for your instances. You could create a ticket to Azure to solve this issue.
I am evaluating the convenience of moving to azure. Currently, I am trying to figure out how to balance the load and make routing for different websites on the same machine. I saw tutorials where a user created a separate LB on a different VM. I also found many articles about the possibility to balance the load using Azure load balancing.
So I assume both are possible, is that correct?
I would like to know how to connect between machines on azure. Would it be possible to do so using a local ip, machinename, or dns?
I also need to figure out how to forward traffic to different ports based on http header, is that possible without a seperate machine as load balancer? I see the endpoint config in my azure dashboard and found the official documentation, but unfortunately it's not enough for my understanding.
Currently, I am trying to figure out how to balance the load and make
routing for different websites on the same machine.
You can have different web sites on the same machine by configuring virtual hosting on IIS. This is accomplished using host header. VM, Cloud Service or even Websites supports this functionality. VMs and Cloud Services should be pretty straight forward. Example using websites:
Hosting multiple domains under one Azure Website
http://blogs.msdn.com/b/cschotte/archive/2013/05/30/hosting-multiple-domains-under-one-azure.aspx
I also found many articles about the possibility to balance the load
using Azure load balancing.
LB for VMs are as easy as creating a load balance set inside endpoint configuration wizard. Once you create a balance set, for example, enpoint HTTP port 80, you can assign this balance set to any VM on the same cloud service. All requests to port 80 would be automatically balanced across all VMs in the set.
So I assume both are possible, is that correct?
Yes.
I would like to know how to connect between machines on azure. Would
it be possible to do so using a local ip, machinename, or dns?
You just have to create a virtual network and deploy the VMs to it. Websites (through preview portal only), Cloud Services and VMs supports VNet.
Virtual Network Overview
https://msdn.microsoft.com/library/azure/jj156007.aspx/
I also need to figure out how to forward traffic to different ports
based on http header, is that possible without a seperate machine as
load balancer?
Not at this moment. Best you can have with native Azure Services is a 3-tuple (Source IP, Destination IP, Protocol) load balance configuration.
Azure Load Balancer new distribution mode
http://azure.microsoft.com/blog/2014/10/30/azure-load-balancer-new-distribution-mode/
depending on how you're deploying there's a couple of options:
first of all: LB sets in VM's in a cloud service. For this the Cloud service acts as the LB. this can only be achieved when using a standard sku VM.
second of all in Azure WebApps : load balancing is achieved automagically when deploying through standard means, since scaling is foreseen here.
Third of all there's Cloud Services with roles, who also do this "automagically".
Now none of that seem to apply to your needs. you can also start thinking about using traffic manager, something with a little more bite :-)
have you read this article by any chance? http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-load-balance/
I'd like to advise you to add different endpoints to your VM's work with traffic manager and ake sure you IIS has all the headers on the correct ports (cause i'm assuming that's what you're doing already)