We have a third party product run as a windows service, expose as a web service. The goal is to dynamically provision the service instances in business peak hours.
Just to run the thought with you guys,
- I've already deployed the service on multiple vm, configured the vm in the same cloud service Availability Sets, configured azure to turn on/off vm instances based on cpu use
- I am to configure a separate vm, run iss arr there, add points to the endpoints on the vm configured above, with the hope ARR balanced the requests to the back-end vm dynamically
Will this work? What's the best practice for the IaaS scale? Any thoughts? Truly appreciate the input.
If I have understood correctly, you just need to use the built in load balancer of the cloud service. Create a load balance set for your endpoint. For example, if you want to balace the incoming traffic to port 80 in your application all you have to do is to create a LB-set for this port and configure this set to all the VMs in the Cloud Service.
The Azure Load Balancer randomly distributes a specific type of
incoming traffic across multiple virtual machines or services in a
configuration known as a load-balanced set. For example, you can
spread the load of web request traffic across multiple web servers or
web roles.
Configure a load-balanced set
Azure load balancing for virtual machines
No matter if VMs are up or down, once it turns on and if the endpoint is configured in the same LB-set, it will automatically start responding to requests once port 80 is online (IIS started and is returning STATUS 200 OK, for example). So, answering your question: yes, it will work with auto-scale or manuallying turning on/off vms.
Related
Note: I'm still in learning phase.
Question: For the scenario described below, in the Load Balancing Settings for the two VMs for the FrontEnd subnet should I choose Application Gateway or Azure Load Balancer?
In Azure portal, when I create the VMs for FrontEnd, the Networking tab of the wizard, gives me two choices shown below:
Why the confusion:
For Load Balancing Internet Traffic to VMs, this tutorial does not choose Application Gateway. But the 5th bullet of the following scenario seems to indicate I should choose Application Gateway
Scenario
This tutorial from official Azure team describes designing an infrastructure for a simple online store as follows:
The above configuration incorporates:
A cloud-only virtual network with two subnets (FrontEnd and BackEnd)
Azure Managed Disks with both Standard and Premium disks
Four availability sets, one for each tier of the online store
The virtual machines for the four tiers
An external load balanced set for HTTPS-based web traffic from the Internet to the web servers
An internal load balanced set for unencrypted web traffic from the web servers to the application servers
A single resource group
you can use both, its a matter of your needs. load balancer just forwards traffic to your vms, while application gateway can do path based routing, ssl offloading, has WAF capabilities, and so on. But it costs a lot more and is clunky.
Looking at the bullet points you've listed, your case will work with both of these solutions.
ps. Like Rahul mentioned, load balancer works on level 4 and is not HTTP aware, Application Gateway is a level 7 load balancer.
i am running a web-based online application and trying to achieve HA.
i created two windows vmss in an availability set.
All i am looking for is a simple failover protocol, what i am trying to achieve is when my Main Vm is down for any reason,my incoming traffic redirects to my Backup VM till the main vm is up and running again.
I know that Azure Traffic Manager can achieve this by using the Priority type and setting end points for Public Ips that assigned to my vmss.
But the traffic manager is using DNS in order to route traffics, there are some downtown before the traffic manager redirect traffic to my backup vm.
Please check this answer as well for more info why Traffic manager is not the solution. -even when i use fast-intervals settings-
https://stackoverflow.com/a/34469575/10786981
i also can't use load-balancer. As i need the Active/Passive model and load-balancer can't support this model.
A 3rd Load Balancer are expensive and we are really looking in to a simple solution here.
I am new on azure.
I have multiple web apps on my azure subscription. Strangely, I have found two of them have the same external IP. They are now sharing any resources with each other. How this is possible, and how to change it, if there is away?
Azure App Services are deployed to scale units. A scale unit is a collection of servers inside an azure datacenter. A default scale unit can contain up to 1000 servers (or more). Servers inside a scale unit can have different roles, the most important are the worker role and the front end role. Servers with the worker role run customers applications while servers with the front end role act as load balancer and distribute incoming requests to the applications running on the servers with the worker role.
It is important to note here that each scale unit has only one inbound virtual IP address. This means that when you are running applications in an app service plan these applications do not only share the IP with other applications of this app service plan, but also with applications from other customers whose apps run inside the scale unit.
For SSL connections, usually SNI (Server Name Indication) is used, which is supported by all major web browsers.
Now if you want to get a dedicated IP address for your web app, there are two ways you can achieve this:
When using a custom domain, you can bind a certificate with IP SSL to your app service. In this case, the app service generates a static IP address for you and you have to remap the A record of your custom domain to this new address. Beware that your IP address can change when you delete this binding.
Use an App Service environment which enables to run your apps in your own Azure Virtual Network. To make use of this you need to pay for an isolated app service plan which can be quite cost intensive.
I am evaluating the convenience of moving to azure. Currently, I am trying to figure out how to balance the load and make routing for different websites on the same machine. I saw tutorials where a user created a separate LB on a different VM. I also found many articles about the possibility to balance the load using Azure load balancing.
So I assume both are possible, is that correct?
I would like to know how to connect between machines on azure. Would it be possible to do so using a local ip, machinename, or dns?
I also need to figure out how to forward traffic to different ports based on http header, is that possible without a seperate machine as load balancer? I see the endpoint config in my azure dashboard and found the official documentation, but unfortunately it's not enough for my understanding.
Currently, I am trying to figure out how to balance the load and make
routing for different websites on the same machine.
You can have different web sites on the same machine by configuring virtual hosting on IIS. This is accomplished using host header. VM, Cloud Service or even Websites supports this functionality. VMs and Cloud Services should be pretty straight forward. Example using websites:
Hosting multiple domains under one Azure Website
http://blogs.msdn.com/b/cschotte/archive/2013/05/30/hosting-multiple-domains-under-one-azure.aspx
I also found many articles about the possibility to balance the load
using Azure load balancing.
LB for VMs are as easy as creating a load balance set inside endpoint configuration wizard. Once you create a balance set, for example, enpoint HTTP port 80, you can assign this balance set to any VM on the same cloud service. All requests to port 80 would be automatically balanced across all VMs in the set.
So I assume both are possible, is that correct?
Yes.
I would like to know how to connect between machines on azure. Would
it be possible to do so using a local ip, machinename, or dns?
You just have to create a virtual network and deploy the VMs to it. Websites (through preview portal only), Cloud Services and VMs supports VNet.
Virtual Network Overview
https://msdn.microsoft.com/library/azure/jj156007.aspx/
I also need to figure out how to forward traffic to different ports
based on http header, is that possible without a seperate machine as
load balancer?
Not at this moment. Best you can have with native Azure Services is a 3-tuple (Source IP, Destination IP, Protocol) load balance configuration.
Azure Load Balancer new distribution mode
http://azure.microsoft.com/blog/2014/10/30/azure-load-balancer-new-distribution-mode/
depending on how you're deploying there's a couple of options:
first of all: LB sets in VM's in a cloud service. For this the Cloud service acts as the LB. this can only be achieved when using a standard sku VM.
second of all in Azure WebApps : load balancing is achieved automagically when deploying through standard means, since scaling is foreseen here.
Third of all there's Cloud Services with roles, who also do this "automagically".
Now none of that seem to apply to your needs. you can also start thinking about using traffic manager, something with a little more bite :-)
have you read this article by any chance? http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-load-balance/
I'd like to advise you to add different endpoints to your VM's work with traffic manager and ake sure you IIS has all the headers on the correct ports (cause i'm assuming that's what you're doing already)
I have a Cloud Service that is connected to a LAN through a virtual network. I have a web role that machines on the LAN will be hitting for tasks like telling the cloud service that data needs to be refreshed. It it possible to have and endpoint that's load-balanced, but that only accepts traffic through the virtual network?
Well... you have a few things to think about.
You could set up your own load balancer in a separate role, which then does the load balancing. You'd probably want two instances to deal with high availability, and if there was any stateful/sticky-session data you'd need to sync it between your two load balancers. OR...
Now: If your code needing load-balancing lived in a Virtual Machine, rather than in a web/worker role, you could take advantage of the brand-new IP-level endpoint ACL feature introduced at TechEd. With this feature, you can have an endpoint that allows/blocks traffic based on source IP address. So you could have a load-balanced endpoint balancing traffic between a few virtual machines, and you could then limit access to, say, your LAN machines, and even add your existing Cloud Service (web/worker) VIP so that your web and worker role instances could access the service, all through the endpoint without going through the VPN. This way, you'd get to take advantage of Azure's built-in load balancer, while at the same time providing secure access for your app's services.
You can see more details of endpoint ACLs here.
No. The load balancer for a cloud service is public only. You can't predict the ip addresses of the individual instances on the virtual network, so you can't even hook them into your own load balancer. Yes, you can do it with VMs (as David recommends) — but then you're doing old-school IIS, not a cloud service. I went through this in November 2012, and was unable to find a decent solution.