Reputation: 811
Azure internal load balancer issues and questions
I didnt find any information about these issues regarding the Azure internal load balancer:
- Adding another InputEndpoint lead to ILB will be created but not being accessible or functional
- Using “only” the ILB definition lead to the public default InputEndpoint vanishes
- Not transparent how long it takes until the ILB is available. However, it is visible by viewing the available port for the cloud services web role. If the public port is available, the ILB is not, and vice versa.
So these are my questions:
- Is it expected behavior that an internal load balancer replaces the public one?
- Is a public load balancer supported beside an internal one/ can I have public access to web roles that are controlled by an internal load balancer?
- Are multiple ports supported (e.g. https beside http or private/ public access)?
Some details: The internal load balancer is connected via fixed ip to a VPN for a cloud service. Configuration looks like this:
<?xml version="1.0"?>
<ServiceDefinition name="MyCloudTest" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceDefinition" schemaVersion="2014-06.2.4">
<WebRole name="MyWebRole" vmsize="Standard_D1">
<Runtime executionContext="elevated" />
<Sites>
<Site name="Web">
<Bindings>
<Binding name="ILB-Endpoint-Http" endpointName="ilb-endpoint-http" />
<!--<Binding name="ILB-Endpoint-Https" endpointName="ilb-endpoint-https" />-->
<!--<Binding name="public-http-binding" endpointName="public-http-endpoint" />-->
</Bindings>
</Site>
</Sites>
<Endpoints>
<!--<InputEndpoint name="public-http-endpoint" protocol="http" port="81" />-->
<InputEndpoint name="ilb-endpoint-http" protocol="http" localPort="8080" port="8080" loadBalancer="my-ilb" />
<!--<InputEndpoint name="ilb-endpoint-https" protocol="https" localPort="*" port="8443" loadBalancer="my-ilb" />-->
</Endpoints>
This is part of the ServiceConfiguration defining the ILB pointing to the VPN with fixed ip.
<NetworkConfiguration>
<VirtualNetworkSite name="myvpn" />
<AddressAssignments>
<InstanceAddress roleName="MyWebRole">
<Subnets>
<Subnet name="intra" />
</Subnets>
</InstanceAddress>
</AddressAssignments>
<LoadBalancers>
<LoadBalancer name="my-ilb">
<FrontendIPConfiguration type="private" subnet="intra" staticVirtualNetworkIPAddress="172.28.0.27" />
</LoadBalancer>
</LoadBalancers>
Every hint is highly appreciated.
Upvotes: 0
Views: 6158
Answers (1)
Reputation: 131
1.Is it expected behavior that an internal load balancer replaces the public one?
It is the same implementation but ILB is restricted to your own private space (your VNET) See https://azure.microsoft.com/en-us/documentation/articles/load-balancer-overview/
2.Is a public load balancer supported beside an internal one/ can I have public access to web roles that are controlled by an internal load balancer?
Yes you can have both in the same deployment
3.Are multiple ports supported (e.g. https beside http or private/ public access)?
You can add multiple endpoints. An endpoint has a public port and a private port. Multiple public ports cannot share the same private port
Upvotes: 1
Related Questions
- Azure internal load balancer in backend pool of application gateway
- Azure load balancer - balance on-premises servers
- Azure internal load balancer outbound connectivity
- Azure Standard Internal Load Balancer backend machines partial internet access
- Azure Vnet peering with public IP load balancer
- Azure internal load balancer IP
- Azure internal load balancing
- Configuring Azure load balancer and NAT rules
- Azure internal load balancer not receiving frowarding request to vm
- How do I create Internal Load Balancer (ILB) using Azure Management SDK?