Architecture Diagram:
Multi-region Traffic Manager Deployment |
Summary
There are different options to load balance traffic in Microsoft Azure. These options work differently from each other, have a different feature set and support different scenarios. They can each be used in isolation, or be stacked as shown in this architecture. Azure Load Balancer works at the transport layer (Layer 4). It provides network-level distribution of traffic across instances of an application running in the same Azure virtual network within a region. Application Gateway works at the application layer (Layer 7). It acts as a reverse-proxy service, terminating the client connection and forwarding requests to back-end endpoints. Traffic Manager works at the DNS level. It uses DNS responses to direct end user traffic to globally distributed endpoints. Clients then connect to those endpoints directly. This blog article demonstrates a sample architecture with some end-to-end verification steps. Azure documentation link here
Test Drive
http://nncolors.trafficmanager.net
http://nncolorseast.eastus.cloudapp.azure.com/
http://nncolorswest.westus.cloudapp.azure.com
Custom domain:
http://nncolorstm.penguintrails.com/
DNS Checker (Validate DNS resolution from all over the world)
https://dnschecker.org/#CNAME/nncolors.trafficmanager.net
Scribble:
Routing Methods:
Detailed documentation on the routing methods here. The method used in this blog article is performance based active/active region deployment and end users gets the closes endpoint with lowest latency.
End Points
Azure supports different type os endpoints with traffic manager. Detailed documentation here. Here we use external IPv4 endpoints to demonstrate that services can be hosted outside of Azure either on-premises or with another hosting provider.
Validations:
Global DNS Validation:DNS Checker (Validate DNS resolution from all over the world)
https://dnschecker.org/#CNAME/nncolors.trafficmanager.net
End User : DNS validation
nehali@nn-linux-dev:~$ dig +noall +answer +nocomments nncolorstm.penguintrails.com
nncolorstm.penguintrails.com. 5 IN CNAME nncolors.trafficmanager.net.
nncolors.trafficmanager.net. 5 IN CNAME nncolorseast.eastus.cloudapp.azure.com.
nncolorseast.eastus.cloudapp.azure.com. 10 IN A 52.150.45.51
nehali@nn-linux-dev:~$
End Point : Web Server side packet capture:
nehali@nn-red-vm:~$ ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0d:3a:8e:22:50 brd ff:ff:ff:ff:ff:ff
inet 172.16.2.4/24 brd 172.16.2.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20d:3aff:fe8e:2250/64 scope link
valid_lft forever preferred_lft forever
nehali@nn-red-vm:~$
Original Source IP :
71.184.73.96.1503 > 172.16.2.4.80: Flags [P.], cksum 0x375e (correct), seq 7939:8506, ack 5980, win 1303, options [nop,nop,TS val 30891632 ecr 3629512936], length 567: HTTP, length: 567
GET / HTTP/1.1
Host: nncolors.trafficmanager.net
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
If-None-Match: "49-59cd37191e857-gzip"
If-Modified-Since: Thu, 23 Jan 2020 19:14:00 GMT
16:33:42.428291 IP (tos 0x0, ttl 64, id 53784, offset 0, flags [DF], proto TCP (6), length 479)
172.16.2.4.80 > 71.184.73.96.1503: Flags [P.], cksum 0x40fe (incorrect -> 0x6c6b), seq 5980:6407, ack 8506, win 501, options [nop,nop,TS val 3629513117 ecr 30891632], length 427: HTTP, length: 427
HTTP/1.1 200 OK
Date: Thu, 30 Apr 2020 16:33:42 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Thu, 23 Jan 2020 19:14:00 GMT
ETag: "49-59cd37191e857-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 93
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/html
Custom Domain:
71.184.73.96.3682 > 172.16.2.4.80: Flags [P.], cksum 0x1ab0 (correct), seq 6248:6816, ack 4699, win 1102, options [nop,nop,TS val 30905342 ecr 3629650041], length 568: HTTP, length: 568
GET / HTTP/1.1
Host: nncolorstm.penguintrails.com
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
If-None-Match: "49-59cd37191e857-gzip"
If-Modified-Since: Thu, 23 Jan 2020 19:14:00 GMT
16:35:59.524620 IP (tos 0x0, ttl 64, id 35656, offset 0, flags [DF], proto TCP (6), length 479)
172.16.2.4.80 > 71.184.73.96.3682: Flags [P.], cksum 0x40fe (incorrect -> 0xbd26), seq 4699:5126, ack 6816, win 501, options [nop,nop,TS val 3629650213 ecr 30905342], length 427: HTTP, length: 427
HTTP/1.1 200 OK
Date: Thu, 30 Apr 2020 16:35:59 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Thu, 23 Jan 2020 19:14:00 GMT
ETag: "49-59cd37191e857-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 93
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html