Using Traffic Manager in Azure Resource Manager
Learn how to perform geo-load balancing for deployments in different Azure regions using Traffic Manager profiles in Azure Resource Manager (ARM) or Cloud Solution Provider (CSP) subscriptions.
I have deployed two web farms, one in the North Europe Azure region and one in West US Azure region. I want to use Traffic Manager to unify both of these installations with geo-load balancing so that I have:
- A disaster recovery solution for my Internet presence.
- Reduce latency for dynamic content for customers in the USA and in UK/Ireland.
Note that this is a simple example; I could have deployed web farms in many Azure regions.
Passwords Haven’t Disappeared Yet
123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?
An endpoint is the public connection to some service that you want to load balance. For example, a web farm will have a DNS name/IP address combination.
You must configure a DNS name for any Azure resource that you want to use as an endpoint. I have configured the public IP address of my web farms with DNS names (under Settings > Configuration):
Now my web farms can be browsed using the Microsoft-owned and -managed domain names.
New Traffic Manager Profile
Open the Azure Portal and click New. Search for Traffic Manager and click Traffic Manager profile (also found under Networking).
Give the Traffic Manager profile a name; note that this will become the domain name for the unified web service, spanning both sites. Select the subscription and either create a new resource group or use an existing one – I suggest creating a new resource group in an Azure region that your service is not running in if disaster recovery is a part of your design.
There are three routing methods that you can choose from:
- Priority: This is a DR method, directing traffic to one site, and failing over to a secondary site if the primary site is deemed offline.
- Weighted: Traffic is spread across the endpoints (regions) based on the weightings that you define. By default, traffic will be evenly spread.
- Performance: The traffic manager will direct the client to the closest endpoint, based on latency from the client to the endpoints.
Choose a routing method to create the Traffic Manager profile. I am going to use Performance, meaning that both sites are available (for DR) and clients will be directed to the best performing web farm.
Configuring the Traffic Manager Profile
You can alter the default configuration of a Traffic Manager profile in Settings > Configuration. You can modify:
- The routing method.
- The time (between 30 and 999999 seconds) that the resolved endpoint will be cached by the DNS client. Note that lowering this does reduce the time that a client will require to failover to another endpoint, but it does increase the cost of the service (based on DNS name resolution).
- The protocol/port/path that is used by Traffic Manager to determine if the endpoint is operational or not.
Now you need to tell Azure which endpoints will be load balanced by Traffic Manager. Browse to Settings > Endpoints in the Traffic Manager profile and click Add. Here you can add:
- Azure endpoint: Hosted by Azure.
- External endpoint: A service hosted outside of Azure, such as in your on-premises DMZ.
- Nested endpoint: You can use traffic manager profiles and an endpoint (balancing balancers).
Give the endpoint a name, ideally consistent with the resource that is your endpoint.
Azure supports types of Azure endpoints:
- Cloud service: This is the classic cloud service of Azure Service Management (ASM).
- App service: This is an Azure App (web) service.
- Public IP: This is the public IP address of a virtual machine or a load balancer running in Azure.
I am load balancing Azure virtual machines so I selected the Public IP option.
Select or enter the details for the endpoint. My endpoints are Azure public IP addresses, so I select the public IP address of my first web farm. I can add the new endpoint as disabled to allow me to add it to the set before I bring it into production.
Repeat this process for each endpoint.
Testing & Monitoring
Copy the domain name of the Traffic Manager profile, petridemo.trafficmanager.net in my case, and try to browse to it in your browser. You should find that you are routed to one of your web farms.
If this is the first time you’re using Traffic Manager or you are testing a new deployment, then you might want to opt for the priority model and modify the priorities of the endpoints to verify that both (or more) locations are operational.
Remember that your client will cache the routing (DNS looking) of the resolved endpoint for the number of seconds in the configuration of the profile.
You can monitor the status of your Traffic Manager implementation in the Overview blade of the profile.