Load balancing in Azure PaaS

Similar Messages

• Moving SMTP server to Azure with Load balancer

  How to
   move SMTP server to Azure with Load balancer???

  Hi TechM,
  Base on my experience, Windows Azure Platform does not provide out-of-the-box mail server (neither SMTP nor POP3). You could use SendGrid to sent mail. About this issue, I recommend you could refer to
  http://stackoverflow.com/questions/10631585/email-sending-approaches and
  http://blogs.msdn.com/b/patrick_butler_monterde/archive/2010/10/11/sending-e-mail-from-windows-azure-part-1-of-2.aspx
  Hope it helps.
  Will
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Azure Cloud Service Scaling - do I have to configure a Load Balancer?

  I'm a little bit confused by how scaling in Azure works. I'm using a Cloud Service and have 2 web roles running a PHP application. I can RDP on both machines and both applications run great on each machine. Also I don't have any problems calling the staging
  URL.
  But I can't figure out if I configure scaling so that 2 machines run always, if I have to configure a load balancer somehow. Or is this already done for me?
  In Azure VM's I had to create a load-balanced set endpoint for an endpoint, but what about cloud services?
  And how is this done in the XML configuration file for my service? What if I don't do it?

  Hi,
  Scaling is affected by core usage. Larger role instances or Virtual Machines use more cores. You can only scale an application within the limit of cores for your subscription. For example, if your subscription has a limit of twenty cores
  and you run an application with two medium sized Virtual Machines (a total of four cores), you can only scale up other cloud service deployments in your subscription by sixteen cores. All Virtual Machines in an availability set that are used in scaling an
  application must be the same size.
  Windows Azure supports load balance for cloud services and standard websites, we just need to set instance count to more than 1 to enable load balance. For virtual machines, it needs to set up manually.
  Please refer this link for Load Balance a Virtual Machine:
  http://www.windowsazure.com/en-us/manage/windows/common-tasks/how-to-load-balance-virtual-machines/
   for more information.
  Auto scale lets you set scaling limits and scheduling goals to ensure you are always getting optimal performance
  Please refer this link for Scaling on Cloud Services:
  http://azure.microsoft.com/en-us/services/cloud-services/
  Also, Please refer this link for Scaling an Application :
  http://azure.microsoft.com/en-us/documentation/articles/cloud-services-how-to-scale/
  XML configuration : Azure (Load-balanced) Endpoints can only be used for TCP/UDP based services. please check
  https://techlib.barracuda.com/display/BNGv54/How+to+Configure+a+High+Availability+Cluster+in+Azure/printable for the detailed information
  Hope this helps.
  Regards,
  Shirisha Paderu.

• Set up Network Load Balancing on an Azure VM

  i have an VM on Azure, on which I have two AD LDS instances. I want to set up Network Load Balancing to have fault tolerance between the two AD LDS instances. when i start to create a new cluster, it shows me a message that DHCP will be turned off. i ignored
  that one time, and what conspired was that i was unable to access the VM only. i had to set up my AD LDS instance on a different VM again. 
  is there any way which will enable me to set up the AD LDS instance properly on the VM?

  Hi,
  Firstly, if I understand correctly, you set up a cluster with only one VM? Based on my experience, you need to use two Azure VMs running AD LDS to configure Failover cluster.
  In addition, did you mean that you cannot RDP into the VM after you created the cluster? If yes, which kind of error message you have received? Please check the Quick Glance of that VM on the
  Azure management portal to make sure that all the parameters for that VM are displaying, especially for the internal IP address.
  Furthermore, it seems that the question is related to Azure Virtual Machines, I recommend you to ask in Azure Virtual Machine forum below for further assistance:
  https://social.msdn.microsoft.com/Forums/en-US/home?forum=WAVirtualMachinesforWindows
  Best regards,
  Susie

• Windows Azure Pack - VMM failed to deploy service through F5 Load Balancer

  I use server 2012 R2 (Windows Azure Pack) to deploy 2-tier service ( VMM -> Library -> Create Service Template -> Select two tier application -> Add F5 Load balancer -> Use connector to link NIC to Server Connection
  and link Client Connection to VM network   ). I was able to set up F5 Load balancer (virtual appliance) on Hyper V. I checked  VMM Orchestrator was able to create VIP pool and member correctly on F5 Appliance. I get the following
  error. I'm not sure how to resolve, If anyone experience this issue before, please let me know how to fix it. I copied the error log below. Thank you
  Error (22042)
  The service XXXXXXX was not successfully deployed. Review the event log to determine the cause and corrective actions.
  Recommended Action
  The deployment can be restarted by retrying the job.
  Error (21426)
  Execution of DataCenterManager.LB::AddLBVIP on the configuration provider a1af2238-5665-454a-8560-64fafbfe3385 failed. Detailed exception: Microsoft.SystemCenter.DataCenterManager.LB.LBConnectionFailedException: There is an error in XML document (246, 74).
  ---> F5Networks.Protocols.iControl.iControlException: There is an error in XML document (246, 74).
  Recommended Action
  Check the documentation for the configuration provider or contact the publisher support.
  Error (22725)
  VMM received computer name vmmBN6 for VM vmmBN6.domain.com. Expected computer name is vmmBN6.domain.com.
  Recommended Action
  Ensure that the VM has joined the right domain or workgroup and then retry the operation.
  Error (20400)
  1 parallel subtasks failed during execution.
  Error (20400)
  1 parallel subtasks failed during execution.
  Error (21952)
  Application deployment failed for one or more tiers or application hosts in the service XXXXXXXXX. Check job logs to get more information on the failed operation.
  Recommended Action
  Check error messages and retry the operation if needed.
  Thanks

  Hi Ryankorock,
  Sorry to revive an old post but is there any update on compatibility? We are running SCVMM 2012 R2 Build 3.2.7768.0 with an F5 BIG-IP
  running "11.6.0 Build 0.0.401 Final". We see the exact same error 
  Error (21426)
  Execution of DataCenterManager.LB::AddLBVIP on the configuration provider a1af2238-5665-454a-8560-64fafbfe3385 failed. Detailed exception: Microsoft.SystemCenter.DataCenterManager.LB.LBConnectionFailedException: There is an error in XML document (246,
  74). ---> F5Networks.Protocols.iControl.iControlException: There is an error in XML document (246, 74).
  The plugin creates everything on the F5, pools, nodes, and virtual server. We have tried with and without a health probe with no luck.

• Azure Load Balancer - Query for VMs in rotation or removed from rotationq

  From what I can tell, there is no way to know if any of the VMs configured as part of a Load-Balanced Set has been taken out of rotation. I see a PS script to set the Azure Load Balancer Endpoint -
  Set-AzureLoadBalancedEndpoint.  But there is no way from what I can tell via
  PS or in the Portal to notify or alert me when a VM is no longer part of the LB Set due to some issue. What is the roadmap to make this available via a PS Script, Azure Portal, or via SCOM?  

  Hi,
  From my experience, this issue was more related with Windows Azure network, I suggest you move to that forum for a better help.
  The forum link was:
  http://social.msdn.microsoft.com/Forums/en-US/home?forum=WAVirtualMachinesVirtualNetwork
  Best Regards
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Traffic Manager versus Azure Load Balancer

  Hi All,
  We have an MVC5 app which we are planning to host either as an Azure Web App or Azure Web Role. The queries that we have is pertaining to load balancing of the same as follows:
  1. When we spawn multiple instances of Web Apps or WebRoles, does Azure Load Balancer automatically kick in?
  2. If the above case is true, then when is the need for the Traffic Manager? Is it used when instances are spanning across multiple regions?
  3. Will Azure load balancer suffice my requirement if I am hosting my app only in a single region?
  Regards, Saurabh

  Hi Saurabh,
  No, you would have to manually configure an Azure Load Balanced Set for Load Balancing purposes. You could refer this link for details on how to configure a Load Balanced Set:
  https://msdn.microsoft.com/library/azure/dn655055.aspx
  Yes, Traffic Manager allows you to control distribution of traffic to Cloud Services, Websites across different Data Centres.
  If you are hosting your app within a Cloud Service, Azure Load Balancer should suffice for your requirement.
  You could refer the following link for details on various load balancing methods for Azure Infrastructure Services:
  http://azure.microsoft.com/en-in/documentation/articles/virtual-machines-load-balance/
  Regards,
  Malar.

• Azure: "Cloud Services" for VM - Load Balancing, yes, and other things?

  I'm trying to get a handle on the significance of the cloud service
  (that is created when a new VM is created). I understand that a group of
  VMs need to belong to the same cloud service in order to participate in
  Load Balancing. I can't see any other reason to group VMs into a single
  Cloud Service. On the other hand it seems like overkill to create a
  cloud service for each VM.
  Are there any advantages/reasons to adding a group of VMs to Cloud Service other than Load Balancing?

  Hi,
  If you made a group VMs as a cloud service, you can configure them and manage them by yourself, you could select Linux or Windows Server VMs and either compose the VM images in the cloud or upload a VHD you’re previously
  created using Hyper-V, You can capture a VM and add it your image gallery for easy reuse. you also could run a product like Active Directory or SQL Server or SharePoint Server successfully, etc...
  I suggest you have a look at following article. (create VM as cloud service belong to IaaS)
  #http://davidpallmann.blogspot.in/2012/07/windows-azure-is-3-lane-highway-how-to.html
  Best Regards
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Help! Azure Cloud Services and Virtual Machine Web Servers Load Balancing

  I have a cloud service. I have two virtual machines setup as web servers each with IIS installed. I have configured my domain registrar to point my domain name to the cloud service IP address. I also went into the endpoints of each virtual machine and verified
  that I have http port 80 setup on both in a load balanced set. 
  I am unable to access websites on either server at this point. DNS propogation site shows "error: token mismatch"...this has been setup since yesterday and still error.
  Can anyone assist me in where I went wrong? Am I confused to how the cloud service should work? I am assuming it will allow me to load balance the two virtual machines in the way I have configured above. Please help!!!!

  Hi,
  Thank you for posting in here.
  We are checking on this issue and will get back at earliest.
  Regards,
  Manu Rekhar

• How to control a Load Balanced set in IaaS VMs using Text files

  Hi,
  I would like to control the Load Balanced nodes Using a resource to probe like active.txt  in IIS than a Endpoint on the Management Portal.
  The reason i need this is because the engineers in my team will have access to VMs but not to Management servers.
  Any info on it is very helpful.
  Thanks

  Hi,
  You can Control the access to the Load Balanced Set by using Network ACL. A Network Access Control List (ACL) is a security enhancement available for your Azure deployment. An ACL provides the ability to selectively permit or deny traffic for a virtual machine
  endpoint. This packet filtering capability provides an additional layer of security. 
  Using Network ACLs, you can do the following:
  Selectively permit or deny incoming traffic based on remote subnet IPv4 address range to a virtual machine input endpoint. 
  Blacklist IP addresses
  Create multiple rules per virtual machine endpoint
  Specify up to 50 ACL rules per virtual machine endpoint
  Use rule ordering to ensure the correct set of rules are applied on a given virtual machine endpoint (lowest to highest)
  Specify an ACL for a specific remote subnet IPv4 address.
  Network ACLs can be specified on a Load balanced set (LB Set) endpoint. If an ACL is specified for a LB Set, the Network ACL is applied to all Virtual Machines in that LB Set. For example, if a LB Set is created with “Port 80” and the LB Set contains 3 VMs,
  the Network ACL created on endpoint “Port 80” of one VM will automatically apply to the other VMs.
  Hope this helps !
  Regards,
  Sowmya

• Site behind load balancer - Key not valid for use in specified state

  Hi,
  I have created a sharepoint application page to access an active end point on ADFS and establish a fedauth session. All works well in single server. But when the page runs behind load balancer with 2 servers, it fails with key not valid for use in specified
  state exception. Stickiness is enabled on load balancer. verified that.
  I had made few changes to config file in microsoft.identitymodel section to accomodate adfs custom login. This included removing securitytokenhandlers and issuertokenresolvers as well. Is this impacting the encryption/decryption in anyway?
  Any pointers would help.
  Reference point for my application page : http://blog.helloitsliam.com/Lists/Posts/Post.aspx?ID=76

  Hi,
  As I understand, you encountered the error “Key not valid for use in specified state” when ADFS custom login.
  In order to run in Windows Azure Web Sites a Web application which uses WIF for handling authentication, you must change the default cookie protection method (DPAPI, not available on Windows Azure Web Sites) to something that will work in a farmed environment
  and with the IIS’ user profile load turned off.
  1. If you are using the Identity and Access Tools for VS2012, just go to the Configuration tab and check the box “Enable Web farm ready cookies”.
  2. If you want to do things by hand, add the following code snippet in your system.identitymodel/identityConfiguration element:
     <securityTokenHandlers>
       <add type="System.IdentityModel.Services.Tokens.MachineKeySessionSecurityTokenHandler, 
               System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
        <remove type="System.IdentityModel.Tokens.SessionSecurityTokenHandler,
              System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
      </securityTokenHandlers>
  There is a similar case:
  http://stackoverflow.com/questions/19323287/key-not-valid-for-use-in-specified-state-error-for-net-4-5-mvc-4-application
  Best regards,
  Sara Fan
  TechNet Community Support
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]

• Geting IP address for Internal Load Balancer

  I've recently been experimenting with internal load balancing for VMs. I'm able to create and delete an internal load balancer (ILB) using the .NET wrapper for the API (https://github.com/Azure/azure-sdk-for-net).  What I cannot do though is actually
  get the internal address for it. Nor does it seem you can get it from the REST API (which, as far as I know, is what .NET wrapper wraps).   The only method I can see that claims to get the address is Powershell.
  Can anyone confirm if there is any way using the REST API or its .NET wrapper to obtain the internal address for the ILB?

  I have not looked into the .NET wrapper that you mentioned here, but according to this powershell script:
  http://msdn.microsoft.com/en-us/library/azure/dn690125.aspx
  $svc="<Cloud Service Name>"
  $ilb="<Name of your ILB instance>"
  $subnet="<Name of the subnet within your virtual network-optional>"
  $IP="<The IPv4 address to use on the subnet-optional>"
  Add-AzureInternalLoadBalancer -ServiceName $svc -InternalLoadBalancerName $ilb –SubnetName $subnet –StaticVNetIPAddress $IP
  IP address is optional, so maybe the wrapper hasn't implemented this, which is kind of undesirable. But maybe it allows you to specify the IP?
  Frank

• Internal load balance ilb on ServiceConfiguration LoadBalancers

  Hi everybody, I try to setup an internal load balancer using this configuration:
  from cscfg:
  <NetworkConfiguration>
   <VirtualNetworkSite name="WE" />
   <AddressAssignments>
    <InstanceAddress roleName="Role1">
     <Subnets>
      <Subnet name="WE_WWW" />
     </Subnets>
    </InstanceAddress>
    <InstanceAddress roleName="Role">
     <Subnets>
      <Subnet name="WE_SERVICE" />
     </Subnets>
    </InstanceAddress>
   </AddressAssignments>
   <LoadBalancers>
    <LoadBalancer name="WEB_ILB">
     <FrontendIPConfiguration type="private" subnet="WE_WWW" staticVirtualNetworkIPAddress="192.168.1.5" />
    </LoadBalancer>
    <LoadBalancer name="API_ILB">
     <FrontendIPConfiguration type="private" subnet="WE_SERVICE" staticVirtualNetworkIPAddress="192.168.2.5" />
    </LoadBalancer>
   </LoadBalancers>
  </NetworkConfiguration>
  from csdef:
  <WebRole name="Role1" vmsize="Small">
   <Sites>
    <Site name="Web">
     <Bindings>
      <Binding name="httpIn" endpointName="httpIn" />
      <Binding name="httpsIn" endpointName="httpsIn" />
     </Bindings>
    </Site>
   </Sites>
   <Endpoints>
    <InputEndpoint name="httpIn" protocol="http" port="80" loadBalancer="WEBILB" />
    <InputEndpoint name="httpsIn" protocol="https" port="443" certificate="Valuta" />
   </Endpoints>
   <Imports>
    <Import moduleName="Diagnostics" />
    <Import moduleName="RemoteAccess" />
    <Import moduleName="RemoteForwarder" />
   </Imports>
   <Certificates>
    <Certificate name="Valuta" storeLocation="LocalMachine" storeName="CA" />
   </Certificates>
  </WebRole>
  <WebRole name="Role2" vmsize="Small">
   <Sites>
    <Site name="Web">
     <Bindings>
      <Binding name="httpIn" endpointName="httpIn" />
     </Bindings>
    </Site>
   </Sites>
   <Endpoints>
    <InputEndpoint name="httpIn" protocol="http" port="8080" loadBalancer="APIILB" />
   </Endpoints>
   <Imports>
    <Import moduleName="Diagnostics" />
    <Import moduleName="RemoteAccess" />
   </Imports>
  </WebRole>
  as you can see I have two webroles linked to a vnet:
  Role1 has two input endpoint: https and http (the one I want to "internal" load balance)
  Role2 has only an http input endpoint (again the one I want to "internal" load balance)
  and I try to configure an internal loadbalancer (see here:
  vs2013-update3)
  When I try to deploy the package I receive this error:
  Error: The specified configuration settings for Settings are invalid. Verify that the service configuration file is a valid XML file, and that role instance counts are specified as positive integers.  Http Status Code: BadRequest  OperationId:
  874024071e88327f8cb73c16f15f3ac2
  I'm sure it depends on the ilb configuration because when I remove it the deploy succeed...
  Does anybody try something like this?
  Thanks,
  Simone

  I've found a solution by myself with the help of a friend (Sandro Vecchiarelli): the "problem" is that I try to setup two load balancers in one cloud service. Trying with only one work correctly; the error probably is a schema validation and I
  really don't know if the error is on "client" schema that allow me to configure more than one ILB (note the node name
  LoadBalancers... its plural...) or online (the one on Azure).
  By the way...at the moment use just one ILB per cloud service.
  Hope this help.

• Internal load balancer for ADFS, Web Application Proxy join problem

  Hello,
  we deployed 2 x ADFS (2012 R2) behind a internal Azure load balancer.
  In front are two WAP servers, which should be joined to the ADFS farm based on the internal load balancer IP.
  Unfortunately the WAPs fail to join and sometimes after 5 tries it works. The problem is (based on the event logs) that the ADFS Servers dont trust the WAP certificate.
  It seems, that during the join process the ADFS internal load balancer does not stick to one ADFS server. If we join the WAP directly (without the ILB) to one of the ADFS servers, everything works fine.
  As soon as we try to join via the ADFS internal load balancer IP, the abover occurs.
  Did anyone experience the same problems? How does the internal load balancer distribute the requests? Seems to be not sticky at all.
  Thanks for any Feedback,
  Thomas

  Thomas -
  This article talks (in detail) about a recently updated distribution mode - Source IP affinity.
  http://azure.microsoft.com/blog/2014/10/30/azure-load-balancer-new-distribution-mode/
  Hope this helps!
  /Arvind

• Load balancing SMA web service and SMA end point URL

  Hi,
  We have set up the recommended 3 servers with Azure Pack, SMA Web Service and Runbook Worker.  We are now wanting to configure the Azure pack portal to setup the SMA endpoint url for the web service.  Before we do that, we are assuming we should
  load balance the web services to answer on 1 url (ie, smaws.domainname.com).
  1. Is there any guidance or things to consider when load balancing the 3 web services to answer to 1 url.  We will probably use f5 since that is what we use.
  2. The end point url that we configure for Azure Pack automation should be this load balanced URL correct?
  3. Should we have the Azure pack installed on just one of the servers or all 3.  We did all 3 but it seems like server2 and 3 just redirect to 1 anyway so I am assuming the URL for Azure pack is stored in a db somewhere.
  4. Are there any other components of SMA/Azure Pack that should also be load balanced?
  Thanks
  Thanks Lance

  So in this case you need to register the SMA Runbook Workers (do this on machine 1):
  $webService
  = "https://localhost"
  $workers
  = (Get-SmaRunbookWorkerDeployment
  -WebServiceEndpoint
  $webService).ComputerName
  if($workers
  -isnot [system.array]) {$workers
  = @($workers)}
  $workers
  += "MachineName2"
  $workers += "MachineName3"
  New-SmaRunbookWorkerDeployment
  -WebServiceEndpoint
  $webService -ComputerName
  $workers