We have an architecture whereby we have a traffic manager in front of two Azure application gateways and configured based on Priority (closer proximity has higher priority). We are using Application Gateway for path based routing to multiple web apps. if one of the web apps (backend pool) under application gateways is down , traffic manager keeps directing the traffic to the same application gateway although the requests are failing. I am guessing traffic manager is only probing the default backend pool ? anyone knows how to configure the traffic manager in this case so it re-routes the traffic to second location when requests are failing in first priority locaiton ?
Asked
Active
Viewed 5,689 times
4
-
Are the IP address of Application gateway as the Endpoints for your Traffic manager? – Wayne Yang Mar 26 '18 at 06:38
6 Answers
1
To solve this problem use custom headers in traffic may endpoint. Header host:<< domain name >> should be added to endpoint. This will help appgateway to determine appropriate backend for health check.
Nitin K
- 47
- 9
0
If the Endpoint for your Traffic manager is the IP address of Application gateway, the Traffic Manager will also get 200 OK status from the Application gateway.
Because that the machine or application in the application gateway backend pool is not detected by Traffic manager. the probe of Traffic manager only detects the endpoint configured in itself. If the Application gateway works well, it will route the traffic to that gateway as normal.
Wayne Yang
- 9,016
- 2
- 20
- 40
-
OK so yes the IP address of Application Gateways are the endpoint for traffic manager . we need App gateway in the middle as it is the firewall layer , does SSL offloading and path based routing. I understand that the traffic manager is just probing the App gateway not the web apps underneath it . how do we handle scenarios when one of the web apps under app gateways are down. we were hoping TM re routes the traffic to the secondary location since the requests are failing but now we know it only relies on its probes. any idea about how to achieve what we are after ? – Azure Ninja Mar 26 '18 at 20:48
-
Hi,@FaraT . I understand what you want to achieve. But for this scenario, I think there is no way to resolve this issue by this architecture. If possible , you can just use the Apps as the endpoints. :-) – Wayne Yang Mar 27 '18 at 08:40
0
Traffic Manager probes can take a path but I am assuming you have configured multiple paths for different webapps. What you are looking for is a setup where if a path is down, Traffic Manager should route to the second Application Gateway. This is difficult to setup unless you had a dedicated webapp which responds healthy/unhealthy status based off the aggregated health of all the path based webapps.
amsriva-msft
- 319
- 1
- 5
-
thanks, yes we ended up using this solution. but believe this should be a feature for App gateway to know one of the webapps is down and let traffic manager know to not direct traffic to that path anymore – Azure Ninja Feb 07 '20 at 04:00
-
could you provide the high-level architecture diagram for this solution, it helps. – kudlatiger Sep 09 '20 at 04:18
0
I'm literally battling with the same problem.
My App Gateway has URL based listeners for each of the websites beneath it based around the URL of the request. I have one for HTTP and another for HTTPS, both around the same publically exposed DNS name.
I think the solution to this issue is to add a 3rd listener but this will use the traffic manager host name. This way, the request will come to the app gateway and it will then match a known URL and make its way down to the website beneath the gateway.
Otherwise the monitor will only be polling the gateway status and will 'always' return a known HTTP status code.
Andy N
- 11
- 1
0
With your scenario, only when the both endpoints/Web App which is added to the backend of the Application Gateway fails, the traffic will be switched to the Application Gateway in other location as the Traffic Manager probes will be successful as long as Application gateway responds with a 200 OK.
msrini-MSIT
- 1,444
- 1
- 7
- 11
0
Add a separate Application Gateway for each application. This would be a costly solution but will address your concern without changing architecture.
