问题
I didnt find any information about these issues regarding the Azure internal load balancer:
- Adding another InputEndpoint lead to ILB will be created but not being accessible or functional
- Using “only” the ILB definition lead to the public default InputEndpoint vanishes
- Not transparent how long it takes until the ILB is available. However, it is visible by viewing the available port for the cloud services web role. If the public port is available, the ILB is not, and vice versa.
So these are my questions:
- Is it expected behavior that an internal load balancer replaces the public one?
- Is a public load balancer supported beside an internal one/ can I have public access to web roles that are controlled by an internal load balancer?
- Are multiple ports supported (e.g. https beside http or private/ public access)?
Some details: The internal load balancer is connected via fixed ip to a VPN for a cloud service. Configuration looks like this:
<?xml version="1.0"?>
<ServiceDefinition name="MyCloudTest" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceDefinition" schemaVersion="2014-06.2.4">
<WebRole name="MyWebRole" vmsize="Standard_D1">
<Runtime executionContext="elevated" />
<Sites>
<Site name="Web">
<Bindings>
<Binding name="ILB-Endpoint-Http" endpointName="ilb-endpoint-http" />
<!--<Binding name="ILB-Endpoint-Https" endpointName="ilb-endpoint-https" />-->
<!--<Binding name="public-http-binding" endpointName="public-http-endpoint" />-->
</Bindings>
</Site>
</Sites>
<Endpoints>
<!--<InputEndpoint name="public-http-endpoint" protocol="http" port="81" />-->
<InputEndpoint name="ilb-endpoint-http" protocol="http" localPort="8080" port="8080" loadBalancer="my-ilb" />
<!--<InputEndpoint name="ilb-endpoint-https" protocol="https" localPort="*" port="8443" loadBalancer="my-ilb" />-->
</Endpoints>
This is part of the ServiceConfiguration defining the ILB pointing to the VPN with fixed ip.
<NetworkConfiguration>
<VirtualNetworkSite name="myvpn" />
<AddressAssignments>
<InstanceAddress roleName="MyWebRole">
<Subnets>
<Subnet name="intra" />
</Subnets>
</InstanceAddress>
</AddressAssignments>
<LoadBalancers>
<LoadBalancer name="my-ilb">
<FrontendIPConfiguration type="private" subnet="intra" staticVirtualNetworkIPAddress="172.28.0.27" />
</LoadBalancer>
</LoadBalancers>
Every hint is highly appreciated.
回答1:
1.Is it expected behavior that an internal load balancer replaces the public one?
It is the same implementation but ILB is restricted to your own private space (your VNET) See https://azure.microsoft.com/en-us/documentation/articles/load-balancer-overview/
2.Is a public load balancer supported beside an internal one/ can I have public access to web roles that are controlled by an internal load balancer?
Yes you can have both in the same deployment
3.Are multiple ports supported (e.g. https beside http or private/ public access)?
You can add multiple endpoints. An endpoint has a public port and a private port. Multiple public ports cannot share the same private port
来源:https://stackoverflow.com/questions/30616750/azure-internal-load-balancer-issues-and-questions