为什么 azure 负载均衡器在运行状况探测关闭后仍向节点发送流量?
[英]Why is azure load balancer still sending traffic to nodes after health probe down?
问题描述
I have 2 Azure VM sitting behind a Standard Azure Load Balancer.
我有 2 个 Azure VM 位于标准 Azure 负载均衡器后面。
The load balancer has a healthprobe pinging every 5 seconds with HTTP on /health for each VM.负载均衡器有一个每 5 秒 ping 一次的运行状况探测器,每个 VM 的 /health 上都有 HTTP。
Interval is set to 5, port is set to 80 and /health, and "unhealthy threshold" is set to 2.间隔设置为 5,端口设置为 80 和 /health,“不健康阈值”设置为 2。
During deployment of an application, we set the /health-endpoint to return 503 and then wait 35 seconds to allow the load balancer to mark the instance as down, and so stop sending new traffic.在部署应用程序期间,我们将 /health-endpoint 设置为返回 503,然后等待 35 秒以允许负载均衡器将实例标记为关闭,从而停止发送新流量。
However, Load balancer does not seem to fully take the VM out of load.但是,负载均衡器似乎并没有完全让虚拟机脱离负载。 It still sends traffic inbound to the down instance, causing downtime for our customers.它仍然会向停机实例发送入站流量,从而导致我们的客户停机。
I can see in IIS-logs that the /health-endpoint is indeed returning 503 when it should.我可以在 IIS 日志中看到 /health-endpoint 确实在应该返回 503 时返回。
Any ideas whats wrong?有什么想法有什么问题吗? Can it be some sort of TCP keep-alive?它可以是某种 TCP 保活吗?
3 个解决方案
解决方案1
1 2020-06-29 12:51:09
Load Balancer is a pass through service which does not terminate existing TCP connections where the flow is always between the client and the VM's guest OS and application.负载均衡器是一种直通服务,它不会终止现有的 TCP 连接,其中流量始终在客户端与 VM 的来宾操作系统和应用程序之间。 If a backend endpoint's health probe fails, established TCP connections to this backend endpoint continue, but it will stop sending new flows to the respective unhealthy instance.如果后端端点的健康探测失败,与该后端端点建立的 TCP 连接将继续,但它将停止向相应的不健康实例发送新流。 This is by design to give you opportunity to gracefully shutdown from the application to avoid any unexpected and sudden termination of ongoing application workflow.这是为了让您有机会从应用程序中正常关闭,以避免任何意外和突然终止正在进行的应用程序工作流程。
Also you may consider configuring TCP reset on idle https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-tcp-reset to reduce number of idle connections.您也可以考虑在空闲时配置 TCP 重置https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-tcp-reset以减少空闲连接的数量。
解决方案2
1 已采纳 2020-07-15 08:18:04
I got confirmation from microsoft that this is working "as intended", which makes the Azure Load Balancer a bad fit for web applications.我从微软那里得到确认,这是“按预期”工作的,这使得 Azure 负载均衡器不适合 web 应用程序。 This is the answer from Microsoft:这是微软的回答:
I was able to discuss your observation with the internal team.
They explained that the Load balancer does not currently have “Connection Draining” feature and would not terminate existing connections.
Connection Draining is available with the Application Gateway Connection Draining.
I heard this is being planning for the Load balancer also as future Road map.
解决方案3
-1 2020-06-26 10:11:21
I would suggest you the following approach You could have to place a healthcheck.html page on each of your VM's.我建议您采用以下方法您可能必须在每个 VM 上放置一个 healthcheck.html 页面。 As long as the probe can retrieve the page, the load balancer will keep sending user requests to the VM.只要探针可以检索到页面,负载均衡器就会不断向虚拟机发送用户请求。
When you do the deployment, simply rename the healthcheck.html to a different name such as _healthcheck.html.进行部署时,只需将 healthcheck.html 重命名为不同的名称,例如 _healthcheck.html。 This will cause the probe to start receiving HTTP 404 errors and will take that machine out of the load balanced rotation.这将导致探针开始接收 HTTP 404 错误,并使该机器脱离负载平衡旋转。
After your deployment have been completed, rename _healthcheck.html back to healthcheck.html.部署完成后,将 _healthcheck.html 重命名为 healthcheck.html。 The Azure LB probe will start getting HTTP 200 responses and as a result start sending requests to this VM again. Azure LB 探测器将开始获得 HTTP 200 响应,因此开始再次向此 VM 发送请求。
Thanks, Manu谢谢,马努
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.