Microsoft Azure provide various load balancing services such as Azure Front Door, Traffic Manager, Application Gateway, Azure Load Balancer.
For you to decide what is the best service for you depending on your scenario can be quite difficult, if you are not aware how each service work. Therefore we have created little wizard in Azure (i.e. Load balancing - help me choose) that will help you to pick the right service. This wizard ask you bunch of simple questions and determine what is best solution for you. You can use the Azure Load Balancing page in the Azure portal to help you guide to the right load-balancing solution for your business need.
I have created following decision flow diagram that is based on the very same wizard flow in Azure portal. You can visually see all options at the same time. I hope this would be helpful for you, you can even print it and have it handy when needed :)
Wednesday, August 25, 2021
Load balancing - help me choose (Preview) - Diagram
Tuesday, June 1, 2021
Choosing Compute Services on Azure (AKS, Service Fabric, App Service)
- App Service: A managed service for hosting web apps, mobile app back ends, RESTful APIs, or automated business processes.
- Azure Kubernetes Service (AKS): A managed Kubernetes service for running containerized applications.
- Batch : A managed service for running large-scale parallel and high-performance computing (HPC) applications
- Container Instances: The fastest and simplest way to run a container in Azure, without having to provision any virtual machines and without having to adopt a higher-level service.
- Functions: A managed FaaS service.
- Service Fabric: A distributed systems platform that can run in many environments, including Azure or on premises.
- Virtual machines: Deploy and manage VMs inside an Azure virtual network.
- Infrastructure-as-a-Service (IaaS) lets you provision individual VMs along with the associated networking and storage components. Then you deploy whatever software and applications you want onto those VMs. This model is the closest to a traditional on-premises environment, except that Microsoft manages the infrastructure. You still manage the individual VMs.
- Platform-as-a-Service (PaaS) provides a managed hosting environment, where you can deploy your application without needing to manage VMs or networking resources. Azure App Service is a PaaS service.
- Functions-as-a-Service (FaaS) goes even further in removing the need to worry about the hosting environment. In a FaaS model, you simply deploy your code and the service automatically runs it. Azure Functions is a FaaS service
Following chart show how best to pick candidate compute service for you:
You also need to look at aspects such as scalability, availability, security and how easily you can perform DevOps.
Ref: Microsoft Docs.
Friday, May 28, 2021
What is Bicep
Have you been writing ARM templates and didn't quite fancy the way ARM templates are written in JSON. Well Bicep is here that would help you author ARM templates with much cleaner syntax. Bicep give you abstraction the way ARM templates are now written. Its supported by Microsoft 100% free, very modular, state is stored in Azure no manual handling.
You can get latest windows installer here or see all install options here: bicep/installing.md at main · Azure/bicep (github.com)
You can also download Bicep Visual Studio Code extension.
Hello world sample Bicep file to spin up storage in Azure..
param location string = 'eastus' @minLength(3) @maxLength(24) param storageAccountName string = 'azmubistorageacc1' // must be globally unique var storageSku = 'Standard_LRS' // declare variable and assign value resource stg 'Microsoft.Storage/storageAccounts@2019-06-01' = { name: storageAccountName location: location kind: 'Storage' sku: { name: storageSku // reference variable } } output storageId string = stg.id // output resourceId of storage account
Edit it in VS Code using Bicep extensions.
Deploy template using Bicep CLI (make sure to create resource group in Azure in advance e.g. bicep).
az deployment group create -f ./test.bicep -g bicep
Bicep Language specifications can be found here.
Bicep Azure DevOps Task is available here.
steps:
- task: BicepBuild@0
inputs:
process: 'single'
sourceFile: '.\bicep_files\sample1.bicep'
stdout: false # Note if stdout is true 'outputDirectory' will not be interpreted
outputFile: '.\bicep_files\sample1.out.json' # Only when 'stdout' is false or not defined and 'outputDirectory' is empty or not defined
Bicep Build Actions (Github Action) is available to run the Bicep CLI to build ARM template more.
steps: # Runs the bicep CLI action - individual files - name: Run Bicep build uses: aliencube/bicep-build-actions@v0.3 with: files: sample1.bicep sample2.bicep biceps/sample3.bicep biceps/sample4.bicep # Checks the result - name: Check the result shell: bash run: | shopt -s globstar ls -altR **/sample*.*
If you have existing ARM templates you can decompile them.
bicep decompile "path/to/MyARMTempateFile.json"
You can also export your Azure resource group to .bicep file.
step 1 - az group export --name "MY-Azure-Resource-Group" > MainARMTemplate.json
step 2 - bicep decompile MainARMTemplate.json
Learn more about Bicep here ..
Sunday, January 3, 2021
Azure Traffic Manager vs App Gateway vs Front Door vs Load Balancer
- Priority (default and backup endpoints)
- Weighted (distribute across endpoints)
- Performance (nearest endpoint)
- Geographic (geography controlled for GDPR etc)
- Subnet (endpoints base don IP)
- Multi-value (multiple ends available)
- Latency (least latency endpoint)
- Priority (primary then secondary)
- Weighted (based on endpoint weight)
- Session Affinity (same endpoint per session)
- Multiple site hosting
- URL routing
- Redirection
- Rewrite HTTP headers and URL
The following table lists various architecture reference articles based on the load-balancing services used as a solution.
Service(s) | Article | Description |
---|---|---|
Load Balancer | Load balance virtual machines (VMs) across availability zones | Load balance VMs across availability zones helps to protect your apps and data from an unlikely failure or loss of an entire datacenter. With zone-redundancy, one or more availability zones can fail and the data path survives as long as one zone in the region remains healthy. |
Front Door | Sharing location in real time using low-cost serverless Azure services | Use Azure Front Door to provide higher availability for your applications than deploying to a single region. If a regional outage affects the primary region, you can use Front Door to fail over to the secondary region. |
Application Gateway | IaaS: Web application with relational database | Learn how to use resources spread across multiple zones to provide a high availability (HA) architecture for hosting an Infrastructure as a Service (IaaS) web application and SQL Server database. |
Traffic Manager | Multi-tier web application built for high availability and disaster recovery | Deploy resilient multi-tier applications built for high availability and disaster recovery. If the primary region becomes unavailable, Traffic Manager fails over to the secondary region. |
Azure Front Door + Application Gateway | Multitenant SaaS on Azure | Use a multi-tenant solution that includes a combination of Front Door and Application Gateway. Front Door helps load balance traffic across regions and Application Gateway routes and load-balances traffic internally in the application to the various services that satisfy client business needs. |
Traffic Manager + Load Balancer | Multi-region N-tier application | A multi-region N-tier application that uses Traffic Manager to route incoming requests to a primary region and if that region becomes unavailable, Traffic Manager fails over to the secondary region. |
Traffic Manager + Application Gateway | Multi-region load balancing with Traffic Manager and Application Gateway | Learn how to serve web workloads and deploy resilient multi-tier applications in multiple Azure regions, in order to achieve high availability and a robust disaster recovery infrastructure. |
Thursday, September 3, 2020
Spin up virtual machine pre configured with WinRM access over https in Azure using Terraforms
Now when you run Terraform your VM will be preconfigured with WinRM and ready to connect, you can connect WinRM over https port:5986 using DNS name.