Azure Traffic Manager external endpoints & PowerShell support

Traffic Manager is a service in Azure that allows you to load-balance applications at the DNS level.

In very few words: you can create a profile to which you add endpoints. When resolving the domain name for your profile, the DNS servers of Traffic Manager will be contacted and will return one of the endpoints that belong to that profile, depending on the load balancing method chosen. See this for more info.

Recently, some features have been added to Traffic Manager:

Support for external endpoints

Traffic Manager until now only allowed you to specify the endpoints of a profile with “Cloud Services” and Azure Websites. But no more! Now you can use any URL for endpoints to be monitored and perform the load-balancing method chosen.

This lights up some interesting scenarios such as Traffic Manager routing for on-premises deployments, websites deployed somewhere else, or even use Traffic Manager profiles as endpoints (a hack to have nested profiles).

PowerShell cmdlets

With the new PowerShell cmdlets (yes, I know what you’re thinking, but PowerShell is actually pretty nice, though unfamiliar) for Traffic Manager, you can automate the management of profiles and endpoints. Let’s see some examples:

Creating a profile

We authenticate in Azure

1
PS C:\> Add-AzureAccount

Let’s create a Traffic Manager profile

1
2
3
4
5
6
7
8
9
10
11
12
PS C:\> New-AzureTrafficManagerProfile -Name cool-profile -DomainName cool.profile.trafficmanager.net -LoadBalancingMethod RoundRobin -MonitorPort 80 -MonitorProtocol Http -MonitorRelativePath "/" -Ttl 300

TimeToLiveInSeconds : 300
MonitorRelativePath : /
MonitorPort         : 80
MonitorProtocol     : Http
LoadBalancingMethod : RoundRobin
Endpoints           : {}
MonitorStatus       : Inactive
Name                : cool-profile
DomainName          : cool.profile.trafficmanager.net
Status              : Enabled

We now see that it exists in our Azure subscription.

1
2
3
4
5
6
7
8
9
10
11
12
13
PS C:\> $profile = Get-AzureTrafficManagerProfile cool-profile
PS C:\> $profile

TimeToLiveInSeconds : 300
MonitorRelativePath : /
MonitorPort         : 80
MonitorProtocol     : Http
LoadBalancingMethod : RoundRobin
Endpoints           : {}
MonitorStatus       : Inactive
Name                : cool-profile
DomainName          : cool.profile.trafficmanager.net
Status              : Enabled

No endpoints? Nonsense!

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
PS C:\> $profile | Add-AzureTrafficManagerEndpoint -DomainName www.reddit.com -Type Any -Status Enabled


TimeToLiveInSeconds : 300
MonitorRelativePath : /
MonitorPort         : 80
MonitorProtocol     : Http
LoadBalancingMethod : RoundRobin
Endpoints           : {www.reddit.com}
MonitorStatus       : Inactive
Name                : cool-profile
DomainName          : cool.profile.trafficmanager.net
Status              : Enabled

PS C:\> $profile | Add-AzureTrafficManagerEndpoint -DomainName www.meetup.com -Type Any -Status Enabled


TimeToLiveInSeconds : 300
MonitorRelativePath : /
MonitorPort         : 80
MonitorProtocol     : Http
LoadBalancingMethod : RoundRobin
Endpoints           : {www.reddit.com, www.meetup.com}
MonitorStatus       : Inactive
Name                : cool-profile
DomainName          : cool.profile.trafficmanager.net
Status              : Enabled

We now check the portal but still see no endpoints. This is because we only modified the profile instance locally. In order to send this update to Azure, we pipe the $profile into Set-AzureTrafficManagerProfile:

1
PS C:\> $profile | Set-AzureTrafficManagerProfile

That’s better!

DNS resolution

Let’s verify our setup works. We expect queries to cool.profile.trafficmanager.net to return both CNAME to www.reddit.com and CNAME to www.meetup.com (deciding whether we stay in looking at cat pictures or decide to go to a meetup). See here for the query.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
edu@thinty ~ $ dig cool.profile.trafficmanager.net

; <<>> DiG 9.8.3-P1 <<>> cool.profile.trafficmanager.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60008
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;cool.profile.trafficmanager.net. IN  A

;; ANSWER SECTION:
cool.profile.trafficmanager.net. 297 IN   CNAME   www.reddit.com.
www.reddit.com.       31  IN  CNAME   reddit.com.edgesuite.net.
reddit.com.edgesuite.net. 5440    IN  CNAME   a659.b.akamai.net.
a659.b.akamai.net.    5   IN  A   92.123.72.198
a659.b.akamai.net.    5   IN  A   92.123.72.209

We resolve again and…

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
edu@thinty ~ $ dig cool.profile.trafficmanager.net

; <<>> DiG 9.8.3-P1 <<>> cool.profile.trafficmanager.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47541
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;cool.profile.trafficmanager.net. IN  A

;; ANSWER SECTION:
cool.profile.trafficmanager.net. 293 IN   CNAME   www.meetup.com.
www.meetup.com.       149 IN  A   190.93.245.104
www.meetup.com.       149 IN  A   190.93.244.104
www.meetup.com.       149 IN  A   190.93.247.104
www.meetup.com.       149 IN  A   190.93.246.104
www.meetup.com.       149 IN  A   141.101.115.104

;; Query time: 13 msec
;; SERVER: 89.101.160.5#53(89.101.160.5)
;; WHEN: Sun May 25 21:20:59 2014
;; MSG SIZE  rcvd: 157

Great, it seems to have worked! Note that we can’t expect every single query we make to return a different result, as there is caching from our machine all the way to the Traffic Manager DNS resolvers. We can now use cool.profile.trafficmanager.net to manage traffic both to reddit and meetup.com.

This was just a brief introduction into Traffic Manager and some of its new features (more coming soon). If you are interested, check out the links below or drop me a line.

Links

Comments