In Windows Azure, if a group of IaaS VM’s need load balancing, for example when hosting a Web Farm, this can be done by putting them in a Load Balanced set. Further, the health of individual VM’s in the load balanced set can be monitored using a Custom probe to decide if any of these need to be removed or added back to the farm. The interesting thing about the custom probes is that they enable the ability to monitor something meaningful and very application specific rather than simply accepting a VM to be healthy if it is alive. A VM could very well be alive and yet not be doing what the application needs it to. Finally, the public endpoint exposed by the Load Balanced set (LB set) may be protected by ACL’s (Access Control List) to allow traffic only from designated IP Address ranges, if so desired.
Both features – the Custom probes and the ACL’s – have been around for some time and are well documented officially as well as in blogs. My personal favorites are the blogs by Michael Washam at Creating Highly Available Workloads with Windows Azure and Network Access Control List Capability in Windows Azure Powershell. Despite this, I have found myself answering questions on the mechanics of using these features. The purpose of the present note is to have a fresh take at Custom probes and ACL’s using a walkthrough of a scenario, and revisit some of the questions that I have come across.
Before showing a walkthrough, an assortment of questions that usually come up in discussions, are addressed in this section.
Figure 1: VM’s in an LB set with Custom probes for health check