Azure Traffic Manager监视器状态降级

huangapple
go评论70阅读模式
英文:

Azure Traffic Manager Monitor Status Degraded

问题

Azure Traffic Manager监视器状态为"降级"

我部署了Azure Traffic Manager(路由模式:地理)然后添加了一个端点。目标在Kubernetes集群内运行。因此,端点配置如下:

名称:测试
类型:外部端点
目标:1.2.3.4(Kubernetes中NGINX Ingress Controller的IP地址)
自定义标头设置:host:my-test-url.com
地理映射:所有(全球)
健康检查:已启用

通过浏览器访问my-test-url.com URL,可以正常加载UI。但是使用CURL命令会返回302(Found)?

curl -H -K my-test-url.com                      
<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>

WGET命令返回:

wget https://my-test-url.com 
--2023-07-10 12:20:37--  https://my-test-url.com /
解析my-test-url.com(my-test-url.com)... 1.2.3.4(NGINX Ingress的IP)
连接到my-test-url.com(my-test-url.com)|1.2.3.4|:443... 已连接。
发送HTTP请求,等待响应... 302 Moved Temporarily
位置:https://my-test-url.com /swagger-ui/index.html [following]
--2023-07-10 12:20:41--  https://my-test-url.com /swagger-ui/index.html
重用到my-test-url.com:443的现有连接。
发送HTTP请求,等待响应... 200 
长度:734 [text/html]
保存到:‘index.html.2’

index.html.2                                    100%[=====================================================================================================>]     734  --.-KB/s    in 0s      

2023-07-10 12:20:41 (175 MB/s) - ‘index.html.2’ saved [734/734]

在Azure Traffic Manager配置中,我添加了以下内容:

预期的状态码范围(默认:200)
200-299,300-305

路径:/swagger-ui/index.html

协议:HTTPS

端口:443

因此,当我访问Traffic Manager的URL http://my-test-tm.trafficmanager.net 时,它返回 404 Not Found NGINX

Kubernetes集群部署的VNET附加了以下NSG:

入站规则

优先级  名称     端口   协议    源          目标        操作
100       允许1    任何     TCP     某些IP       任何         允许
110       允许2   80,443   TCP     任何          任何         允许
65000     允许3    任何     任何     虚拟网络 虚拟网络 允许
65001     允许4    任何     任何     Azure负载均衡器  任何      允许
65500     拒绝所有  任何     任何     任何             任何      拒绝

出站规则

 优先级  名称       端口   协议      源          目标        操作
    65000     允许5   任何     TCP     虚拟网络   虚拟网络    允许
    65001     允许6   80,443  TCP     任何           任何         允许
    65500     拒绝2    任何     任何     任何           拒绝
英文:

Azure Traffic Manager Monitor status "Degraded"

I deployed Azure Traffic Manager (Routing Mode: Geographic) and then added one endpoint to it. The target runs inside a Kubernetes cluster. So the endpoint configurations are as follows.

Name: Test
Type: External-Endpoint
Target: 1.2.3.4 (IP Address of NGINX Ingress Controller in Kubernetes)
Custom Header Settings: host:my-test-url.com
Geo-mapping: All(World)
Health checks: Enabled

my-test-url.com URL is accessible through the browser and it loads the UI as expected. But CURL command gives 302(Found)?

curl -H -K my-test-url.com                      
<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>

WGET gives

wget https://my-test-url.com 
--2023-07-10 12:20:37--  https://my-test-url.com /
Resolving my-test-url.com  (my-test-url.com )... 1.2.3.4 (IP of NGINX Ingress)
Connecting to my-test-url.com (my-test-url.com )|1.2.3.4|:443... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: https://my-test-url.com /swagger-ui/index.html [following]
--2023-07-10 12:20:41--  https://my-test-url.com /swagger-ui/index.html
Reusing existing connection to my-test-url.com :443.
HTTP request sent, awaiting response... 200 
Length: 734 [text/html]
Saving to: ‘index.html.2’

index.html.2                                    100%[=====================================================================================================>]     734  --.-KB/s    in 0s      

2023-07-10 12:20:41 (175 MB/s) - ‘index.html.2’ saved [734/734]

In Azure Traffic Manager configuration, I have added

    Expected Status Code Ranges (default: 200)
    200-299,300-305

    Path: /swagger-ui/index.html
    
    Protocol: HTTPS

    Port: 443

So when I hit the url of the Traffic Manager http://my-test-tm.trafficmanager.net it gives 404 Not Found NGINX

The VNET where Kubernetes cluster is deployed has these NSGs attached.

Inbound Rules

Priority  Name     Port   Protocol  Source        Destination  Action
100       Allow1    Any     TCP     Some IPs       Any         Allow
110       Allow2   80,443   TCP     Any            Any         Allow
65000     Allow3    Any     Any     VirtualNetwork VirtualNetwork Allow
65001     Allow4    Any     Any     AzureLoadBalancer Any      Allow
65500     DenyAll    Any     Any     Any               Any      Deny

OutBound Rules

 Priority  Name       Port   Protocol      Source      Destination   Action
    65000     Allow5   Any     TCP         VirtualNetwork   VirtualNetwork          Allow
    65001     Allow6   80,443  TCP         Any                Any      Allow
    65500     Deny2    Any     Any         Any            Deny

答案1

得分: 0

问题已解决。我在使用Azure负载均衡器的内部版本,并从这些内部网络进行DNS请求,因此不能使用Traffic Manager来路由此流量。

微软提供的更多信息

英文:

Issue solved. I was using an Internal version of Azure Load Balancer and making DNS requests from such internal networks, then you can’t use Traffic Manager to route this traffic.

More Information from Microsoft

huangapple
  • 本文由 发表于 2023年7月10日 17:27:53
  • 转载请务必保留本文链接:https://go.coder-hub.com/76652425.html
  • azure
  • azure-aks
  • azure-traffic-manager
  • dns
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定