Product Review: Azure Traffic Manager (2019)

.

In the world of always on and always available IT services, engineers are constantly looking for robust and resilient options.  The importance of ensuring services are optimised, highly available and resilient to failures is paramount in keeping your users happy and your stakeholders smiling!

When dealing with public facing services on the web, there are many ways to manage network traffic amongst endpoints hosting your service.   Some load balancing options can be quite cumbersome and expensive for initial setup and ongoing support.  There is also the weakness when public DNS is involved of having to manager DNS records in the events of unplanned failovers.

Today I’d like to talk about Azure Traffic Manager, a flexible network traffic management solution.   I have deployed this personally across many systems and have always been impressed with the simplicity and functionality of this feature.  With more customers moving their services to the cloud, it’s a perfect complimentary tool to manage user traffic.

So, the question I imagine you are asking is, well what does it do and what can I achieve with it?  In a nutshell, Azure Traffic Manager is a service used to distribute network traffic to your endpoints at a DNS level.  When a client device performs a DNS query to your service, Azure Traffic Manager directs them to service specific endpoints based on a variety of available traffic routing methods.  The Azure Traffic Manager will return an endpoints location to the client and traffic is then routed direct between the client and the endpoint without having to pass via the Traffic Manager frontend.

An endpoint is a public facing service, either hosted in Azure or alternatively any IPv4/IPv6 service hosted external to Azure.  These could be Azure Web Apps, Azure PaaS Services, Azure Public IP’s or any externally hosted service that is contactable via an IPv4/IPv6 or fully qualified domain name.  The great part about this range of endpoints, is it allows for spreading your traffic across both Azure and on-premise environments to give you further resiliency.

When creating an Azure Traffic Manager profile a URL is generated which you will then populate in your public DNS records.  The URL will have the suffix .trafficmanager.net with you being able to select a custom name prior to this, for example virtuoso.trafficmanager.net.  Once you have your Azure Traffic Manager setup and a URL has been generated you then add this as a CNAME record to the true public DNS host record for your service.  The process is seamless to the end client when resolving your service.

The beauty of this method of DNS management is that you aren’t having to manage your public DNS for manual failovers and waiting for DNS propagation worldwide before services are available to your end users.  Your DNS is constantly directing users to Azure Traffic Manager and it handles failing over to healthy node without any intervention from your IT teams.

The following diagram shows how the path taken by clients in an Azure Traffic Manager deployment:

The next thing to consider is the desired traffic routing method you will be using with your Azure Traffic Manager.  The following is a list of the current methods and how they operate:

• Priority: This method allows you to dictate which endpoints take priority for traffic and in the event of failure which backup endpoints you want traffic to then be directed to.
• Weighted: This allows for allocating a cost to traffic and distributing traffic evenly amongst groups of different weighted endpoints.
• Performance: This method directs traffic based on Network latency to ensure users are directed to the node with the best performance for them.
• Geographic: A fantastic feature in that the Azure Traffic Manager directs users to endpoints based on the geographic location the DNS request originates from and directs them to endpoints in the nearest region. This is useful for not only performance but also for data compliance where traffic must not operate outside of geographical boundaries.
• Multivalue: Multivalue only works with IPv4/IPv6 endpoints. When a Traffic Manager Profile utilises this method, all healthy endpoints are returned to the query.
• Subnet: Subnet routing allows to route certain IP ranges to designated endpoints so you have a finer control over who is directed to where based on their originating IP.

Azure Traffic Manager constantly monitors the health of your endpoints using either HTTP, HTTPS or TCP protocols.  In the use of http/https a path to monitor is specified and this can be configured to only return a healthy state for an endpoint if certain response codes are used if required.  With TCP, a port is specified, which the Azure Traffic Manager ensures TCP connections are being accepted on the desired port before acknowledging the endpoint as healthy.  The interval, tolerated number of failures and time out, are all configurable to ensure fast failover in the event of node failures.

Azure Traffic Manager also provides the ability to view information on the traffic you are receiving.  This can provide information to help you understand vital statistic such as:

• User locations on a geographical basis
• Volume of traffic from each region
• The latency experienced by end users during connections

This data allows for better designing of your endpoint routing to ensure you are providing your clients with the best service regardless of where they are originating from.  The below gives an idea of how this dashboard works and the level of detail presented:

As well as this live view Azure offers metrics on the Azure Traffic Manager queries.  These include running reports on Endpoint Status by Endpoint as well as Queries returned by Endpoint.  All of these can be linked to Alerts keeping you updated on Endpoint failures as well as monitoring loads on your endpoints based on queries.  This proactive information helps you to pinpoint issues and resolve before service becomes affected.

As with everything Azure, you can build your Traffic Manager Profile and export this as a JSON template to allow for automated deployments via the usual flavours such as Powershell, Azure CLI, .net and Ruby.  Thus, taking away the manual intervention required when deploying multiple highly available services in your environment.  You can build Azure Traffic Manager alongside your templates for deploying web services in Azure to allow you to quickly spin up new environments with only a few clicks rather than hours of building and configuration!

There are many uses for Azure Traffic Manager in providing highly available web services and there is plenty of guides available to suit your requirements.  Just the other day I was tasked with ensuring users for a client hosted Exchange DAG environment have their Autodiscover connections directed to the DAG member in their region.  It was a no brainer, with the use of Azure Traffic Manager I was able to quickly set up a measurable and resilient solution that has simplified the process for the customer.

Hopefully this blog post has been a useful introduction to the world of Azure Traffic Manager and I would recommend consulting the Microsoft Documentation for further reading.  Now go forth and find out for yourself just how simple DNS traffic management can be in the world of Azure!

https://docs.microsoft.com/en-us/azure/traffic-manager/