Support for drainstop in Azure App Gateway
Traditional loadbalancers support the following states, to facilitate performing maintenance on a system of multiple nodes gracefully:
Enabled (All traffic allowed)
Disabled (Only persistant or active connections allowed)
Force Offline (only active connections allowed)
When a application gateway node is "unhealthy" it only allows active connections. We are looking for a way to force a node into an "unhealthy" state.
The currently supported method is to use a custom probe that checks a file/path. I would like a solution that doesn't involve making changes on the server going into maintenance mode.
This is being worked on currently.
Mark Houston commented
We would also like this. It is a feature of F5 that several people are accustomed to using.
Any update on this?
We have multiple backend pools on our application gateway and we wish to force all of them into unhealthy status so that a global maintenance page is shown.
We tried to use a network security group that blocks outgoing access to all backend ip addresses but the AG subnet doesn't allow it. The rule contains only private ip addresses as destinations but it complains about blocking internet for some reason.
We also have backends with domain addresses and those can't be blocked via NSGs.
This needs to be per listener. If I have a server hosting multiple APIs, I might want to take down a single API for a release rather than the whole server in the backend pool.