How Azure Traffic Manager connects to the Private Endpoints (Internal ingress)

Question

Hi Team, I am looking for a AKS Disaster recovery(DR) solution, I was trying with Traffic manager but it seems it only supporting for Web App public endpoints, is there a solution coming near future for connecting internal web app endpoints(private). In my environment all backend system mostly running on internal network. So i need to implement a solution for connecting those private web app endpoints.
Please let me know if there is a solution already if not any new feature is coming for Traffic Manager in future.

Answer 1

Hello @Sruthi Saranya Karthikeyan

If not done yet you may want to try using application gateways in front of the AKS clusters, please check the article below (option 6) from Adam Stuart about network load balancing strategy across regions:
https://github.com/adstuart/azure-crossregion-private-lb

I hope this helps!

Please don’t forget to "Accept the answer" and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

Answer 2

Hi @Naresh Bogathi (OSV) ,

When we use private endpoints with Azure Traffic Manager the health probes fail and they will be marked as degraded. The endpoints that are degraded are not included in the ATM's query response. However, if all the endpoints are degraded then they will be included in the query response. Therefore you can go ahead and set it up for private web app endpoints if you are okay with the health monitoring feature not being available.

You can refer to the following documentation for a detailed explanation on how private endpoints can be configured as failover endpoints for ATM: https://learn.microsoft.com/en-gb/archive/blogs/mihansen/using-azure-traffic-manager-for-private-endpoint-failover-manual-method

Hope this helps, do feel free to reach out in case of any further questions.

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.