Hi,
I'm planning a move to Azure for one of our production environments and currently building a proof of concept with my VS Credits. My goal is to implement HA as my predecessor didn't implement on our on-prem env.
The server uses IIS and window services that listen for traffic externally. Unfortunately, the windows services that accept traffic are not DNS resolved but IIS is. The server also has a SQL DB.
I've created two VMs in an Availability Zone. I've configured an ILB with two frontend IPs. One IP has a rule for the SQL Listener and another as a generic IP using HA Ports for all other traffic. The HA Port will be reached by other internal servers. Both Rules use a Health Probe to route traffic to 59999 - Active/Passive Setup. Due to the age of this product and the type of traffic it receives I’m unsure if I can break this product out to n-tier to have active active but I will try that after a basic configuration.
My goal is to achieve 99.99% and when we move to Azure, we will use Azure FW so I can potentially see this as viable? But I’ve become stuck as now that I’ve built this, I realise I cannot route external traffic to the ILB without a FW or NVA which will wipe out my credits.
My questions are - as an Azure newbie are below.
1) To complete my POC, I'm thinking I can use a ILB for SQL AG. For the external traffic, run a ELB with a bunch of LB Rules for Web and the custom windows services externally. Going to give this a go now but maybe there’s a better way?
2) My plan regarding two frontend IPs and two rules (SQL Listener and one HA Ports) on the ILB sharing the same health probe with an Azure FW when we move to production. Is that best practise? Or again, is there a better way?
Appreciate any help as always!
Many Thanks,
Brad