(DEPRECATED) Load balance containers in an Azure Container Service DC/OS cluster
Warning
The Azure Container Service (ACS) is being deprecated. No new features or functionality are being added to ACS. All of the APIs, portal experience, CLI commands and documentation are marked as deprecated.
For more information, see the Azure Container Service deprecation announcement on Azure.com.
We recommend that you deploy one of the following Azure Marketplace solutions:
- Mesosphere DC/OS
If you want to use Kubernetes, see Azure Kubernetes Service.
In this article, we explore how to create an internal load balancer in a DC/OS managed Azure Container Service using Marathon-LB. This configuration enables you to scale your applications horizontally. It also allows you to take advantage of the public and private agent clusters by placing your load balancers on the public cluster and your application containers on the private cluster. In this tutorial, you:
- Configure a Marathon Load Balancer
- Deploy an application using the load balancer
- Configure and Azure load balancer
You need an ACS DC/OS cluster to complete the steps in this tutorial. If needed, this script sample can create one for you.
This tutorial requires the Azure CLI version 2.0.4 or later. Run az --version
to find the version. If you need to upgrade, see Install the Azure CLI.
Use Azure Cloud Shell
Azure hosts Azure Cloud Shell, an interactive shell environment that you can use through your browser. You can use either Bash or PowerShell with Cloud Shell to work with Azure services. You can use the Cloud Shell preinstalled commands to run the code in this article without having to install anything on your local environment.
To start Azure Cloud Shell:
Option | Example/Link |
---|---|
Select Try It in the upper-right corner of a code block. Selecting Try It doesn't automatically copy the code to Cloud Shell. | |
Go to https://shell.azure.com, or select the Launch Cloud Shell button to open Cloud Shell in your browser. | |
Select the Cloud Shell button on the menu bar at the upper right in the Azure portal. |
To run the code in this article in Azure Cloud Shell:
Start Cloud Shell.
Select the Copy button on a code block to copy the code.
Paste the code into the Cloud Shell session by selecting Ctrl+Shift+V on Windows and Linux or by selecting Cmd+Shift+V on macOS.
Select Enter to run the code.
Load balancing overview
There are two load-balancing layers in an Azure Container Service DC/OS cluster:
Azure Load Balancer provides public entry points (the ones that end users access). An Azure LB is provided automatically by Azure Container Service and is, by default, configured to expose port 80, 443 and 8080.
The Marathon Load Balancer (marathon-lb) routes inbound requests to container instances that service these requests. As we scale the containers providing our web service, the marathon-lb dynamically adapts. This load balancer is not provided by default in your Container Service, but it is easy to install.
Configure Marathon Load Balancer
Marathon Load Balancer dynamically reconfigures itself based on the containers that you've deployed. It's also resilient to the loss of a container or an agent - if this occurs, Apache Mesos restarts the container elsewhere and marathon-lb adapts.
Go to https://shell.azure.com to open Cloud Shell in your browser.
Run the following command to install the marathon load balancer on the public agent's cluster.
dcos package install marathon-lb
Deploy load balanced application
Now that we have the marathon-lb package, we can deploy an application container that we wish to load balance.
First, get the FQDN of the publicly exposed agents.
az acs list --resource-group myResourceGroup --query "[0].agentPoolProfiles[0].fqdn" --output tsv
Next, create a file named hello-web.json and copy in the following contents. The HAPROXY_0_VHOST
label needs to be updated with the FQDN of the DC/OS agents.
{
"id": "web",
"container": {
"type": "DOCKER",
"docker": {
"image": "yeasy/simple-web",
"network": "BRIDGE",
"portMappings": [
{ "hostPort": 0, "containerPort": 80, "servicePort": 10000 }
],
"forcePullImage":true
}
},
"instances": 3,
"cpus": 0.1,
"mem": 65,
"healthChecks": [{
"protocol": "HTTP",
"path": "/",
"portIndex": 0,
"timeoutSeconds": 10,
"gracePeriodSeconds": 10,
"intervalSeconds": 2,
"maxConsecutiveFailures": 10
}],
"labels":{
"HAPROXY_GROUP":"external",
"HAPROXY_0_VHOST":"YOUR FQDN",
"HAPROXY_0_MODE":"http"
}
}
Use the DC/OS CLI to run the application. By default Marathon deploys the application to the private cluster. This means that the above deployment is only accessible via your load balancer, which is usually the desired behavior.
dcos marathon app add hello-web.json
Once the application has been deployed, browse to the FQDN of the agent cluster to view load balanced application.
Configure Azure Load Balancer
By default, Azure Load Balancer exposes ports 80, 8080, and 443. If you're using one of these three ports (as we do in the above example), then there is nothing you need to do. You should be able to hit your agent load balancer's FQDN, and each time you refresh, you'll hit one of your three web servers in a round-robin fashion.
If you use a different port, you need to add a round-robin rule and a probe on the load balancer for the port that you used. You can do this from the Azure CLI, with the commands azure network lb rule create
and azure network lb probe create
.
Next steps
In this tutorial, you learned about load balancing in ACS with both the Marathon and Azure load balancers including the following actions:
- Configure a Marathon Load Balancer
- Deploy an application using the load balancer
- Configure and Azure load balancer
Advance to the next tutorial to learn about integrating Azure storage with DC/OS in Azure.