Daniel's Tech Blog

Cloud Computing, Cloud Native & Kubernetes

Azure Load Balancer Health Event Logs

In February, Microsoft announced the general availability of the Azure Load Balancer health event logs.

-> https://azure.microsoft.com/en-us/updates?WT.mc_id=AZ-MVP-5000119&id=481818

Those health event logs are part of the diagnostic logs of an Azure Load Balancer

Azure portal - Diagnostic log settings Azure Load Balancer

As seen in the screenshot above, I have configured them on the Azure Load Balancer, part of my Azure Kubernetes Service cluster, and sent those logs to an Azure Log Analytics workspace.

The following types of health events are published when they are detected: DataPathAvailabilityWarning, DataPathAvailabilityCritical, NoHealthyBackends, HighSnatPortUsage, and SnatPortExhaustion.

-> https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-health-event-logs?WT.mc_id=AZ-MVP-5000119#health-event-types-and-publishing-frequency

The first two events are published when platform issues in Azure affect the data path availability. Looking at the other three events, they notify you when something has happened that you can solve yourself within the Azure Load Balancer or application configuration.

When you receive the NoHealthyBackends event, your application behind the Azure Load Balancer is affected and has a complete outage.

Azure portal - Log Analytics KQL Azure Load Balancer Health Events

So, should you depend on this health event to detect an outage of your application? The answer is no. It is an addition to your existing monitoring solution that provides additional detection from within the platform.

In the past I have written two blog posts about how to detect and mitigate SNAT port exhaustion in Azure.

-> https://www.danielstechblog.io/detecting-snat-port-exhaustion-on-azure-kubernetes-service/
-> https://www.danielstechblog.io/preventing-snat-port-exhaustion-on-azure-kubernetes-service-with-virtual-network-nat/

When you still need to rely on an outbound public IP configuration for an Azure Load Balancer instead of using an Azure NAT Gateway, then the health events HighSnatPortUsage and SnatPortExhaustion are for you. Both events allow you to detect and mitigate an SNAT port exhaustion faster than without those events.

Summary

The new Azure Load Balancer health events complement the existing Load Balancer metrics and support you in your day-to-day operations for Azure services that rely on Azure Load Balancer.

-> https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-health-event-logs?WT.mc_id=AZ-MVP-5000119

WordPress Cookie Notice by Real Cookie Banner