[SOLVED] Azure Traffic Manager Monitor Status Degraded

Azure Traffic Manager Monitor Status Degraded

Azure Traffic Manager Monitor status "Degraded"

I deployed Azure Traffic Manager (Routing Mode: Geographic) and then added one endpoint to it. The target runs inside a Kubernetes cluster. So the endpoint configurations are as follows.

Name: Test
Type: External-Endpoint
Target: 1.2.3.4 (IP Address of NGINX Ingress Controller in Kubernetes)
Custom Header Settings: host:my-test-url.com
Geo-mapping: All(World)
Health checks: Enabled

my-test-url.com URL is accessible through the browser and it loads the UI as expected. But CURL command gives 302(Found)?

curl -H -K my-test-url.com                      
<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>

WGET gives

wget https://my-test-url.com 
--2023-07-10 12:20:37--  https://my-test-url.com /
Resolving my-test-url.com  (my-test-url.com )... 1.2.3.4 (IP of NGINX Ingress)
Connecting to my-test-url.com (my-test-url.com )|1.2.3.4|:443... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: https://my-test-url.com /swagger-ui/index.html [following]
--2023-07-10 12:20:41--  https://my-test-url.com /swagger-ui/index.html
Reusing existing connection to my-test-url.com :443.
HTTP request sent, awaiting response... 200 
Length: 734 [text/html]
Saving to: ‘index.html.2’

index.html.2                                    100%[=====================================================================================================>]     734  --.-KB/s    in 0s      

2023-07-10 12:20:41 (175 MB/s) - ‘index.html.2’ saved [734/734]

In Azure Traffic Manager configuration, I have added

    Expected Status Code Ranges (default: 200)
    200-299,300-305

    Path: /swagger-ui/index.html
    
    Protocol: HTTPS

    Port: 443

So when I hit the url of the Traffic Manager http://my-test-tm.trafficmanager.net it gives 404 Not Found NGINX

The VNET where Kubernetes cluster is deployed has these NSGs attached.

Inbound Rules

Priority  Name     Port   Protocol  Source        Destination  Action
100       Allow1    Any     TCP     Some IPs       Any         Allow
110       Allow2   80,443   TCP     Any            Any         Allow
65000     Allow3    Any     Any     VirtualNetwork VirtualNetwork Allow
65001     Allow4    Any     Any     AzureLoadBalancer Any      Allow
65500     DenyAll    Any     Any     Any               Any      Deny

OutBound Rules

 Priority  Name       Port   Protocol      Source      Destination   Action
    65000     Allow5   Any     TCP         VirtualNetwork   VirtualNetwork          Allow
    65001     Allow6   80,443  TCP         Any                Any      Allow
    65500     Deny2    Any     Any         Any            Deny

Solution

Issue solved. I was using an Internal version of Azure Load Balancer and making DNS requests from such internal networks, then you can’t use Traffic Manager to route this traffic.

More Information from Microsoft