Azure has recently unveiled the public preview of the Azure Load Balancer Administrative State (Admin State). This new feature aims to enhance the management of Azure VMs by providing more effective control over the backend pool of the Azure Load Balancer. In this article, we will delve into the significance of this update and explore how it can benefit end users.
Current State of Load Balancer:
The Azure Load Balancer is key in evenly distributing incoming traffic among the various healthy backend pool instances. It does this by regularly sending health probes, essentially requests, to the instances to ensure they respond appropriately. Based on the results of these health probes, the load balancer decides which instances can handle new or ongoing connections and which cannot.
When maintenance activities necessitate a change in the health probe behaviour for specific virtual machines in your Load Balancer backend pool, a specific process needs to be followed. This involves removing those virtual machines from the load balancer or closing ports on your VM. The maintenance activities can then be carried out, and once they are completed, the virtual machines can be reattached back to the load balancer.
Future State of Load Balancer with admin state:
Introducing the Admin State feature allows users to customize the behaviour of your Azure Load Balancer’s health probe for individual backend pool instances, such as VMs or VMSS instances. This customization can be achieved without altering your network security rules or closing ports on your VM. Using the admin state, you can set the value of UP, DOWN, or NONE for each backend pool instance. This chosen value will determine how the load balancer manages new and existing connections to the instance, irrespective of the health probe results.
In some situations, you might need to temporarily take an instance out of rotation for maintenance or testing purposes, or you might want to enable an instance to accept new connections even if it’s marked as unhealthy by the health probe. In these cases, you can use the new Azure Load Balancer feature called “admin state.”
Admin State:
With the admin state in this setting, you can modify the load balancer’s behaviour regarding how it directs new or existing connections to the backend instance. With Admin State, removing virtual machines from the backend pool for maintenance, patching, or applying fixes becomes straightforward. This approach eliminates additional overhead related to closing ports or updating security rules.
The definitions of each state in the Azure Load Balancer admin state are below:
| Admin State | Definitions |
| UP | The load balancer will ignore the health probe’s response and always consider the backend instance eligible for new connections. |
| Down | The load balancer will ignore the response from the configured health probe and prevent new connections to the backend instance. |
| None | By default, the load balancer will use the health probe’s response. |
Enabling and Removing the admin state from the backend pool instance
Since these features are in public preview, we need to register their necessary subscriptions. To do this, go to your subscriptions, select “Preview features” under settings, and search for the “admin state” feature. Then click on “Register” for the feature.
The steps to enable and disable the admin state for the Azure Load Balancer are:
- Sign in to the Azure Portal.
- Select your load balancer from the list.
- On your load balancer’s page, select Backend Pools Settings.
- Select the Admin State value of your backend pool instance that you want to turn on or off.
5. Based on your requirements, select UP, DOWN, or None from the dropdown menu on the admin state’s window.
6. Click Save.
Conclusion
The Azure load balancer’s admin state settings give end users greater control over the backend instances’ health probe. Still, it’s important to note that this feature is currently in preview for public use and has a few limitations. The admin state setting works in conjunction with configuring a health probe based on load balancer rules, but it is not compatible with inbound NAT rules.
Santhosh has over 15 years of experience in the IT organization. Working as a Cloud Infrastructure Architect and has a wide range of expertise in Microsoft technologies, with a specialization in public & private cloud services for enterprise customers. My varied background includes work in cloud computing, virtualization, storage, networks, automation and DevOps.
