HTTP 503 error in Azure Worker/Web role when IP Address is not specified in IIS site binding
My load balancer probe isn't probing.
Today I tried to define a custom load balancer probe on a worker role in Azure. On this worker role, IIS and other components were installed and configured using PowerShell scripts.
<ServiceDefinition …>
<LoadBalancerProbes>
<LoadBalancerProbe name="Probe1" protocol="http" path="/probe.aspx" port="18045" intervalInSeconds="30" timeoutInSeconds="30"/>
</LoadBalancerProbes>
</ServiceDefinition>
After the deployment, I wasn't able to reach the website, why is that? I jumped onto the machine using Remote Desktop and took a look at IIS logs... Empty, nothing, no sign of a probe here...
What's wrong?
The probe was configured to listen on port 18045 in my service definition file, which is also what I saw in IIS.
On the machine itself I tried to make the same call as the load balancer, by IP address.
http://10.74.56.22:18045 failed with a 503 error.
http://localhost:18045 worked.
Interesting. Something is really messing with this port when all IP addresses are configured in the binding. After several tests I realized that the Windows Azure Guest Agent windows service prevented communications on the IP address when the IIS bindings in the following format "*:18045:". This translate to the following binding in IIS
{Type}:http, {host name}:, {port}:18145, {IP Address}:*
How does it looks now?
We needed to explicitly set an IP address instead of * like we were doing.
I grabbed the IP addresses by using the following command in PowerShell:
Get-NetIPAddress -AddressFamily IPv4 -AddressState Preferred | ? InterfaceAlias -NotLike Loopback*
It can return more than an address so I decided to add a binding for each IPv4 address marked as preferred that is not the loopback interface
I ended up with this in IIS:
After redeploying, everything started to work as expected with the custom probe.