Share via

Azure front door always showing one origin

Aljaž Kraševec 20 Reputation points
2025-02-27T15:45:52.15+00:00

Hy,

I'm having unexplainable issues with front door and origin group.

I have configured two origins of container instances into one origin group. The purpose of it is to have two copies of application, so that deploying updates doesn't cause application downtime. Idea is to start 2nd group, stop 1st group, deploy updates to 1st group, deploy updates to 2nd group and finally stop 2nd group.

Front door should detect available origin and redirect to it. Front door is configured so that 1st origin has smaller priority number than 2nd origin. Front door has enabled health probes in 5sec interval. Sample size: 1, samples required: 1, latency: 0.

If I manually start 2nd origin (container instance), it takes up to 5min to be available. Health probes are running and successful, but locally I get "could not get response". If I enter IP instead of domain, response is successful.

After both container instances are running (checked via postman) and available in browser, turning off 1st instance should make front door to redirect to 2nd instance. But result is "502 bad gateway" or "504 gateway timeout" or "503 service unavailable". It takes up to 5 minutes for front door to figure out that 1st instance is offline and that it should redirect to second one. That's huge difference from 5sec.

Can you please help why front door behaves different than settings suggest? Or what configuration option makes this work as described, or needs to be changed?

Thanks, AK

Azure Front Door
Azure Front Door
An Azure service that provides a cloud content delivery network with threat protection.
776 questions
Accepted answer
  1. Rohith Vinnakota 3,000 Reputation points Microsoft External Staff
    2025-02-27T18:32:38.8+00:00

    Hi @Aljaž Kraševec,

     I understand that you are encountering 5xx errors. For further investigation, could you please provide the following information.

    1. Let me know what error you are getting when accessing the backend directly.
    2. Also, check the health probe configuration and verify the backend health.
    3. Meanwhile, please share a screenshot of the origin group.
    4. Additionally, collect the HAR file while encountering the 5xx error and gather the X-Azure reference ID. Using this reference ID, you can check the logs by following this document:
      https://learn.microsoft.com/en-us/azure/frontdoor/refstring?source=recommendations&tabs=edge#how-to-use-a-reference-string-with-some-of-our-troubleshooting-tools

    For more details on 5xx errors, refer to this document:
    https://learn.microsoft.com/en-us/azure/frontdoor/troubleshoot-issues?form=MG0AV3

    Note: The deployment time for Front Door configurations varies depending on the type of change. Typically, it takes between 3 and 20 minutes for the changes to propagate to all our edge locations worldwide.
    User's image

    https://learn.microsoft.com/en-us/azure/frontdoor/front-door-faq#what-is-the-estimated-time-for-deploying-an-azure-front-door--does-my-front-door-remain-operational-during-the-update-process-
    Kindly let us know if the above helps or you need further assistance on this issue.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.