I’m having trouble with my Azure setup. My website is in a container on AKS, and I’m using Azure FrontDoor to route traffic. But I’m getting 503 errors when trying to access the site through FrontDoor.
Here’s what I’ve done:
- Set up FrontDoor to route to my AKS backend
- Configured the host header in FrontDoor to be different from the backend address
- Set up AKS to serve the site when it gets the right host header
- Tested directly with curl and Postman, and it works fine
The weird thing is, when I try to access the site through FrontDoor, I get a 503 error. I don’t think it’s a timeout issue because direct requests are super fast.
I’ve checked Azure Monitor logs and everything looks okay. I’ve also read the Microsoft docs on troubleshooting FrontDoor routing.
I’m stuck. Any ideas on what else I can check or try to fix this?
Have you considered potential mismatches in your SSL/TLS configuration? Sometimes 503 errors can occur if there’s a mismatch between the SSL settings in FrontDoor and your AKS backend. Ensure that the SSL protocol versions and cipher suites are compatible across both services. Additionally, verify that your AKS ingress controller is properly configured to handle the SSL termination if you’re using end-to-end encryption. It’s also worth checking if there are any recent changes in your AKS deployment that might have affected the service’s ability to handle the custom host header correctly. Lastly, consider temporarily enabling more verbose logging in both FrontDoor and AKS to gather more detailed diagnostics about the exact point of failure in the request chain.
hey, did u check frontdoor’s health probe settings? sometimes they misjudge backend health, even if its actually fine. also, look at your NSG rules – traffic from frontdoor to aks might be blocked. 503 errors are annoying, but usually its a simple fix.
hm, have u thought about checking the ssl cert on your aks side? sometimes frontdoor gets confused if the cert doesn’t match what it expects. also, maybe try tweaking the backend timeout settings in frontdoor? could be worth a shot. what happens if u try accessing the site from different regions?