流量管理器的工作原理How Traffic Manager Works

使用 Azure 流量管理器可以控制流量在应用程序终结点之间的分布。Azure Traffic Manager enables you to control the distribution of traffic across your application endpoints. 终结点可以是托管在 Azure 内部或外部的任何面向 Internet 的服务。An endpoint is any Internet-facing service hosted inside or outside of Azure.

流量管理器具有两大优势:Traffic Manager provides two key benefits:

当客户端尝试连接到某个服务时,必须先将该服务的 DNS 名称解析成 IP 地址。When a client attempts to connect to a service, it must first resolve the DNS name of the service to an IP address. 然后,客户端就可以连接到该 IP 地址以访问相关服务。The client then connects to that IP address to access the service.

需要了解的最重要一点是,流量管理器在 DNS 级别工作。The most important point to understand is that Traffic Manager works at the DNS level. 流量管理器根据流量路由方法的规则,使用 DNS 将客户端导向到特定的服务终结点。Traffic Manager uses DNS to direct clients to specific service endpoints based on the rules of the traffic-routing method. 客户端直接连接到选定的终结点。Clients connect to the selected endpoint directly. 流量管理器不是代理或网关。Traffic Manager is not a proxy or a gateway. 流量管理器看不到流量在客户端与服务之间传递。Traffic Manager does not see the traffic passing between the client and the service.

流量管理器示例Traffic Manager example

Contoso Corp 开发了一个新的合作伙伴门户。Contoso Corp have developed a new partner portal. 此门户的 URL 为 https://partners.contoso.com/login.aspxThe URL for this portal is https://partners.contoso.com/login.aspx. 该应用程序托管在三个 Azure 区域中。The application is hosted in three regions of Azure. 为了改善可用性并在全球最大程度地提高性能,他们使用流量管理器将客户端流量分布到最靠近的可用终结点。To improve availability and maximize global performance, they use Traffic Manager to distribute client traffic to the closest available endpoint.

为了实现此配置,他们完成以下步骤:To achieve this configuration, they complete the following steps:

  1. 部署服务的三个实例。Deploy three instances of their service. 这些部署的 DNS 名称为“contoso-east.chinacloudapp.cn”、“contoso-north.chinacloudapp.cn”和“contoso-east2.chinacloudapp.cn”。The DNS names of these deployments are 'contoso-east.chinacloudapp.cn', 'contoso-north.chinacloudapp.cn', and 'contoso-east2.chinacloudapp.cn'.

  2. 创建一个名为“contoso.trafficmanager.cn”的流量管理器配置文件,并将该文件配置为对三个终结点使用“性能”流量路由方法。Create a Traffic Manager profile, named 'contoso.trafficmanager.cn', and configure it to use the 'Performance' traffic-routing method across the three endpoints.

  3. 使用 DNS CNAME 记录将其虚构域名“partners.contoso.com”配置为指向“contoso.trafficmanager.cn”。Configure their vanity domain name, 'partners.contoso.com', to point to 'contoso.trafficmanager.cn', using a DNS CNAME record.

    流量管理器 DNS 配置


    通过 Azure 流量管理器来使用虚构域时,必须使用 CNAME 将虚构域名指向流量管理器域名。When using a vanity domain with Azure Traffic Manager, you must use a CNAME to point your vanity domain name to your Traffic Manager domain name. DNS 标准不允许在域的“顶点”(或根)位置创建 CNAME。DNS standards do not allow you to create a CNAME at the 'apex' (or root) of a domain. 因此,无法为“contoso.com”(有时称为“裸”域)创建 CNAME。Thus you cannot create a CNAME for 'contoso.com' (sometimes called a 'naked' domain). 只能为“contoso.com”下的域(例如“www.contoso.com”)创建 CNAME。You can only create a CNAME for a domain under 'contoso.com', such as 'www.contoso.com'. 为了克服此限制,建议在 Azure DNS 上托管 DNS 域。To work around this limitation, we recommend hosting your DNS domain on Azure DNS. 或者可以使用简单的 HTTP 重定向将针对“contoso.com”的请求定向到某个备用名称(例如“www.contoso.com”)。Alternatively you can use a simple HTTP redirect to direct requests for 'contoso.com' to an alternative name such as 'www.contoso.com'.

客户端如何使用流量管理器进行连接How clients connect using Traffic Manager

沿用前面的示例,当客户端请求页面 https://partners.contoso.com/login.aspx 时,会执行以下步骤来解析 DNS 名称并建立连接:Continuing from the previous example, when a client requests the page https://partners.contoso.com/login.aspx, the client performs the following steps to resolve the DNS name and establish a connection:


  1. 客户端向已配置的递归 DNS 服务发送 DNS 查询,以解析名称“partners.contoso.com”。The client sends a DNS query to its configured recursive DNS service to resolve the name 'partners.contoso.com'. 递归 DNS 服务有时称为“本地 DNS”服务,并不直接托管 DNS 域。A recursive DNS service, sometimes called a 'local DNS' service, does not host DNS domains directly. 客户端将联系各种权威 DNS 服务的工作负荷转移到 Internet,以便解析 DNS 名称。Rather, the client off-loads the work of contacting the various authoritative DNS services across the Internet needed to resolve a DNS name.

  2. 为了解析 DNS 名称,递归 DNS 服务将查找“contoso.com”域的名称服务器。To resolve the DNS name, the recursive DNS service finds the name servers for the 'contoso.com' domain. 然后,它会联系这些名称服务器以请求“partners.contoso.com”DNS 记录。It then contacts those name servers to request the 'partners.contoso.com' DNS record. contoso.com DNS 服务器返回指向 contoso.trafficmanager.cn 的 CNAME 记录。The contoso.com DNS servers return the CNAME record that points to contoso.trafficmanager.cn.

  3. 接下来,递归 DNS 服务查找“trafficmanager.cn”域的名称服务器,这些服务器由 Azure 流量管理器服务提供。Next, the recursive DNS service finds the name servers for the 'trafficmanager.cn' domain, which are provided by the Azure Traffic Manager service. 然后,针对“contoso.trafficmanager.cn”DNS 记录发出的请求发送到这些 DNS 服务器。It then sends a request for the 'contoso.trafficmanager.cn' DNS record to those DNS servers.

  4. 流量管理器名称服务器接收该请求。The Traffic Manager name servers receive the request. 终结点的选择依据为:They choose an endpoint based on:

    • 每个终结点的已配置状态(不返回已禁用的终结点)The configured state of each endpoint (disabled endpoints are not returned)
    • 每个终结点的当前运行状况,可通过流量管理器运行状况检查来确定。The current health of each endpoint, as determined by the Traffic Manager health checks. 有关详细信息,请参阅流量管理器终结点监视For more information, see Traffic Manager Endpoint Monitoring.
    • 所选的流量路由方法。The chosen traffic-routing method. 有关详细信息,请参阅流量管理器路由方法For more information, see Traffic Manager Routing Methods.
  5. 选择的终结点以另一个 DNS CNAME 记录的形式返回。The chosen endpoint is returned as another DNS CNAME record. 在本例中,假设返回了 contoso-east.chinacloudapp.cn。In this case, let us suppose contoso-east.chinacloudapp.cn is returned.

  6. 接下来,递归 DNS 服务将查找“chinacloudapp.cn”域的名称服务器。Next, the recursive DNS service finds the name servers for the 'chinacloudapp.cn' domain. 它会联系这些名称服务器以请求“contoso-east.chinacloudapp.cn”DNS 记录。It contacts those name servers to request the 'contoso-east.chinacloudapp.cn' DNS record. 返回的 DNS“A”记录包含位于东部的服务终结点的 IP 地址。A DNS 'A' record containing the IP address of the EAST-based service endpoint is returned.

  7. 递归 DNS 服务将结果合并,向客户端返回单个 DNS 响应。The recursive DNS service consolidates the results and returns a single DNS response to the client.

  8. 客户端接收 DNS 结果,并连接到给定的 IP 地址。The client receives the DNS results and connects to the given IP address. 客户端直接连接到应用程序服务终结点,而不是通过流量管理器连接。The client connects to the application service endpoint directly, not through Traffic Manager. 由于这是一个 HTTPS 终结点,客户端将执行必要的 SSL/TLS 握手,然后针对“/login.aspx”页面发出 HTTP GET 请求。Since it is an HTTPS endpoint, the client performs the necessary SSL/TLS handshake, and then makes an HTTP GET request for the '/login.aspx' page.

递归 DNS 服务缓存它所收到的 DNS 响应。The recursive DNS service caches the DNS responses it receives. 客户端设备上的 DNS 解析程序也会缓存结果。The DNS resolver on the client device also caches the result. 通过缓存可以加快后续 DNS 查询的响应速度,因为使用的是缓存中的数据,不需要查询其他名称服务器。Caching enables subsequent DNS queries to be answered more quickly by using data from the cache rather than querying other name servers. 缓存的持续时间取决于每个 DNS 记录的“生存时间”(TTL) 属性。The duration of the cache is determined by the 'time-to-live' (TTL) property of each DNS record. 该属性值越小,缓存过期时间就越短,因此访问流量管理器名称服务器所需的往返次数就越多。Shorter values result in faster cache expiry and thus more round-trips to the Traffic Manager name servers. 如果指定较大的值,则意味着从故障终结点定向流量需要更长的时间。Longer values mean that it can take longer to direct traffic away from a failed endpoint. 使用流量管理器,可以将流量管理器 DNS 响应中使用的 TTL 配置为最短 0 秒,最长 2,147,483,647 秒(符合 RFC-1035 的最大范围),从而可选择使应用程序的需求实现最佳平衡的值。Traffic Manager allows you to configure the TTL used in Traffic Manager DNS responses to be as low as 0 seconds and as high as 2,147,483,647 seconds (the maximum range compliant with RFC-1035), enabling you to choose the value that best balances the needs of your application.


后续步骤Next steps

详细了解流量管理器终结点监视和自动故障转移Learn more about Traffic Manager endpoint monitoring and automatic failover.

详细了解流量管理器流量路由方法Learn more about Traffic Manager traffic routing methods.