I've created a vmss with a loadbalancer and a probe configured for http 80 address /.
I have now updated my app with a dedicated alive route, e.g. /api/alive that is much quicker replying that the base url, and that's the one I'd like to use as a probe for the load balancing rules.
I have updated my template (that the base was https://github.com/Azure/vm-scale-sets/blob/master/preview/upgrade/autoupdate.json) with the new probe details, but I keep getting the following error:
"error": {
"code": "CannotModifyRuleUsedByProbeUsedByVMSS",
"message": "Load balancer rule /subscriptions/SUBID/resourceGroups/GROUPNAME/providers/Microsoft.Network/loadBalancers/RESNAME-lb/loadBalancingRules/webhttpslb cannot be modified because it references the load balancer probe /subscriptions/SUBID/resourceGroups/GROUPNAME/providers/Microsoft.Network/loadBalancers/RESNAME-lb/probes/saProbe that used as health probe by VM scale set /subscriptions/SUBID/resourceGroups/GROUPNAME/providers/Microsoft.Compute/virtualMachineScaleSets/RESNAME. To make changes to this rule, please update VM scale set to remove the reference to the probe.",
}
Whatever way around I try it, removing all probes, modifying only the details of the probe, I keep getting this error.
Are we meant to have all the VMs in the scale set to update probes? Is there any other way around? Thank you so much for any help in advance.
UPDATE
Template before: https://pastebin.com/YisgUbRk
Template after: https://pastebin.com/2VmgPMur
i'm trying to replace saProbe from rules and VMSS, with a httpProbe for the rules and a sshProbe for the VMSS.
i've also tried keeping the VMSS probe as saProbe and just add the httpProbe to the LB rules, but that didn't work either, got the same error.
here's the current settings for saProbe https://pasteboard.co/HuKMcwA.png they match what's on the after paste.
UPDATE 2
Tried to keep saProbe on the LB rules, but changed VM probe to sshProbe, with the same result and same error on webhttpslb rule.
any suggestions on how to replace probes gracefully? without LB and VMs downtime?
UPDATE 3
Neil, was indeed correct (good spot!) there was an additional change that I did not notice.
However, it's now clear that what I'm actually trying to achieve may not possible. I kept the saProbe on the LB rules but changed the VMSS probe to sshProbe and got this error:
"error": {
"details": [],
"code": "CannotUseInactiveHealthProbe",
"message": "VM scale set /subscriptions/SUBID/resourceGroups/GROUPNAME/providers/Microsoft.Compute/virtualMachineScaleSets/RESNAME cannot use probe /subscriptions/SUBID/resourceGroups/GROUPNAME/providers/Microsoft.Network/loadBalancers/RESNAME-lb/probes/sshProbe as a HealthProbe because load balancing rules (weblb, webhttpslb) that send traffic to the scale set IPs in backend address pools (RESNAME-bepool) do not use this probe."
}
Can anyone confirm this? What if I add a dummy rule to active the sshProbe? What's the best practice for this type of scenario?
UPDATE 4
Yup, removing the probe from the VMSS first was the key. Had to run the template a couple of times, but the final now only includes the httpProbe attached to the rules and the VMSS.
Well, the error clearly states that you cannot modify this rule, you can create a new one and use that one instead.
ok, as the error says, you cannot make any changes to your rule as long as it references a probe that is being used as a health probe for VMSS:
in your template you got:
"healthProbe": {
"id": "[concat(variables('lbId'), '/probes/', variables('saProbeName'))]"
},
you should either remove that from the vmss before doing deployments or create a new set of rules that do not use that probe, that way you can modify those.