Introduction

Azure load balancer backend pool is empty when VMSS or availability set not associated. This guide provides step-by-step diagnosis and resolution with specific commands and configuration examples.

Symptoms

Typical symptoms and error messages when this issue occurs:

bash
Load balancer error: backend unavailable
Check health check configuration
Verify backend server status

Observable indicators: - Load balancer returns 5xx errors to clients - Backend servers marked as unhealthy - Traffic not reaching expected backends

Common Causes

  1. 1.Cloud load balancer issues are commonly caused by:
  2. 2.Health check probe path or port mismatch
  3. 3.Backend service timeout too short
  4. 4.Firewall rules blocking health check traffic
  5. 5.SSL certificate not provisioned or expired

Step-by-Step Fix

Step 1: Check Current State

bash
gcloud compute backend-services describe <name> --global

Step 2: Identify Root Cause

bash
az network lb show --name <name> --resource-group <rg>

Step 3: Apply Primary Fix

bash
# Primary configuration fix
upstream backend {
    server 10.0.0.1:8080;
    server 10.0.0.2:8080;
    keepalive 32;
}

Apply this configuration and reload the load balancer.

Step 4: Apply Alternative Fix (If Needed)

bash
# Alternative fix: adjust timeouts
proxy_connect_timeout 10s;
proxy_read_timeout 60s;
proxy_send_timeout 60s;

Step 5: Verify the Fix

After applying the fix, verify with:

bash
az network lb show --name <name> --query "backendAddressPools"

Expected output should show healthy backends and successful request routing.

Common Pitfalls

  • Health check interval too short causing overload
  • SSL certificate mismatch or expiration
  • Backend servers not returning correct health status
  • Timeout configuration inconsistent across layers

Best Practices

  • Configure proper health check intervals
  • Use connection draining during deployments
  • Monitor load balancer metrics
  • Implement circuit breakers for resilience
  • Load Balancer Health Check Failing
  • Load Balancer 503 Service Unavailable
  • Load Balancer SSL Certificate Error
  • Load Balancer Traffic Imbalance