How to disable Azure Front Door node

Hey Scripters! Today’s post is about how to disable Azure Front Door node using PowerShell.

Azure Front Door is quite new Azure service, which allows you to define, manage, and monitor the global routing for your web traffic. It works on layer 7 and it’s quite similar in way of working to Application Gateway.

To manage Azure Front Door by PowerShell, you should have Az.Frontdoor module installed. But in some cases module is very limited. That’s why I’ve created today’s post. For each Front Door service you are defining backend pools, which contains specific nodes. In my case I wanted to automate disabling Front Door nodes once backend virtual machines will be patched, but there is no specific command for that. It is possible to do that, but you must use Set-AzFrontDoor cmdlet and provide properly formatted input object. My script will disable node in all Front Door services in the specified subscription, however in your case scenario can be a little bit different and you can adjust script according to your needs. Check out script and take a look how it is done.

Prerequisite:

  • Az.Frontdoor module installed
  • Front Door created with VM nodes as backend
  • Access to subscription in which Front Door exist.

Script:

# Define variable needed to run 
$NodeName = ''
$SubscriptionId = ''
$TenantId = ''

# Connect to Azure and select proper subscription
Connect-AzAccount -TenantId $TenantId -SubscriptionId $SubscriptionId

# Gather FrontDoors in specific subscription
$frontDoorsArray = Get-AzFrontDoor
# Iterate across all FrontDoors
foreach($frontDoor in $frontDoorsArray){
    $frontDoorChange = 0
    $poolCount = 0
    $backendPoolsArray = $frontDoor.BackendPools
    # Iterate across all backend Pools on each FrontDoor
    foreach($backendPool in $backendPoolsArray){
        $backendCount = 0
        # Check backends for each backend Pool
        $backendsArray = $frontDoor.BackendPools[$poolCount].Backends
        if($($backendsArray.Count) -gt 1){
            foreach($backend in $backendsArray){
                # Check If backend nodes contain in the name $NodeName - if yes disable it
                if($($backend.Address) -like "$NodeName"){

                    $frontDoor.BackendPools[$poolCount].Backends[$backendCount].EnabledState = "Disabled"
                    # if FrontDoor need to be update increse $frontDoorChange variable
                    $frontDoorChange++
                }
                $backendCount++
            }
        }
        $poolCount++
    }
    # Check if fron door need to be updated
    if($frontDoorChange -gt 0){
        # Apply change to frontood 
        Set-AzFrontDoor -InputObject $frontDoor
    }
}

Hope that script will help you disable Azure Front Door node 😉

Enjoy!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.