Skip to content

Latest commit

 

History

History
148 lines (109 loc) · 9.06 KB

tutorial-azure-load-balanced-vms.md

File metadata and controls

148 lines (109 loc) · 9.06 KB

How to Load Balance Virtual Machines in Azure

For this we will use the current portal at portal.azure.com and the Azure Resource Manager deployment model (not the classic model).

Step 1: Create a Resource Group

Resource Groups allow you to group connected or like resources together to make it easier to manage, update, delete etc. Think of it as giving a name and a container for all components for a given project. This way you can find them much easier, see how much it's costing you and manage them all from one place.

  1. From the portal click + New > Management > Resource group
  2. Provide a Name, Subscription & Location
  3. Click Create

Tip: Keep the name of this resource group and it's location handy, you will reuse it as you create your environment.

Step 2: Create a Storage Account

Storage Accounts are like telling Azure "hey I want all storage related stuff like files, hard drives and more kept here please under this name". So, much like Resource Groups that are a container for all like services & infrastructure, a storage account is a container for all related storage. By default your storage account will be setup for LRS or Locally Redundant Storage. What this means is Azure will maintain 3 copies of your data at all times to ensure even in a failure of one or more drives your data is still intact.

  1. From the portal click + New > Data + Storage > Storage Account
  2. Provide a Name
  3. Ensure Deployment model is set to Resouce Manager
  4. For Performance, standard is fine unless you need SSD performance
  5. For Replication the default will keep 6 copies of your data (3 per DC).
    • Select the model that makes the most sence for your needs
  6. For Resource Group select the Resource Group you previously created
  • Note: this will automatically update the location to match that of your Resource Group.
  1. Click Create

Step 3: Create a Virtual Network

Virtual Networks or VNet is a representation of a network in the cloud. This allows you to control your Azure network settings and define DHCP address blocks, DNS settings, security policies, routing and more.

  1. From the portal click + New > Networking > Virtual Network
  2. Click Create
  3. Provide a Name
  • You can change the address space or change the default subnet name from 'default' to something more appropriate
  1. For Resource Group select the Resource Group you previously created
  2. The location will update to the same location as defined in your resource group
  3. Click Create

Step 4: Create a network security group

Network Security Groups control traffic to one or more virtual machines (VMs), role instances, network adapters (NICs), or subnets in your virtual network. A NSG (network security group) contains access control rules that allow or deny traffic based on traffic direction, protocol, source address and port, and destination address and port.

  1. From the portal click + New > Networking > Network security group
  2. Click Create
  3. Provide a Name such as 'FrontEndSG'
  4. For Resource Group select the Resource Group you previously created
  5. Click Create

Step 5: Define Inbound security rules

  1. Open your newly created security group
  2. Click Inbound security rules
  3. Click + Add
  4. Enter a Name, Source Port Range & Destination Port Range
  • e.g.
    • "HTTP", "*", "80"
    • "HTTPS", "*", "443"
  • Why the source port range of '*'? This is because of the way Azure manages inbound connections from internal sources which can come from different ports.
  1. Click Ok

Step 6: Create the VMs

  1. From the portal click **+ New > Virtual Machines > ** and select the image type (Windows, Linux etc.)
  2. Click Create
  3. Enter the basic settings & click OK
  • For Resource Group select the Resource Group you previously created
  1. Select a Size that's appropriate for your needs & click Select
  2. For Settings
  • Storage account: select the previously created storage account
  • Network: select your previously created virtual network
  • Subnet: select your previously created subnet
  • Public IP address: by default Azure will assign you a new dynamic public IP. If you need a static one (one that does not change) you can configure that here
  • Network security group: select your previously created NSG
  • Availability Set
    • If you plan to load balance your VMs you will need to create an availability set. If this is the first VM click availability set > Create new
      • Provide a name such as 'FrontEndAS'
      • The default of 5 update domains & 3 fault domains is fine.
    • Click OK
    • For 2nd, 3rd etc. VMs simply select this Availability Set
  1. Click OK & OK again to create the VM

Repeat the above as needed (for a second, third, fourth VM etc.), also you will need to setup your web server/web app/etc. as needed.

Step 7: Create a load balancer (assuming public internet based load balancing)

Unfortunately at this time the public documentation for setting up a load balancer only includes PowerShell, CLI & ARM Tempaltes. The steps below cover a basic web based (HTTP & HTTPS) setup.

  1. Click + New > Networking > Load Balancer
  2. Supply a name
  3. Select an Public for Scheme
  4. Choose a Public IP Address or create a new one, I would recommend a static one (one that does not change)
  5. For Resource Group select the Resource Group you previously created
  6. Click Create

Setup a backend pool

The backend pool is the VMs you want load balanced. This can be configured after the LB has been created.

  1. Open your newly created LB (you will find it in your resource group)
  2. Navigate to the Settings blade
  3. Click Backend pools then click + Add
  4. Enter a Name for this pool e.g. "ProdWebServers"
  5. Click **+ Add a virtual machine"
  6. Click Choose an availability set
  7. Click on your previously created availability set (or the set that contains the VMs you wish to load balance)
  8. Click Choose the virtual machines
  9. Click on each VM you wish to balance then click Select
  10. Click OK
  11. Close the Backend address pools blade

Setup a health check probe

  1. Under Settings, click Probes then + Add
  2. Enter a Name for this probe e.g. "HealthProbe"
  3. For Path enter an appropriate path or keep / to simply ping the default page
  4. Click OK
  5. Close the Probes blade

Setup load balancing rules

  1. Under Settings, click Load balancing rules then + Add
  2. Enter a Name for this rule e.g. "HTTP"
  3. For port 80 (standard port for non-secure web traffic) leave the defaults for Port & Backend port
  4. Note: By default the load balancer will distribute traffic in a round-robin fashion, you can change this by selecting a change to Session Persistence
  5. Click OK

Repeat the above for port 443 (SSL)

Optional: Setup a Static IP & DNS Name for your load balancer

  1. Under Settings for your Load Balancer, click the Public IP address (note: this is found in the Essentials panel, NOT in the settings blade)
  2. Click Configuration
  3. Change Assignment to Static
  4. Enter a DNS name
  5. Click Save

Conclusion

You should now have a fully load balanced setup. I find creating test pages with test like "Server 1", "Server 2" or a page that displays the local IP handy to verify that the various VMs are truly being load balanced.

Next Steps

So now that you understand the basics of Resource Groups, Storage Accounts, Virtual Networks, Network Security Groups, Virtual Machines & Load-Balancing, did you know you can automate the entire setup using an Azure Resource Manager Template (aka ARM template)? It's a JSON document that describes to Azure how to do everything we just did above. There are 100's of templates to help you get started on GitHub and Azure has a QuickStart site to help you find a sample template. This one in particular: 201-2-vms-loadbalancer-lbrules will replicate what we have setup above, however please note that you will need to edit it to include port 443 in your LB rules.