Tutorial: Load balance internet traffic to VMs using the Azure portal

Load balancing provides a higher level of availability and scale by spreading incoming requests across multiple virtual machines. In this tutorial, you learn about the different components of the Azure Standard Load Balancer that distribute internet traffic to VMs and provide high availability. You learn how to:

  • Create an Azure Load Balancer
  • Create Load Balancer resources
  • Create virtual machines and install IIS server
  • View Load Balancer in action
  • Add and remove VMs from a Load Balancer

If you don't have an Azure subscription, create a free account before you begin.

Sign in to the Azure portal

Sign in to the Azure portal at https://portal.azure.com.

Create a Standard Load Balancer

In this section, you create a Standard Load Balancer that helps load balance virtual machines. Standard Load Balancer only supports a Standard Public IP address. When you create a Standard Load Balancer, you must also create a new Standard Public IP address that is configured as the frontend (named as LoadBalancerFrontend by default) for the Standard Load Balancer.

  1. On the top left-hand side of the screen, click Create a resource > Networking > Load Balancer.

  2. In the Basics tab of the Create load balancer page, enter or select the following information, accept the defaults for the remaining settings, and then select Review + create:

    Setting Value
    Subscription Select your subscription.
    Resource group Select Create new and type myResourceGroupSLB in the text box.
    Name myLoadBalancer
    Region Select West Europe.
    Type Select Public.
    SKU Select Standard.
    Public IP address Select Create new.
    Public IP address name Type myPublicIP in the text box.
    Availability zone Select Zone redundant.
  3. In the Review + create tab, click Create.

    Create a Standard Load Balancer

Create Load Balancer resources

In this section, you configure Load Balancer settings for a backend address pool, a health probe, and specify a balancer rule.

Create a backend address pool

To distribute traffic to the VMs, a backend address pool contains the IP addresses of the virtual (NICs) connected to the Load Balancer. Create the backend address pool myBackendPool to include virtual machines for load-balancing internet traffic.

  1. Select All services in the left-hand menu, select All resources, and then click myLoadBalancer from the resources list.
  2. Under Settings, click Backend pools, then click Add.
  3. On the Add a backend pool page, for name, type myBackendPool, as the name for your backend pool, and then select Add.

Create a health probe

To allow the Load Balancer to monitor the status of your app, you use a health probe. The health probe dynamically adds or removes VMs from the Load Balancer rotation based on their response to health checks. Create a health probe myHealthProbe to monitor the health of the VMs.

  1. Select All services in the left-hand menu, select All resources, and then click myLoadBalancer from the resources list.

  2. Under Settings, click Health probes, then click Add.

  3. Use these values to create the health probe:

    Setting Value
    Name Enter myHealthProbe.
    Protocol Select HTTP.
    Port Enter 80.
    Interval Enter 15 for number of Interval in seconds between probe attempts.
    Unhealthy threshold Select 2 for number of Unhealthy threshold or consecutive probe failures that must occur before a VM is considered unhealthy.
    Health probe Select myHealthProbe.
  4. Select OK.

Create a Load Balancer rule

A Load Balancer rule is used to define how traffic is distributed to the VMs. You define the frontend IP configuration for the incoming traffic and the backend IP pool to receive the traffic, along with the required source and destination port. Create a Load Balancer rule myLoadBalancerRuleWeb for listening to port 80 in the frontend FrontendLoadBalancer and sending load-balanced network traffic to the backend address pool myBackEndPool also using port 80.

  1. Select All services in the left-hand menu, select All resources, and then click myLoadBalancer from the resources list.

  2. Under Settings, click Load balancing rules, then click Add.

  3. Use these values to configure the load-balancing rule:

    Setting Value
    Name Enter myHTTPRule.
    Protocol Select TCP.
    Port Enter 80.
    Backend port Enter 80.
    Backend pool Select myBackendPool.
    Health probe Select myHealthProbe.
  4. Leave the rest of the defaults and select OK.

Create backend servers

In this section, you create a virtual network, create three virtual machines for the backend pool of the Load Balancer, and then install IIS on the virtual machines to help test the Load Balancer.

Create a virtual network

  1. On the upper-left side of the screen, select Create a resource > Networking > Virtual network.

  2. In Create virtual network, enter or select this information:

    Setting Value
    Name Enter myVNet.
    Address space Enter 10.1.0.0/16.
    Subscription Select your subscription.
    Resource group Select existing resource - myResourceGroupSLB.
    Location Select West Europe.
    Subnet - Name Enter myBackendSubnet.
    Subnet - Address range Enter 10.1.0.0/24.
  3. Leave the rest of the defaults and select Create.

Create virtual machines

Standard Load Balancer only supports VMs with Standard IP addresses in the backend pool. In this section, you will create three VMs (myVM1, myVM2, and myVM3) with a Standard public IP address in three different zones (Zone 1, Zone 2, and Zone 3) that are added to the backend pool of the Standard Load Balancer that was created earlier.

  1. On the upper-left side of the portal, select Create a resource > Compute > Windows Server 2016 Datacenter.

  2. In Create a virtual machine, type or select the following values in the Basics tab:

    • Subscription > Resource Group: Select myResourceGroupSLB.
    • Instance Details > Virtual machine name: Type myVM1.
    • Instance Details > Region > select West Europe.
    • Instance Details > Availability Options > Select Availability zones.
    • Instance Details > Availability zone > Select 1.
  3. Select the Networking tab, or select Next: Disks, then Next: Networking.

    • Make sure the following are selected:

      • Virtual network: myVnet
      • Subnet: myBackendSubnet
      • Public IP > select Create new, and in the Create public IP address window, for SKU, select Standard, and for Availability zone, select Zone-redundant
    • To create a new network security group (NSG), a type of firewall, under Network Security Group, select Advanced.

      1. In the Configure network security group field, select Create new.
      2. Type myNetworkSecurityGroup, and select OK.
    • To make the VM a part of the Load Balancer's backend pool, complete the following steps:

      • In Load Balancing, for Place this virtual machine behind an existing load balancing solution?, select Yes.
      • In Load balancing settings, for Load balancing options, select Azure load balancer.
      • For Select a load balancer, myLoadBalancer.
  4. Select the Management tab, or select Next > Management. Under Monitoring, set Boot diagnostics to Off.

  5. Select Review + create.

  6. Review the settings, and then select Create.

  7. Follow the steps to create two additional VMs - myVM2 and myVM3, with a Standard SKU public IP address in Availability zone 2 and 3 respectively, and all the other settings the same as myVM1.

Create network security group rule

In this section, you create a network security group rule to allow inbound connections using HTTP.

  1. Select All services in the left-hand menu, select All resources, and then from the resources list click myNetworkSecurityGroup that is located in the myResourceGroupSLB resource group.
  2. Under Settings, click Inbound security rules, and then click Add.
  3. Enter these values for the inbound security rule named myHTTPRule to allow for an inbound HTTP connections using port 80:
    • Service Tag - for Source.
    • Internet - for Source service tag
    • 80 - for Destination port ranges
    • TCP - for Protocol
    • Allow - for Action
    • 100 for Priority
    • myHTTPRule for name
    • Allow HTTP - for description
  4. Select Add.

Install IIS on VMs

  1. Select All services in the left-hand menu, select All resources, and then from the resources list click myVM1 that is located in the myResourceGroupSLB resource group.

  2. On the Overview page, click Connect to RDP into the VM.

  3. In the Connect to virtual machine pop-up window, select Download RDP File, and then Open the downloaded RDP file.

  4. In the Remote Desktop Connection window, click Connect.

  5. Log into the VM with the credentials that you provided during the creation of this VM. This launches a remote desktop session with virtual machine - myVM1.

  6. On the server desktop, navigate to Windows Administrative Tools>Windows PowerShell.

  7. In the PowerShell Window, run the following commands to install the IIS server, remove the default iisstart.htm file, and then add a new iisstart.htm file that displays the name of the VM:

    
     # install IIS server role
     Install-WindowsFeature -name Web-Server -IncludeManagementTools
    
     # remove default htm file
      remove-item  C:\inetpub\wwwroot\iisstart.htm
    
     # Add a new htm file that displays server name
      Add-Content -Path "C:\inetpub\wwwroot\iisstart.htm" -Value $("Hello World from " + $env:computername)
    
  8. Close the RDP session with myVM1.

  9. Repeat steps 1 to 6 to install IIS and the updated iisstart.htm file on myVM2 and myVM3.

Test the Load Balancer

  1. Find the public IP address for the Load Balancer on the Overview screen. Select All services in the left-hand menu, select All resources, and then click myPublicIP.

  2. Copy the public IP address, and then paste it into the address bar of your browser. The default page of IIS Web server is displayed on the browser.

    IIS Web server

To see the Load Balancer distribute traffic across the three VMs running your app, you can force-refresh your web browser.

Remove or add VMs from the backend pool

You may need to perform maintenance on the VMs running your app, such as installing OS updates. To deal with increased traffic to your app, you may need to add additional VMs. This section shows you how to remove or add a VM (myVM1) from the Load Balancer.

Remove VM from a backend pool

To remove myVM1 from the backend pool, complete the following steps:

  1. Select All services in the left-hand menu, select All resources, and then click myLoadBalancer from the resources list.
  2. Under Settings, click Backend pools, then within the backend pool's list, click myBackendPool.
  3. On the myBackendPool page, to remove VM1 select the delete icon at the end of the row that displays myVM1, and then click Save.

With myVM1 no longer in the backend address pool, you can perform any maintenance tasks on myVM1, such as installing software updates. In the absence of VM1, the load is now balanced across myVM2 and myVM3.

Add VM to a backend pool

To add myVM1 back to the backend pool, complete the following steps:

  1. Select All services in the left-hand menu, select All resources, and then select myVM1 from the resources list.
  2. In the VM1 page, under Settings, select Networking.
  3. In the Networking page, select the Load balancing tab, and then select Add load balancing.
  4. In the Add load balancing page, do the following:
    1. For Load balancing options, select Azure load balancer.
    2. For Select a load balancer, select myLoadBalancer.
    3. For Select a backend pool, select myBackendPool.

Clean up resources

When they are no longer needed, delete the resource group, Load Balancer, and all related resources. To do so, select the myResouceGroupSLB resource group that contains the Load Balancer, and then select Delete.

Next steps

In this tutorial, you created a Standard Load Balancer, attached VMs to it, configured the Load Balancer traffic rule, health probe, and then tested the Load Balancer. You also removed a VM from the load-balanced set, and added the VM back to the backend address pool. To learn more about Azure Load Balancer, continue to the tutorials for Azure Load Balancer.