Tutorial: Load balance internet traffic to VMs using the Azure portal
Load balancing provides a higher level of availability and scale by spreading incoming requests across multiple virtual machines. In this tutorial, you learn about the different components of the Azure Standard Load Balancer that distribute internet traffic to VMs and provide high availability. You learn how to:
- Create an Azure Load Balancer
- Create Load Balancer resources
- Create virtual machines and install IIS server
- View Load Balancer in action
- Add and remove VMs from a Load Balancer
If you don't have an Azure subscription, create a free account before you begin.
Sign in to the Azure portal
Sign in to the Azure portal at https://portal.azure.com.
Create a Standard Load Balancer
In this section, you create a Standard Load Balancer that helps load balance virtual machines. Standard Load Balancer only supports a Standard Public IP address. When you create a Standard Load Balancer, you must also create a new Standard Public IP address that is configured as the frontend (named as LoadBalancerFrontend by default) for the Standard Load Balancer.
On the top left-hand side of the screen, click Create a resource > Networking > Load Balancer.
In the Basics tab of the Create load balancer page, enter or select the following information, accept the defaults for the remaining settings, and then select Review + create:
Setting Value Subscription Select your subscription. Resource group Select Create new and type myResourceGroupSLB in the text box. Name myLoadBalancer Region Select West Europe. Type Select Public. SKU Select Standard. Public IP address Select Create new. Public IP address name Type myPublicIP in the text box. Availability zone Select Zone redundant.
In the Review + create tab, click Create.
Create Load Balancer resources
In this section, you configure Load Balancer settings for a backend address pool, a health probe, and specify a balancer rule.
Create a backend address pool
To distribute traffic to the VMs, a backend address pool contains the IP addresses of the virtual (NICs) connected to the Load Balancer. Create the backend address pool myBackendPool to include virtual machines for load-balancing internet traffic.
- Select All services in the left-hand menu, select All resources, and then click myLoadBalancer from the resources list.
- Under Settings, click Backend pools, then click Add.
- On the Add a backend pool page, for name, type myBackendPool, as the name for your backend pool, and then select Add.
Create a health probe
To allow the Load Balancer to monitor the status of your app, you use a health probe. The health probe dynamically adds or removes VMs from the Load Balancer rotation based on their response to health checks. Create a health probe myHealthProbe to monitor the health of the VMs.
Select All services in the left-hand menu, select All resources, and then click myLoadBalancer from the resources list.
Under Settings, click Health probes, then click Add.
Use these values to create the health probe:
Setting Value Name Enter myHealthProbe. Protocol Select HTTP. Port Enter 80. Interval Enter 15 for number of Interval in seconds between probe attempts. Unhealthy threshold Select 2 for number of Unhealthy threshold or consecutive probe failures that must occur before a VM is considered unhealthy.
Create a Load Balancer rule
A Load Balancer rule is used to define how traffic is distributed to the VMs. You define the frontend IP configuration for the incoming traffic and the backend IP pool to receive the traffic, along with the required source and destination port. Create a Load Balancer rule myLoadBalancerRuleWeb for listening to port 80 in the frontend FrontendLoadBalancer and sending load-balanced network traffic to the backend address pool myBackEndPool also using port 80.
Select All services in the left-hand menu, select All resources, and then click myLoadBalancer from the resources list.
Under Settings, click Load balancing rules, then click Add.
Use these values to configure the load-balancing rule:
Setting Value Name Enter myHTTPRule. Protocol Select TCP. Port Enter 80. Backend port Enter 80. Backend pool Select myBackendPool. Health probe Select myHealthProbe.
Leave the rest of the defaults and select OK.
Create backend servers
In this section, you create a virtual network, create three virtual machines for the backend pool of the Load Balancer, and then install IIS on the virtual machines to help test the Load Balancer.
Virtual network and parameters
In this section you'll need to replace the following parameters in the steps with the information below:
|<resource-group-name>||myResourceGroupSLB (Select existing resource group)|
Create the virtual network
In this section, you'll create a virtual network and subnet.
On the upper-left side of the screen, select Create a resource > Networking > Virtual network or search for Virtual network in the search box.
In Create virtual network, enter or select this information in the Basics tab:
Setting Value Project Details Subscription Select your Azure subscription Resource Group Select Create new, enter <resource-group-name>, then select OK, or select an existing <resource-group-name> based on parameters. Instance details Name Enter <virtual-network-name> Region Select <region-name>
Select the IP Addresses tab or select the Next: IP Addresses button at the bottom of the page.
In the IP Addresses tab, enter this information:
Setting Value IPv4 address space Enter <IPv4-address-space>
Under Subnet name, select the word default.
In Edit subnet, enter this information:
Setting Value Subnet name Enter <subnet-name> Subnet address range Enter <subnet-address-range>
Select the Review + create tab or select the Review + create button.
Create virtual machines
Standard Load Balancer only supports VMs with Standard IP addresses in the backend pool. In this section, you will create three VMs (myVM1, myVM2, and myVM3) with a Standard public IP address in three different zones (Zone 1, Zone 2, and Zone 3) that are added to the backend pool of the Standard Load Balancer that was created earlier.
On the upper-left side of the portal, select Create a resource > Compute > Windows Server 2016 Datacenter.
In Create a virtual machine, type or select the following values in the Basics tab:
- Subscription > Resource Group: Select myResourceGroupSLB.
- Instance Details > Virtual machine name: Type myVM1.
- Instance Details > Region > select West Europe.
- Instance Details > Availability Options > Select Availability zones.
- Instance Details > Availability zone > Select 1.
Select the Networking tab, or select Next: Disks, then Next: Networking.
Make sure the following are selected:
- Virtual network: myVnet
- Subnet: myBackendSubnet
- Public IP > select Create new, and in the Create public IP address window, for SKU, select Standard, and for Availability zone, select Zone-redundant
To create a new network security group (NSG), a type of firewall, under Network Security Group, select Advanced.
- In the Configure network security group field, select Create new.
- Type myNetworkSecurityGroup, and select OK.
To make the VM a part of the Load Balancer's backend pool, complete the following steps:
- In Load Balancing, for Place this virtual machine behind an existing load balancing solution?, select Yes.
- In Load balancing settings, for Load balancing options, select Azure load balancer.
- For Select a load balancer, myLoadBalancer.
Select the Management tab, or select Next > Management. Under Monitoring, set Boot diagnostics to Off.
Select Review + create.
Review the settings, and then select Create.
Follow the steps to create two additional VMs - myVM2 and myVM3, with a Standard SKU public IP address in Availability zone 2 and 3 respectively, and all the other settings the same as myVM1.
Create network security group rule
In this section, you create a network security group rule to allow inbound connections using HTTP.
- Select All services in the left-hand menu, select All resources, and then from the resources list click myNetworkSecurityGroup that is located in the myResourceGroupSLB resource group.
- Under Settings, click Inbound security rules, and then click Add.
- Enter these values for the inbound security rule named myHTTPRule to allow for an inbound HTTP connections using port 80:
- Service Tag - for Source.
- Internet - for Source service tag
- 80 - for Destination port ranges
- TCP - for Protocol
- Allow - for Action
- 100 for Priority
- myHTTPRule for name
- Allow HTTP - for description
- Select Add.
Install IIS on VMs
Select All services in the left-hand menu, select All resources, and then from the resources list click myVM1 that is located in the myResourceGroupSLB resource group.
On the Overview page, click Connect to RDP into the VM.
In the Connect to virtual machine pop-up window, select Download RDP File, and then Open the downloaded RDP file.
In the Remote Desktop Connection window, click Connect.
Log into the VM with the credentials that you provided during the creation of this VM. This launches a remote desktop session with virtual machine - myVM1.
On the server desktop, navigate to Windows Administrative Tools>Windows PowerShell.
In the PowerShell Window, run the following commands to install the IIS server, remove the default iisstart.htm file, and then add a new iisstart.htm file that displays the name of the VM:
# install IIS server role Install-WindowsFeature -name Web-Server -IncludeManagementTools # remove default htm file remove-item C:\inetpub\wwwroot\iisstart.htm # Add a new htm file that displays server name Add-Content -Path "C:\inetpub\wwwroot\iisstart.htm" -Value $("Hello World from " + $env:computername)
Close the RDP session with myVM1.
Repeat steps 1 to 6 to install IIS and the updated iisstart.htm file on myVM2 and myVM3.
Test the Load Balancer
Find the public IP address for the Load Balancer on the Overview screen. Select All services in the left-hand menu, select All resources, and then click myPublicIP.
Copy the public IP address, and then paste it into the address bar of your browser. The default page of IIS Web server is displayed on the browser.
To see the Load Balancer distribute traffic across the three VMs running your app, you can force-refresh your web browser.
Remove or add VMs from the backend pool
You may need to perform maintenance on the VMs running your app, such as installing OS updates. To deal with increased traffic to your app, you may need to add additional VMs. This section shows you how to remove or add a VM (myVM1) from the Load Balancer.
Remove VM from a backend pool
To remove myVM1 from the backend pool, complete the following steps:
- Under Settings, click Backend pools, then within the backend pool's list, click myBackendPool.
- On the myBackendPool page, to remove VM1 select the delete icon at the end of the row that displays myVM1, and then click Save.
With myVM1 no longer in the backend address pool, you can perform any maintenance tasks on myVM1, such as installing software updates. In the absence of VM1, the load is now balanced across myVM2 and myVM3.
Add VM to a backend pool
To add myVM1 back to the backend pool, complete the following steps:
- Select All services in the left-hand menu, select All resources, and then select myVM1 from the resources list.
- In the VM1 page, under Settings, select Networking.
- In the Networking page, select the Load balancing tab, and then select Add load balancing.
- In the Add load balancing page, do the following:
- For Load balancing options, select Azure load balancer.
- For Select a load balancer, select myLoadBalancer.
- For Select a backend pool, select myBackendPool.
Clean up resources
When they are no longer needed, delete the resource group, Load Balancer, and all related resources. To do so, select the myResouceGroupSLB resource group that contains the Load Balancer, and then select Delete.
In this tutorial, you created a Standard Load Balancer, attached VMs to it, configured the Load Balancer traffic rule, health probe, and then tested the Load Balancer. You also removed a VM from the load-balanced set, and added the VM back to the backend address pool. To learn more about Azure Load Balancer, continue to the tutorials for Azure Load Balancer.