開始使用 PowerShell 在 Resource Manager 中建立配置有 IPv6 的網際網路面向負載平衡器Get started creating an Internet facing load balancer with IPv6 using PowerShell for Resource Manager

注意

本文說明可讓基本負載平衡器提供 IPv4 和 IPv6 連線的簡介 IPv6 功能。This article describes an introductory IPv6 feature to allow Basic Load Balancers to provide both IPv4 and IPv6 connectivity. Ipv6 For Azure vnet現已提供完整的 ipv6 連線,可整合 ipv6 連線與您的虛擬網路,並包含 Ipv6 網路安全性群組規則、ipv6 使用者定義路由、ipv6 基本和標準負載平衡等主要功能。Comprehensive IPv6 connectivity is now available with IPv6 for Azure VNETs which integrates IPv6 connectivity with your Virtual Networks and includes key features such as IPv6 Network Security Group rules, IPv6 User-defined routing, IPv6 Basic and Standard load balancing, and more. 適用于 Azure Vnet 的 IPv6 是 Azure 中 IPv6 應用程式的建議標準。IPv6 for Azure VNETs is the recommended standard for IPv6 applications in Azure. 請參閱 IPv6 以進行 AZURE VNET Powershell 部署See IPv6 for Azure VNET Powershell Deployment

Azure 負載平衡器是第 4 層 (TCP、UDP) 負載平衡器。An Azure load balancer is a Layer-4 (TCP, UDP) load balancer. 此負載平衡器可藉由在負載平衡器集合中,將連入流量分散於雲端服務或虛擬機器中狀況良好的服務執行個體之間,來提供高可用性。The load balancer provides high availability by distributing incoming traffic among healthy service instances in cloud services or virtual machines in a load balancer set. Azure Load Balancer 也會在多個連接埠、多個 IP 位址或兩者上顯示這些服務。Azure Load Balancer can also present those services on multiple ports, multiple IP addresses, or both.

注意

本文已更新為使用 Azure Az PowerShell 模組。This article has been updated to use the Azure Az PowerShell module. Az PowerShell 模組是用來與 Azure 互動的建議 PowerShell 模組。The Az PowerShell module is the recommended PowerShell module for interacting with Azure. 若要開始使用 Az PowerShell 模組,請參閱安裝 Azure PowerShellTo get started with the Az PowerShell module, see Install Azure PowerShell. 若要瞭解如何遷移至 Az PowerShell 模組,請參閱將 Azure PowerShell 從 AzureRM 遷移至 Az。To learn how to migrate to the Az PowerShell module, see Migrate Azure PowerShell from AzureRM to Az.

範例部署案例Example deployment scenario

下圖說明本文中部署的負載平衡解決方案。The following diagram illustrates the load balancing solution being deployed in this article.

負載平衡器案例

在此案例中,您將建立下列 Azure 資源:In this scenario you will create the following Azure resources:

  • 配置有 IPv4 和 IPv6 公用 IP 位址的網際網路面向負載平衡器an Internet-facing Load Balancer with an IPv4 and an IPv6 Public IP address
  • 兩個負載平衡規則,用以對應公用 VIP 至私人端點two load balancing rules to map the public VIPs to the private endpoints
  • 包含兩個 VM 的可用性設定組an Availability Set to that contains the two VMs
  • 兩部虛擬機器 (VM)two virtual machines (VMs)
  • 虛擬網路介面,用於每個已指派 IPv4 和 IPv6 位址的 VMa virtual network interface for each VM with both IPv4 and IPv6 addresses assigned

使用 Azure PowerShell 部署解決方案Deploying the solution using the Azure PowerShell

下列步驟說明如何搭配 PowerShell 使用 Azure Resource Manager,來建立網際網路對向負載平衡器。The following steps show how to create an Internet facing load balancer using Azure Resource Manager with PowerShell. 使用 Azure Resource Manager 時,會個別建立並設定每項資源,然後放在一起來建立一項資源。With Azure Resource Manager, each resource is created and configured individually, then put together to create a resource.

若要部署負載平衡器,請建立並設定下列物件:To deploy a load balancer, you create and configure the following objects:

  • 前端 IP 設定:包含傳入網路流量的公用 IP 位址。Frontend IP configuration - contains public IP addresses for incoming network traffic.
  • 後端位址集區-包含虛擬機器 (Nic) 的網路介面,以接收來自負載平衡器的網路流量。Backend address pool - contains network interfaces (NICs) for the virtual machines to receive network traffic from the load balancer.
  • 負載平衡規則 - 包含將負載平衡器上的公用連接埠對應至後端位址集區中連接埠的規則。Load balancing rules - contains rules mapping a public port on the load balancer to port in the back-end address pool.
  • 輸入 NAT 規則 - 包含將負載平衡器上的公用連接埠對應至後端位址集區中特定虛擬機器之連接埠的規則。Inbound NAT rules - contains rules mapping a public port on the load balancer to a port for a specific virtual machine in the back-end address pool.
  • 探查 - 包含用來檢查後端位址集區中虛擬機器執行個體可用性的健全狀態探查。Probes - contains health probes used to check availability of virtual machines instances in the back-end address pool.

如需詳細資訊,請參閱 Azure Load Balancer 元件For more information, see Azure Load Balancer components.

設定 PowerShell 以使用 Resource ManagerSet up PowerShell to use Resource Manager

請確定您擁有適用於 PowerShell 的 Azure Resource Manager 模組最新生產版本。Make sure you have the latest production version of the Azure Resource Manager module for PowerShell.

  1. 登入 AzureSign into Azure

    Connect-AzAccount
    

    出現提示時,請輸入您的認證。Enter your credentials when prompted.

  2. 檢查帳戶的訂用帳戶Check the subscriptions for the account

     Get-AzSubscription
    
  3. 選擇其中一個要使用的 Azure 訂用帳戶。Choose which of your Azure subscriptions to use.

    Select-AzSubscription -SubscriptionId 'GUID of subscription'
    
  4. 建立資源群組 (如果是使用現有的資源群組,請略過此步驟)Create a resource group (skip this step if using an existing resource group)

    New-AzResourceGroup -Name NRP-RG -location "West US"
    

建立前端 IP 集區的虛擬網路和公用 IP 位址Create a virtual network and a public IP address for the front-end IP pool

  1. 建立具有子網路的虛擬網路。Create a virtual network with a subnet.

    $backendSubnet = New-AzVirtualNetworkSubnetConfig -Name LB-Subnet-BE -AddressPrefix 10.0.2.0/24
    $vnet = New-AzvirtualNetwork -Name VNet -ResourceGroupName NRP-RG -Location 'West US' -AddressPrefix 10.0.0.0/16 -Subnet $backendSubnet
    
  2. 建立前端 IP 位址集區的 Azure 公用 IP 位址 (PIP) 資源。Create Azure Public IP address (PIP) resources for the front-end IP address pool. 在執行下列命令之前,請務必變更的值 -DomainNameLabelBe sure to change the value for -DomainNameLabel before running the following commands. 此值在 Azure 區域中必須是唯一的。The value must be unique within the Azure region.

    $publicIPv4 = New-AzPublicIpAddress -Name 'pub-ipv4' -ResourceGroupName NRP-RG -Location 'West US' -AllocationMethod Static -IpAddressVersion IPv4 -DomainNameLabel lbnrpipv4
    $publicIPv6 = New-AzPublicIpAddress -Name 'pub-ipv6' -ResourceGroupName NRP-RG -Location 'West US' -AllocationMethod Dynamic -IpAddressVersion IPv6 -DomainNameLabel lbnrpipv6
    

    重要

    負載平衡器會使用公用 IP 的網域標籤做為其 FQDN 的前置詞。The load balancer uses the domain label of the public IP as prefix for its FQDN. 在此範例中,FQDN 是 lbnrpipv4.westus.cloudapp.azure.comlbnrpipv6.westus.cloudapp.azure.comIn this example, the FQDNs are lbnrpipv4.westus.cloudapp.azure.com and lbnrpipv6.westus.cloudapp.azure.com.

建立前端 IP 組態和後端位址集區Create a Front-End IP configurations and a Back-End Address Pool

  1. 建立會使用您所建立之公用 IP 位址的前端位址組態。Create front-end address configuration that uses the Public IP addresses you created.

    $FEIPConfigv4 = New-AzLoadBalancerFrontendIpConfig -Name "LB-Frontendv4" -PublicIpAddress $publicIPv4
    $FEIPConfigv6 = New-AzLoadBalancerFrontendIpConfig -Name "LB-Frontendv6" -PublicIpAddress $publicIPv6
    
  2. 建立後端位址集區。Create back-end address pools.

    $backendpoolipv4 = New-AzLoadBalancerBackendAddressPoolConfig -Name "BackendPoolIPv4"
    $backendpoolipv6 = New-AzLoadBalancerBackendAddressPoolConfig -Name "BackendPoolIPv6"
    

建立 LB 規則、NAT 規則、探查及負載平衡器Create LB rules, NAT rules, a probe, and a load balancer

此範例會建立下列項目:This example creates the following items:

  • NAT 規則,用以將連接埠 443 上的所有傳入流量轉譯至連接埠 4443a NAT rule to translate all incoming traffic on port 443 to port 4443
  • 一個可將連接埠 80 上所有傳入流量負載平衡至後端集區中位址上連接埠 80 的負載平衡器規則。a load balancer rule to balance all incoming traffic on port 80 to port 80 on the addresses in the back-end pool.
  • 允許 RDP 連線到 VM 連接埠 3389 的負載平衡器規則。a load balancer rule to allow RDP connection to the VMs on port 3389.
  • 探查規則,用以檢查名為 HealthProbe.aspx 的頁面或連接埠 8080 的健全狀況a probe rule to check the health status on a page named HealthProbe.aspx or a service on port 8080
  • 會使用上述所有物件的負載平衡器a load balancer that uses all these objects
  1. 建立 NAT 規則。Create the NAT rules.

    $inboundNATRule1v4 = New-AzLoadBalancerInboundNatRuleConfig -Name "NicNatRulev4" -FrontendIpConfiguration $FEIPConfigv4 -Protocol TCP -FrontendPort 443 -BackendPort 4443
    $inboundNATRule1v6 = New-AzLoadBalancerInboundNatRuleConfig -Name "NicNatRulev6" -FrontendIpConfiguration $FEIPConfigv6 -Protocol TCP -FrontendPort 443 -BackendPort 4443
    
  2. 建立健全狀況探查。Create a health probe. 有兩種方式可以設定探查:There are two ways to configure a probe:

    HTTP 探查HTTP probe

    $healthProbe = New-AzLoadBalancerProbeConfig -Name 'HealthProbe-v4v6' -RequestPath 'HealthProbe.aspx' -Protocol http -Port 80 -IntervalInSeconds 15 -ProbeCount 2
    

    或 TCP 探查or TCP probe

    $healthProbe = New-AzLoadBalancerProbeConfig -Name 'HealthProbe-v4v6' -Protocol Tcp -Port 8080 -IntervalInSeconds 15 -ProbeCount 2
    $RDPprobe = New-AzLoadBalancerProbeConfig -Name 'RDPprobe' -Protocol Tcp -Port 3389 -IntervalInSeconds 15 -ProbeCount 2
    

    在此範例中,我們使用 TCP 探查For this example, we are going to use the TCP probes.

  3. 建立負載平衡器規則。Create a load balancer rule.

    $lbrule1v4 = New-AzLoadBalancerRuleConfig -Name "HTTPv4" -FrontendIpConfiguration $FEIPConfigv4 -BackendAddressPool $backendpoolipv4 -Probe $healthProbe -Protocol Tcp -FrontendPort 80 -BackendPort 8080
    $lbrule1v6 = New-AzLoadBalancerRuleConfig -Name "HTTPv6" -FrontendIpConfiguration $FEIPConfigv6 -BackendAddressPool $backendpoolipv6 -Probe $healthProbe -Protocol Tcp -FrontendPort 80 -BackendPort 8080
    $RDPrule = New-AzLoadBalancerRuleConfig -Name "RDPrule" -FrontendIpConfiguration $FEIPConfigv4 -BackendAddressPool $backendpoolipv4 -Probe $RDPprobe -Protocol Tcp -FrontendPort 3389 -BackendPort 3389
    
  4. 使用先前建立的物件來建立負載平衡器。Create the load balancer using the previously created objects.

    $NRPLB = New-AzLoadBalancer -ResourceGroupName NRP-RG -Name 'myNrpIPv6LB' -Location 'West US' -FrontendIpConfiguration $FEIPConfigv4,$FEIPConfigv6 -InboundNatRule $inboundNATRule1v6,$inboundNATRule1v4 -BackendAddressPool $backendpoolipv4,$backendpoolipv6 -Probe $healthProbe,$RDPprobe -LoadBalancingRule $lbrule1v4,$lbrule1v6,$RDPrule
    

建立後端 VM 的 NICCreate NICs for the back-end VMs

  1. 取得需要在其中建立 NIC 的虛擬網路和虛擬網路子網路。Get the Virtual Network and Virtual Network Subnet, where the NICs need to be created.

    $vnet = Get-AzVirtualNetwork -Name VNet -ResourceGroupName NRP-RG
    $backendSubnet = Get-AzVirtualNetworkSubnetConfig -Name LB-Subnet-BE -VirtualNetwork $vnet
    
  2. 建立VM 的 IP 組態和 NIC。Create IP configurations and NICs for the VMs.

    $nic1IPv4 = New-AzNetworkInterfaceIpConfig -Name "IPv4IPConfig" -PrivateIpAddressVersion "IPv4" -Subnet $backendSubnet -LoadBalancerBackendAddressPool $backendpoolipv4 -LoadBalancerInboundNatRule $inboundNATRule1v4
    $nic1IPv6 = New-AzNetworkInterfaceIpConfig -Name "IPv6IPConfig" -PrivateIpAddressVersion "IPv6" -LoadBalancerBackendAddressPool $backendpoolipv6 -LoadBalancerInboundNatRule $inboundNATRule1v6
    $nic1 = New-AzNetworkInterface -Name 'myNrpIPv6Nic0' -IpConfiguration $nic1IPv4,$nic1IPv6 -ResourceGroupName NRP-RG -Location 'West US'
    
    $nic2IPv4 = New-AzNetworkInterfaceIpConfig -Name "IPv4IPConfig" -PrivateIpAddressVersion "IPv4" -Subnet $backendSubnet -LoadBalancerBackendAddressPool $backendpoolipv4
    $nic2IPv6 = New-AzNetworkInterfaceIpConfig -Name "IPv6IPConfig" -PrivateIpAddressVersion "IPv6" -LoadBalancerBackendAddressPool $backendpoolipv6
    $nic2 = New-AzNetworkInterface -Name 'myNrpIPv6Nic1' -IpConfiguration $nic2IPv4,$nic2IPv6 -ResourceGroupName NRP-RG -Location 'West US'
    

建立虛擬機器並指派新建立的 NICCreate virtual machines and assign the newly created NICs

如需有關建立 VM 的詳細資訊,請參閱 使用 Resource Manager 和 Azure PowerShell 建立及預先設定 Windows 虛擬機器For more information about creating a VM, see Create and preconfigure a Windows Virtual Machine with Resource Manager and Azure PowerShell

  1. 建立可用性設定組和儲存體帳戶Create an Availability Set and Storage account

    New-AzAvailabilitySet -Name 'myNrpIPv6AvSet' -ResourceGroupName NRP-RG -location 'West US'
    $availabilitySet = Get-AzAvailabilitySet -Name 'myNrpIPv6AvSet' -ResourceGroupName NRP-RG
    New-AzStorageAccount -ResourceGroupName NRP-RG -Name 'mynrpipv6stacct' -Location 'West US' -SkuName "Standard_LRS"
    $CreatedStorageAccount = Get-AzStorageAccount -ResourceGroupName NRP-RG -Name 'mynrpipv6stacct'
    
  2. 建立每個 VM 並指派先前建立的 NICCreate each VM and assign the previous created NICs

    $mySecureCredentials= Get-Credential -Message "Type the username and password of the local administrator account."
    
    $vm1 = New-AzVMConfig -VMName 'myNrpIPv6VM0' -VMSize 'Standard_G1' -AvailabilitySetId $availabilitySet.Id
    $vm1 = Set-AzVMOperatingSystem -VM $vm1 -Windows -ComputerName 'myNrpIPv6VM0' -Credential $mySecureCredentials -ProvisionVMAgent -EnableAutoUpdate
    $vm1 = Set-AzVMSourceImage -VM $vm1 -PublisherName MicrosoftWindowsServer -Offer WindowsServer -Skus 2012-R2-Datacenter -Version "latest"
    $vm1 = Add-AzVMNetworkInterface -VM $vm1 -Id $nic1.Id -Primary
    $osDisk1Uri = $CreatedStorageAccount.PrimaryEndpoints.Blob.ToString() + "vhds/myNrpIPv6VM0osdisk.vhd"
    $vm1 = Set-AzVMOSDisk -VM $vm1 -Name 'myNrpIPv6VM0osdisk' -VhdUri $osDisk1Uri -CreateOption FromImage
    New-AzVM -ResourceGroupName NRP-RG -Location 'West US' -VM $vm1
    
    $vm2 = New-AzVMConfig -VMName 'myNrpIPv6VM1' -VMSize 'Standard_G1' -AvailabilitySetId $availabilitySet.Id
    $vm2 = Set-AzVMOperatingSystem -VM $vm2 -Windows -ComputerName 'myNrpIPv6VM1' -Credential $mySecureCredentials -ProvisionVMAgent -EnableAutoUpdate
    $vm2 = Set-AzVMSourceImage -VM $vm2 -PublisherName MicrosoftWindowsServer -Offer WindowsServer -Skus 2012-R2-Datacenter -Version "latest"
    $vm2 = Add-AzVMNetworkInterface -VM $vm2 -Id $nic2.Id -Primary
    $osDisk2Uri = $CreatedStorageAccount.PrimaryEndpoints.Blob.ToString() + "vhds/myNrpIPv6VM1osdisk.vhd"
    $vm2 = Set-AzVMOSDisk -VM $vm2 -Name 'myNrpIPv6VM1osdisk' -VhdUri $osDisk2Uri -CreateOption FromImage
    New-AzVM -ResourceGroupName NRP-RG -Location 'West US' -VM $vm2