Azure 負載平衡器概觀Azure Load Balancer overview

Azure Load Balancer 可讓您調整您的應用程式,並為您的服務建立高可用性。Azure Load Balancer allows you to scale your applications and create high availability for your services. 對於所有 TCP 和 UDP 應用程式,Load Balancer 支援輸入和輸出案例、提供低延遲和高輸送量,且最多可相應增加為數百萬個流程。Load Balancer supports inbound as well as outbound scenarios, and provides low latency, high throughput, and scales up to millions of flows for all TCP and UDP applications.

Load Balancer 會根據規則和健康情況探查,將新抵達負載平衡器前端的輸入流程,分送給各個後端集區執行個體。Load Balancer will distribute new inbound flows arriving on the load balancer's frontend to backend pool instances according to rules and health probes.

此外,公用 Load Balancer 也可以將虛擬網路內虛擬機器的私人 IP 位址轉譯成公用 IP 位址,為虛擬機器提供輸出連線。Additionally, a public Load Balancer can also provide outbound connections for virtual machines inside your virtual network by translating their private IP addresses to public IP addresses.

Azure Load Balancer 有兩種不同的 SKU:基本和標準。Azure Load Balancer is available in two different SKUs: Basic and Standard. 它們的規模、功能、價格不同。There are differences in scale, features, and pricing. 任何可在基本 Load Balancer 建立的案例,也可以使用標準 Load Balancer 來建立,雖然方法可能稍有不同。Any scenario possible with Basic Load Balancer can also be created with Standard Load Balancer, although the approach might differ slightly. 在您摸索認識 Load Balancer 時,請務必熟悉基本功能以及 SKU 專屬的差異。As you learn about Load Balancer, it is important to familiarize yourself with the fundamentals and SKU-specific differences.

為什麼要使用 Load Balancer?Why use Load Balancer?

Azure Load Balancer 可以用來:Azure Load Balancer can be used to:

  • 對虛擬機器的連入網際網路流量進行負載平衡。Load balance incoming Internet traffic to virtual machines. 這種設定稱為公用 Load BalancerThis configuration is known as a public Load Balancer.
  • 對虛擬網路內虛擬機器之間的流量進行負載平衡。Load balance traffic between virtual machines inside a virtual network. 在混合式的案例中,您也可以從內部部署網路連線到 Load Balancer 前端。You can also reach a Load Balancer frontend from an on-premises network in a hybrid scenario. 這兩種案例使用的設定稱為內部 Load BalancerBoth of these scenarios use a configuration that is known as an internal Load Balancer.
  • 利用輸入 NAT 規則,從連接埠將流量轉送至特定虛擬機器上的特定連接埠。Port forward traffic to a specific port on specific virtual machines with inbound NAT rules.
  • 藉由使用公用 Load Balancer 為虛擬網路內的虛擬機器提供輸出連線能力Provide outbound connectivity for virtual machines inside your virtual network by using a public Load Balancer.

注意

Azure 會為您的案例提供一套受到完整管理的負載平衡解決方案。Azure provides a suite of fully managed load balancing solutions for your scenarios. 如果您要尋找 TLS 終止 (「SSL 卸載」) 或每一 HTTP/HTTPS 要求的應用程式層處理,請檢閱應用程式閘道If you are looking for TLS termination ("SSL offload") or per HTTP/HTTPS request application layer processing, review Application Gateway. 如果您要尋找全域 DNS 負載平衡,請檢閱流量管理員If you are looking for global DNS load balancing, review Traffic Manager. 視需要結合這些解決方案,可能有益於您的端對端案例。Your end-to-end scenarios may benefit from combining these solutions as needed.

何謂負載平衡器?What is Load Balancer?

Load Balancer 資源可以公用 Load Balancer 或內部 Load Balancer 的形式存在。A Load Balancer resource can exist as either a public Load Balancer or an internal Load Balancer. Load Balancer 資源的運作方式可用前端、規則、健康情況探查和後端集區定義來表示。The Load Balancer resource's functions are expressed as a frontend, a rule, a health probe, and a backend pool definition. 藉由從虛擬機器指定後端集區,可將虛擬機器放入後端集區。Virtual machines are placed into the backend pool by specifying the backend pool from the virtual machine.

Load Balancer 資源是一種物件,而您可以在其中表示 Azure 應如何對其多租用戶基礎結構進行設計程式,以達到您想要建立的案例。Load Balancer resources are objects within which you can express how Azure should program its multi-tenant infrastructure to achieve the scenario you wish to create. Load Balancer 資源與實際的基礎結構之間沒有直接關聯性;建立 Load Balancer 並不會建立執行個體,容量一直都在。There is no direct relationship between Load Balancer resources and actual infrastructure; creating a Load Balancer doesn't create an instance and capacity is always available.

Load Balancer 的基本功能Fundamental Load Balancer features

Load Balancer 為 TCP 和 UDP 應用程式提供下列基本功能:Load Balancer provides the following fundamental capabilities for TCP and UDP applications:

  • 負載平衡Load balancing

    Azure Load Balancer 可讓您建立負載平衡規則,將抵達前端的流量分送給各個後端集區執行個體。Azure Load Balancer allows you to create a load balancing rule to distribute traffic arriving at a frontend to backend pool instances. 它使用雜湊型演算法來分送輸入流程,並據以重寫流向後端集區執行個體的流程標頭。It uses a hash-based algorithm for distribution of inbound flows and rewrites the headers of flows to backend pool instances accordingly. 當健康情況探查表示後端端點狀況良好時,伺服器便可以接收新的流程。A server is available to receive new flows when the health probe indicates a healthy backend endpoint.

    預設會使用 5-tuple 的雜湊 (由來源 IP 位址、來源連接埠、目的地 IP 位址、目的地連接埠、IP 通訊協定數目所組成),將流程對應至可用的伺服器。By default, it uses a 5-tuple hash composed of source IP address, source port, destination IP address, destination port, and IP protocol number to map flows to available servers. 您可以選擇建立特定來源 IP 位址的親和性,做法是替指定規則加入 2-tuple 或 3-tuple 的雜湊。You can choose to create affinity to a specific source IP address by opting into a 2- or 3-tuple hash for a given rule. 相同封包流程的所有封包會抵達相同執行個體,執行個體位於已負載平衡的前端之後。All packets of the same packet flow arrive on the same instance behind the load-balanced frontend. 當用戶端從相同的來源 IP 起始新的流程時,來源連接埠會變更。When the client initiates a new flow from the same source IP, the source port changes. 結果是產生的 5-tuple 可能會將流量送往不同的後端端點。The resulting 5-tuple may cause the traffic to go to a different backend endpoint as a result.

    如需詳細資訊,請參閱負載平衡器分送模式For more information, see Load balancer distribution mode. 下圖顯示雜湊型分配:The following graphic shows the hash-based distribution:

    雜湊型分散

    圖 - 雜湊型分送Figure - Hash-based distribution

  • 連接埠轉送Port forwarding

    Azure Load Balancer 可讓您建立輸入 NAT 規則,將特定前端 IP 位址特定連接埠的流量,從連接埠轉送到虛擬網路內特定後端執行個體的特定連接埠。Azure Load Balancer allows you to create an inbound NAT rule to port forward traffic from a specific port of a specific frontend IP address to a specific port of a specific backend instance inside the Virtual Network. 這也是使用和負載平衡同樣的雜湊型分送來完成的。This is also accomplished by the same hash-based distribution as load balancing. 此功能的常見案例是透過遠端桌面通訊協定 (RDP) 或安全殼層 (SSH) 工作階段連線至虛擬網路內的個別虛擬機器執行個體。Common scenarios for this ability are Remote Desktop Protocol (RDP) or Secure Shell (SSH) sessions to individual virtual machine instances inside the Virtual Network. 您可以將多個內部端點對應至相同前端 IP 位址的不同連接埠。You can map multiple internal endpoints to the different ports on the same frontend IP address. 您可以使用這些端點透過網際網路遠端管理虛擬機器,而不需要額外的跳箱。You can use these to remotely administer your virtual machines over the Internet without the need for an additional jump box.

  • 透明且相容的應用程式Application agnostic and transparent

    Load Balancer 不會直接與 TCP 或 UDP 或應用程式層互動,可以支援任何 TCP 或 UDP 型的應用程式案例。Load Balancer does not directly interact with TCP or UDP or the application layer and any TCP or UDP-based application scenario can be supported. 例如,Load Balancer 不會終止 TLS 本身,但您可以使用 Load Balancer 建置並相應放大 TLS 應用程式,並在虛擬機器本身終止 TLS 連線。For example, while Load Balancer does not terminate TLS itself, you can build and scale out TLS applications using Load Balancer and terminate the TLS connection on the virtual machine itself. Load Balancer 不會終止流程,通訊協定交握一律在用戶端與雜湊選取的後端集區執行個體之間直接進行。Load Balancer does not terminate a flow and protocol handshakes are always directly between the client and the hash-selected backend pool instance. 例如,TCP 交握一律是在用戶端和選取的後端虛擬機器之間進行。For example, a TCP handshake is always between the client and the selected backend virtual machine. 針對前端所提出的要求,是由後端虛擬機器產生回應。And a response to a request to a frontend is a response generated from the backend virtual machine. Load Balancer 的輸出網路效能只受限於您選擇的虛擬機器 SKU,如果一直沒達到閒置逾時,流程便會長時間保持運作。Load Balancer's outbound network performance is only limited by the virtual machine SKU you choose and flows will remain alive for long periods of time if the idle timeout is never reached.

  • 自動重新設定Automatic reconfiguration

    當您相應增加或減少執行個體時,Azure 負載平衡器本身會立即重新設定。Azure Load Balancer instantly reconfigures itself when you scale instances up or down. 從後端集區新增或移除虛擬機器會重新設定負載平衡器,而不需要在 Load Balancer 資源上進行其他作業。Adding or removing virtual machines from the backend pool reconfigures the load balancer without additional operations on the Load Balancer resource.

  • 健康情況探查Health probes

    Azure Load Balancer 會使用您定義的健康情況探查,來判斷後端集區中執行個體的健康情況。Azure Load Balancer uses health probes you define to determine the health of instances in the backend pool. 當探查無法回應時,負載平衡器會停止傳送新的連線至狀況不良的執行個體。When a probe fails to respond, the load balancer stops sending new connections to the unhealthy instances. 現有連線不會受到影響,會繼續維持連線直到應用程式終止流程、發生閒置逾時,或虛擬機器關機。Existing connections are not impacted and will continue until the application terminates the flow, an idle timeout occurs, or the virtual machine is shut down.

    支援的探查類型有三種:Three types of probes are supported:

    • HTTP 自訂探查:您可以用它建立自己的自訂邏輯,來判斷後端集區執行個體的健康情況。HTTP custom probe: You can use it to create your own custom logic to determine the health of a backend pool instance. 負載平衡器會定期探查您的端點 (預設為每隔 15 秒)。The load balancer will regularly probe your endpoint (every 15 seconds, by default). 如果執行個體在逾時期限 (預設值為 31 秒) 內以 HTTP 200 回應,系統會將其視為狀況良好。The instance is considered to be healthy if it responds with a HTTP 200 within the timeout period (default of 31 seconds). HTTP 200 以外的任何狀態皆會造成此探查失敗。Any status other than HTTP 200 causes this probe to fail. 這也適合用於實作您自己的邏輯,從負載平衡器的循環中移除執行個體。This is also useful for implementing your own logic to remove instances from the load balancer's rotation. 例如,您可以將執行個體設定為超過 90% 的 CPU 時傳回非 200 狀態。For example, you can configure the instance to return a non-200 status if the instance is above 90% CPU. 此探查會覆寫預設的客體代理程式探查。This probe overrides the default guest agent probe.

    • TCP 自訂探查: 此探查依賴於將 TCP 工作階段成功建立至定義的探查連接埠。TCP custom probe: This probe relies on successful TCP session establishment to a defined probe port. 只要虛擬機器上有指定的接聽程式,此探查就成功。As long as the specified listener on the virtual machine exists, this probe will succeed. 如果系統拒絕連線,探查便會失敗。If the connection is refused, the probe will fail. 此探查會覆寫預設的客體代理程式探查。This probe overrides the default guest agent probe.

    • 客體代理程式探查 (僅限平台即服務虛擬機器):負載平衡器也可以利用虛擬機器內的客體代理程式。Guest agent probe (on Platform as a Service Virtual Machines only): The load balancer can also utilize the guest agent inside the virtual machine. 客體代理程式只有在執行個體處於就緒狀態時,才會接聽並以「HTTP 200 確定」回應。The guest agent listens and responds with an HTTP 200 OK response only when the instance is in the ready state. 如果代理程式無法以 HTTP 200 OK 回應,負載平衡器就會將執行個體標示為沒有回應,並停止傳送流量到該執行個體。If the agent fails to respond with an HTTP 200 OK, the load balancer marks the instance as unresponsive and stops sending traffic to that instance. 負載平衡器會繼續嘗試聯繫執行個體。The load balancer continues to attempt to reach the instance. 如果客體代理程式以 HTTP 200 回應,則負載平衡器會再次傳送流量到該執行個體。If the guest agent responds with an HTTP 200, the load balancer will send traffic to that instance again. 客體代理程式探查是最後手段,只要還能使用 HTTP 或 TCP 自訂探查設定,就不應使用客體代理程式探查。Guest agent probes are a last resort and should not be used when HTTP or TCP custom probe configurations are possible.

  • 輸出連線 (來源 NAT)Outbound connections (Source NAT)

    所有從虛擬網路內私人 IP 位址送往網際網路上公用 IP 位址的輸出流程,皆可以轉譯為 Load Balancer 的前端 IP 位址。All outbound flows from private IP addresses inside your Virtual Network to public IP addresses on the Internet can be translated to a frontend IP address of the Load Balancer. 當公用前端透過負載平衡規則繫結到後端虛擬機器時,Azure 會自動將輸出連線轉譯成公用前端的 IP 位址。When a public frontend is tied to a backend virtual machine by way of a load balancing rule, Azure programs outbound connections to be automatically translated to the public frontend's IP address . 這也稱為「來源 NAT (SNAT)」。This is also called Source NAT (SNAT). SNAT 提供一些重要優勢:SNAT provides important benefits:

    • 它能夠輕鬆進行服務的升級及災害復原,因為前端可以動態對應到服務的另一個執行個體。It enables easy upgrade and disaster recovery of services, since the frontend can be dynamically mapped to another instance of the service.
    • 它讓存取控制清單 (ACL) 管理變得更容易。It makes access control list (ACL) management easier. 當服務相應增加、相應減少或重新部署時,根據前端 IP 表示的 ACL 不會變更。ACLs expressed in terms of frontend IPs do not change as services scale up, down, or get redeployed.

      請參閱輸出連線一文以取得這項功能的詳細討論。Refer to outbound connections article for a detailed discussion of this ability.

除了這些基本功能,標準 Load Balancer 還有其他的 SKU 專屬功能。Standard Load Balancer has additional SKU-specific abilities beyond these fundamentals. 請檢閱本文的其餘部分以了解詳情。Review the remainder of this article for details.

Load Balancer SKU 的比較Load Balancer SKU comparison

Azure Load Balancer 支援兩種不同的 SKU:基本和標準。Azure Load Balancer supports two different SKUs: Basic and Standard. 它們的案例規模、功能、價格不同。There are differences in scenario scale, features, and pricing. 任何可在基本 Load Balancer 建立的案例,也可以使用標準 Load Balancer 來建立。Any scenario possible with Basic Load Balancer can be created with Standard Load Balancer as well. 事實上,這兩個 SKU 的 API 類似,都是透過指定 SKU 來叫用。In fact, the APIs for both SKUs are similar and invoked through the specification of a SKU. 從 2017-08-01 API 開始,已提供可支援 Load Balancer 和公用 IP 之 SKU 的 API。The API for supporting SKUs for Load Balancer and public IP is available starting with the 2017-08-01 API. 這兩個 SKU 具有相同的一般 API 和結構。Both SKUs have the same general API and structure.

不過,根據選擇的 SKU 不同,完整案例設定的細節可能稍有不同。However, depending on which SKU is chosen, the complete scenario configuration detail may be slightly different. 當文章僅適用於特定 SKU 時,Load Balancer 文件才會加以標注。The Load Balancer documentation calls out when an article is applicable to a specific SKU only. 請看下表,比較並了解其中的差異。Review the following table below to compare and understand the differences. 如需進一步的詳細資訊,請檢閱標準 Load Balancer 概觀Review Standard Load Balancer Overview for further details.

注意

新的設計應該考慮使用標準 Load Balancer。New designs should consider using Standard Load Balancer.

獨立虛擬機器、可用性設定組和虛擬機器擴展集都只能和一個 SKU 連線,永遠不能和兩者同時連線。Standalone virtual machines, availability sets, and virtual machine scale sets can only be connected to one SKU, never both. 與公用 IP 位址搭配使用時,Load Balancer 和公用 IP 位址的 SKU 必須相符。When used with public IP addresses, both Load Balancer and public IP address SKU must match. Load Balancer 和公用 IP 的 SKU 不可變動。Load Balancer and Public IP SKUs are not mutable.

雖無強制性,但您最好明確地指定 SKU。It is a best practice to specify the SKUs explicitly, even though it is not yet mandatory. 現階段,會將所需的變更保持在最少量的狀態。At this time, required changes are being kept to a minimum. 若未指定 SKU,系統會認為您打算使用 2017-08-01 API 版本的基本 SKU。If a SKU is not specified, it is interpreted as the intention to use Basic SKU in the 2017-08-01 API version.

重要

標準 Load Balancer 是新的 Load Balancer 產品,大體上是基本 Load Balancer 的超集。Standard Load Balancer is a new Load Balancer product and largely a superset of Basic Load Balancer. 兩種產品間有重要且刻意製造的差別。There are important and deliberate differences between both products. 任何可在基本 Load Balancer 建立的端對端案例,都可以使用標準 Load Balancer 來建立。Any end-to-end scenario possible with Basic Load Balancer can be created with Standard Load Balancer. 如果您已經習慣使用基本 Load Balancer,請讓自己熟悉標準 Load Balancer,以了解標準和基本在行為上的重大變更以及其影響。If you are already used to Basic Load Balancer, you should familiarize yourself with Standard Load Balancer to understand breaking changes in behavior between Standard and Basic and their impact. 請仔細檢閱這一節。Review this section carefully.

標準 SKUStandard SKU 基本 SKUBasic SKU
後端集區大小Backend pool size 最多 1000 個執行個體up to 1000 instances 最多 100 個執行個體up to 100 instances
後端集區端點Backend pool endpoints 在單一虛擬網路中的任何虛擬機器,包括虛擬機器混合、可用性設定組、虛擬機器擴展集。any virtual machine in a single virtual network, including blend of virtual machines, availability sets, virtual machine scale sets. 在單一可用性設定組或虛擬機器擴展集中的虛擬機器virtual machines in a single availability set or virtual machine scale set
可用性區域Availability Zones 輸入和輸出的區域備援和區域性前端、輸出流程對應存活區域失敗、跨區域負載平衡zone-redundant and zonal frontends for inbound and outbound, outbound flows mappings survive zone failure, cross-zone load balancing /
診斷Diagnostics Azure 監視器、多維度計量 (包括位元組和封包計數器)、健康情況探查狀態、連線嘗試 (TCP SYN)、輸出連線的健康情況 (SNAT 成功和失敗的流程)、使用中資料層測量Azure Monitor, multi-dimensional metrics including byte and packet counters, health probe status, connection attempts (TCP SYN), outbound connection health (SNAT successful and failed flows), active data plane measurements 僅適用於公用 Load Balancer 的 Azure Log Analytics、SNAT 耗盡警示、後端集區健康情況計數Azure Log Analytics for public Load Balancer only, SNAT exhaustion alert, backend pool health count
HA 連接埠HA Ports 內部 Load Balancerinternal Load Balancer /
預設保護Secure by default 針對公用 IP 和 Load Balancer 端點的保護預設為關閉,必須使用網路安全性群組明確地將流程的流量加入白名單default closed for public IP and Load Balancer endpoints and a network security group must be used to explicitly whitelist for traffic to flow 預設為開啟,網路安全性群組為選擇性default open, network security group optional
輸出連線Outbound connections 多個可選擇退出個別規則的前端。「必須」明確建立輸出案例,虛擬機器才能使用輸出連線能力。Multiple frontends with per rule opt-out. An outbound scenario must be explicitly created for the virtual machine to be able to use outbound connectivity. 不用輸出連線能力即可與 VNet 服務端點連線,且不會計入已處理的資料。VNet Service Endpoints can be reached without outbound connectivity and do not count towards data processed. 必須透過輸出連線能力連線到任何公用 IP 位址 (包括無法作為 VNet 服務端點的 Azure PaaS 服務),並計入已處理的資料。Any public IP addresses, including Azure PaaS services not available as VNet Service Endpoints, must be reached via outbound connectivity and count towards data processed. 只有內部 Load Balancer 在提供虛擬機器時,就無法透過預設 SNAT 進行輸出連線。When only an internal Load Balancer is serving a virtual machine, outbound connections via default SNAT are not available. 輸出 SNAT 的程式設計依傳輸通訊協定而異,以輸入負載平衡規則的通訊協定為依據。Outbound SNAT programming is transport protocol specific based on protocol of the inbound load balancing rule. 單一前端,有多個前端時會隨機選取。Single frontend, selected at random when multiple frontends are present. 只有內部 Load Balancer 在提供虛擬機器時,會使用預設 SNAT。When only internal Load Balancer is serving a virtual machine, default SNAT is used.
多個前端Multiple frontends 輸入和輸出Inbound and outbound 僅輸入Inbound only
管理作業Management Operations 大部分的作業 < 30 秒Most operations < 30 seconds 通常是 60-90+ 秒60-90+ seconds typical
SLASLA 99.99% (當資料路徑具有兩個狀況良好的虛擬機器時)99.99% for data path with two healthy virtual machines 內含在 VM SLA 中Implicit in VM SLA
價格Pricing 根據規則數目、與資源相關聯的輸入或輸出所處理的資料來計費Charged based on number of rules, data processed inbound or outbound associated with resource 不收費No charge

請檢閱 Load Balancer 的服務限制Review service limits for Load Balancer. 若您使用標準 Load Balancer,另請檢閱概觀定價SLA 以取得更詳細的資訊。For Standard Load Balancer also review a more detailed overview, pricing, and SLA.

概念Concepts

公用 Load BalancerPublic Load Balancer

公用 Load Balancer 將連入流量的公用 IP 位址和連接埠號碼對應至虛擬機器的私人 IP 位址和連接埠號碼,來自虛擬機器的回應流量也是如此。Public Load Balancer maps the public IP address and port number of incoming traffic to the private IP address and port number of the virtual machine and vice versa for the response traffic from the virtual machine. 負載平衡規則可讓您將特定類型的流量分配至多個虛擬機器或服務。Load balancing rules allow you to distribute specific types of traffic between multiple virtual machines or services. 例如,您可以將 Web 要求的流量負載分散在多個 Web 伺服器。For example, you can spread the load of web request traffic across multiple web servers.

下圖顯示在三部虛擬機器中共用,且公用和私人 TCP 通訊埠均為 80 的 Web 流量負載平衡端點。The following figure shows a load-balanced endpoint for web traffic that is shared among three virtual machines for the public and private TCP port of 80. 這三部虛擬機器均位在負載平衡集合中。These three virtual machines are in a load-balanced set.

建立負載平衡器範例

圖:使用公用 Load Balancer 來進行網路流量負載平衡Figure : Load balancing web traffic using a public Load Balancer

當網際網路用戶端在 TCP 通訊埠 80 上傳送網頁要求至 Web 應用程式的公用 IP 位址時,Azure Load Balancer 會在負載平衡集中,將要求分配至這三部虛擬機器。When Internet clients send web page requests to the public IP address of a web app on TCP port 80, the Azure Load Balancer distributes the requests between the three virtual machines in the load-balanced set. 如需負載平衡器演算法的詳細資訊,請參閱負載平衡器概觀頁面For more information about load balancer algorithms, see the load balancer overview page.

根據預設,Azure Load Balancer 會在多個虛擬機器執行個體之間均分網路流量。By default, Azure Load Balancer distributes network traffic equally among multiple virtual machine instances. 您也可以設定工作階段親和性。You can also configure session affinity. 如需詳細資訊,請參閱負載平衡器分送模式For more information, see load balancer distribution mode.

內部 Load BalancerInternal Load Balancer

內部 Load Balancer 只會將流量導向位於虛擬網路內的資源,或導向會使用 VPN 來存取 Azure 基礎結構的資源。Internal Load Balancer only directs traffic to resources that are inside a virtual network or that use a VPN to access Azure infrastructure. 在這一方面,內部 Load Balancer 與公用 Load Balancer 不同。In this respect, internal Load Balancer differs from a public Load Balancer. Azure 基礎結構會限制存取虛擬網路的負載平衡前端 IP 位址。Azure infrastructure restricts access to the load-balanced frontend IP addresses of a virtual network. 前端 IP 位址與虛擬網路永不會直接公開至網際網路端點。Frontend IP addresses and virtual networks are never directly exposed to an internet endpoint. 內部企業營運應用程式會在 Azure 中執行,並且可從 Azure 內或內部部署資源內存取。Internal line-of-business applications run in Azure and are accessed from within Azure or from on-premises resources.

內部 Load Balancer 可提供下列幾種負載平衡類型:Internal Load Balancer enables the following types of load balancing:

  • 虛擬網路內:從虛擬網路中的 VM 至一組位於相同虛擬網路內之 VM 的負載平衡。Within a virtual network: Load balancing from VMs in the virtual network to a set of VMs that reside within the same virtual network.
  • 在跨單位虛擬網路中:從內部部署電腦至一組位於相同虛擬網路內之 VM 的負載平衡。For a cross-premises virtual network: Load balancing from on-premises computers to a set of VMs that reside within the same virtual network.
  • 多層應用程式:網際網路對向多層式應用程式 (其中的後端層並非網際網路對向) 的負載平衡。For multi-tier applications: Load balancing for internet-facing multi-tier applications where the back-end tiers are not internet-facing. 後端層需要來自網際網路對向層的流量負載平衡 (請見圖 2)。The back-end tiers require traffic load balancing from the internet-facing tier (see figure 2).
  • 針對企業營運應用程式:在 Azure 中代管的企業營運應用程式的負載平衡,而不額外負載平衡器硬體或軟體。For line-of-business applications: Load balancing for line-of-business applications that are hosted in Azure without additional load balancer hardware or software. 此情節包括流量已負載平衡之電腦集合中的內部部署伺服器。This scenario includes on-premises servers that are in the set of computers whose traffic is load-balanced.

內部負載平衡器範例

圖 - 使用公用和內部負載平衡器來進行多層式應用程式負載平衡Figure - Load balancing multi-tier applications using both public and internal load balancers

價格Pricing

標準 Load Balancer 為計費產品,根據所設定的負載平衡規則數目以及處理的所有輸入和輸出資料計算費用。Standard Load Balancer is a charged product based on number of load balancing rules configured and all inbound and outbound data processed. 如需標準 Load Balancer 的定價資訊,請瀏覽 Load Balancer 定價網頁。For Standard Load Balancer pricing information, visit the Load Balancer Pricing page.

基本 Load Balancer 則是免費提供。Basic Load Balancer is offered at no charge.

SLASLA

如需標準 Load Balancer SLA 的相關資訊,請瀏覽 Load Balancer SLA 網頁。For information about the Standard Load Balancer SLA, visit the Load Balancer SLA page.

後續步驟Next steps