When an application is hosted on the cloud, users interact with it at various times. The load on the server might get huge at specific times. For instance, let's take a shopping app as an example. Normally, the app receives regular traffic. But when there is a sale, people tend to use the app more. That's when the server should be well maintained such that it won't stop. Azure provides a Load Balancer service through which we can balance the load on the applications that are deployed in Azure. In this post, we will explain about Azure Load Balancer and how it works. We will explain to you how a load balancer affects the health of a server.
When users interact with a cloud-based application, fast responses are vital as they yield customer satisfaction. When there is a surge in network traffic, the server should be able to handle it. This is where load balancing comes into the picture. It helps in maintaining the availability of cloud-based applications to users. It prevents a server from getting overloaded and stopping.
The azure load balancer distributes incoming network load across backend resources, so the application server functions properly. It operates on the fourth layer of the Open Systems Interconnection (OSI) model, where it acts as the single point of contact for the users. The inbound flows that arrive at the load balancer's frontend are distributed among backend pool instances, which might be Azure Virtual Machines or instances in a virtual machine set.
Interested in learning Azure Course ? Enroll in our Microsoft Azure Certification Training program now!
We can create load balancers in the following ways.
Public load balancer - It is used to balance internet traffic coming to the VM's. It will provide outbound connections for virtual machines (VMs) that are present inside a virtual network by translating a private IP address to a public IP address.
Internal (or private) load balancer - It is used when private IPs are needed at the frontend only. It will balance the traffic inside a virtual network when the application needs to be accessed on-premises.
Here are some reasons why we can use Azure load balancer.
Azure load balancer runs on a few components that can be configured in the following ways.
An IP address will be the point of contact for the users. It can either be a public IP address or a private IP address. The type of load balancer depends on the nature of the IP address. Selecting a public IP address creates a public load balancer. Selecting a private IP address creates a private load balancer. A load balancer can have multiple ports, multiple frontend IP addresses, or both.
lets's get started with Azure traffic Manger
A backend pool is a group of virtual machines or instances in a virtual machine scale set. This backend pool serves the incoming requests. Computing guidelines recommend adding more instances to the backend pool to meet high volumes of incoming traffic. When we scale instances up or down, the load balancer automatically reconfigures itself without additional operations.
A health probe determines the health of the instances in the backend pool, which means if an instance can receive traffic or not. We have to configure a health probe while creating a load balancer and define the unhealthy threshold for health probes. If an instance is unhealthy, the load balancer does not route any traffic to that instance. This does not affect the existing connection. The connection continues until the flow ends, or idle time occurs, or the VM shuts down. TCP, HTTP, and HTTPS are the types of health probes available for the load balancer.
The traffic distribution to all the instances depends on the load balancing rules. It defines how to distribute the load to healthy instances available in the backend pool. It maps a frontend IP address and port to multiple backend IP addresses and ports.
Get ahead in your career with our Microsoft Azure Tutorial
The 'protocol - all and port - 0' load balancing rules enforce a single rule on all the TCP and UDP flows that come to all ports of an internal load balancer. It helps in handling critical situations like scaling network virtual appliances (NVAs) and high availability. The load balancing decision will be based on source IP address, source port, destination IP address, destination port, and protocol.
An inbound NAT rule is defined to forward the incoming traffic that arrives at the frontend IP address and port combination to the specific virtual machine or instance in the backend pool. This kind of port forwarding is done by the same hash-based distribution as load balancing. The frontend IP addresses remotely administer VMs without any additional functions. Inbound NAT rules can be called as inbound NAT pools in the context of virtual machine scale sets.
An outbound rule defines outbound Network Address Translation (NAT) for the instances or VMs available in the backend pool. It enables the instances or VMs in the backend pool to communicate with the internet. The outbound connectivity is provided through different mechanisms by the load balancer.
As mentioned earlier, we can create load balancing rules to route traffic from the frontend IP address to the backend pool. These flows are distributed by the load balancer using a hashing algorithm by rewriting the headers of flows. It uses a five-tuple hash by default which includes,
When a flow starts, it uses a two or three-tuple hash to create a link to the source IP address such that packets of the same flow arrive in the same instance. When a client starts a new flow from the same source IP address, the source port changes. The five-tuple hash causes the traffic to go to a different backend endpoint.
The Azure load balancer does have some limitations.
Let us create a public load balancer that balances the load on the VMs. Navigate to https://portal.azure.com and log into your Azure account.
Click on 'Create a resource' in the top-left corner. Click on 'Networking' and select the 'Load Balancer' option. You will get a load balancer page for configuration. In the 'Basics' tab, select your subscription. Click on 'Create new' for the resource group and give a name for it. Give a name for your load balancer, select 'West Europe' as region, 'Public' as type, and 'Standard' as SKU. If you have an existing public IP address, give that for the 'Public IP address' field or create a new one. Also, give a name for the 'Public IP address name' field. Select 'Zone-redundant' for the Availability zone field, give no for 'Add a public IPv6 address' field. Click on 'Review + create' at the end of the page. You will be navigated to the next tab, click on 'Create'.
Select the 'All services' option on the left-side menu. Click on 'All resources' and select the load balancer that you created earlier from the resources list. Go to settings, select the 'Backend pools' option, and click on 'Add'. You will get a 'Add a backend pool' page where you can specify the name of the backend pool. Once done, click on 'Add'.
Select the 'All services' option on the left-side menu. Click on 'All resources' and select your load balancer from the resources list. Go to settings, select the 'Health probes' option, and click on 'Add'. Give a name for the health probe, select 'HTTP' for the 'Protocol' field, enter 80 for the 'Port' field, enter 15 for the 'Interval' field, select 2 for the 'Unhealthy threshold' field, and click on 'OK'.
[Related Article: Microsoft AZure Portal]
Select the 'All services' option on the left-side menu. Click on 'All resources' and select your load balancer from the resources list. Go to settings, select the 'Load balancing rules' option, and click on 'Add'. Give a name for the rule, select IPv4 for the 'IP Version', and select your load balancer frontend for the 'Frontend IP address'. Give TCP for the 'Protocol' field, enter 80 for the 'Port' field, and enter 80 for the 'Backend port' field. Select the backend pool and health probe that you created earlier. Select No for the 'Create implicit outbound rules' option and click on 'OK'.
Go to the 'Networking' tab and select your virtual network for the 'Virtual network' field. Select your backend subnet for the 'Subnet' field. Choose none for the 'Public IP' field, select 'Advanced' for the 'NIC network security group' field. Create a new network security group. Under the 'Load balancing' section, select Yes for the 'Place this virtual machine behind an existing load balancing solution?' field. Select 'Azure load balancing' for the 'Load balancing options' field. Choose the load balancer that you created earlier for the 'Select a load balancer' option. Choose your backend pool for the 'Select a backend pool' field.
Select off for the 'Boot diagnostics' field in the Management tab. Click on 'Review + create'. On reviewing the settings, click on 'Create'. This process should be followed for all the VM's in the virtual network.
Select the 'All services' option on the left-side menu. Click on 'All resources' and select your load balancer from the resources list. Go to settings, select the 'Outbound rules' option, and click on 'Add'. Create a new frontend IP address and set the timer to '15 minutes' for the 'Idle timeout' field. Select 'Enabled' for the 'TCP Reset' field, create a backend pool, select 'Manually choose the number of outbound ports' for the 'Port allocation' field. Select 'Ports per instance' for the 'Outbound ports' field, enter 10000 for the 'Ports per instance' field, and click on 'Add'.
Select the 'All services' option on the left-side menu. Click on 'All resources' and select your load balancer from the resources list. Go to settings, select the 'Backend pools' option, and choose your backend pool from the list. Choose your virtual network for the 'Virtual network' option. Select '+ Add' for the 'Virtual machines' option. Choose all the virtual machines in your virtual network. Select 'Add' and click on 'Save'.
Go to 'All Services', click on 'All resources', choose a VM from the resource group. Go to the overview page, select 'Connect', and click on 'Bastion'. Give the username and password of your VM, and click on 'Connect'. Navigate to 'Windows Administrative Tools' and click on 'Windows PowerShell'. Execute the following commands,
Install-WindowsFeature -name Web-Server -IncludeManagementTools
Add-Content -Path "C:\inetpub\wwwroot\iisstart.htm" -Value $("You are on " + $env:computername)
Close the Bastion session of your VM. Repeat the same process for all the VMs in your virtual network.
You can get the public IP address of the load balancer from the overview page. Go to 'All Services', click on 'All resources', and select your public IP. Copy the public IP address and run it in a browser. The default page configured in IIS will be displayed on the browser. To test the load balancing, try refreshing the page from different browsers at the same time. You can see which VM you are interacting with.
A load balancer supports multiple rules with multiple frontends. Availability zone configurations are available for both types of public and private load balancers. Azure load balancer always works on a DSR flow topology. Defining floating IP adds additional flexibility for the load balancer. In this post, you have learned all about the Azure load balancer and how to create it. After your work is done with the load balancer, delete the load balancer, resource group, and all the related resources.
Other Related articles: