| title | description | services | documentationcenter | author | Customer intent | ms.assetid | ms.service | ms.devlang | ms.topic | ms.tgt_pltfrm | ms.workload | ms.date | ms.author | ms:custom |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Quickstart:Create a Standard Load Balancer - Azure PowerShell | Microsoft Docs |
This quickstart shows how to create a Standard Load Balancer using PowerShell |
load-balancer |
na |
KumudD |
I want to create a Standard Load balancer so that I can load balance internet traffic to VMs. |
load-balancer |
na |
qucikstart |
na |
infrastructure-services |
08/22/2018 |
kumud |
mvc |
This quickstart shows you how to create a Standard Load Balancer using Azure PowerShell. To test the load balancer, you deploy two virtual machines (VMs) running Windows server and load balance a web app between the VMs. To learn more about Standard Load Balancer, see What is Standard Load Balancer.
[!INCLUDE cloud-shell-powershell.md]
If you choose to install and use PowerShell locally, this article requires the Azure PowerShell module version 5.4.1 or later. Run Get-Module -ListAvailable AzureRM to find the installed version. If you need to upgrade, see Install Azure PowerShell module. If you are running PowerShell locally, you also need to run Login-AzureRmAccount to create a connection with Azure.
Before you can create your load balancer, you must create a resource group with New-AzureRmResourceGroup. The following example creates a resource group named myResourceGroupLB in the EastUS location:
New-AzureRmResourceGroup `
-ResourceGroupName "myResourceGroupLB" `
-Location "EastUS"
To access your app on the Internet, you need a public IP address for the load balancer. Create a public IP address with New-AzureRmPublicIpAddress. The following example creates a public IP address named myPublicIP in the myResourceGroupLB resource group:
$publicIP = New-AzureRmPublicIpAddress `
-Name "myPublicIP" `
-ResourceGroupName "myResourceGroupLB" `
-Location "EastUS" `
-Sku "Standard" `
-AllocationMethod "Static"
In this section, you configure the frontend IP and the backend address pool for the load balancer and then create the Basic Load Balancer.
Create a frontend IP with New-AzureRmLoadBalancerFrontendIpConfig. The following example creates a frontend IP configuration named myFrontEnd and attaches the myPublicIP address:
$frontendIP = New-AzureRmLoadBalancerFrontendIpConfig `
-Name "myFrontEnd" `
-PublicIpAddress $publicIP
Create a backend address pool with New-AzureRmLoadBalancerBackendAddressPoolConfig. The VMs attach to this backend pool in the remaining steps. The following example creates a backend address pool named myBackEndPool:
$backendPool = New-AzureRmLoadBalancerBackendAddressPoolConfig -Name "myBackEndPool"
To allow the load balancer to monitor the status of your app, you use a health probe. The health probe dynamically adds or removes VMs from the load balancer rotation based on their response to health checks. By default, a VM is removed from the load balancer distribution after two consecutive failures at 15-second intervals. You create a health probe based on a protocol or a specific health check page for your app.
The following example creates a TCP probe. You can also create custom HTTP probes for more fine grained health checks. When using a custom HTTP probe, you must create the health check page, such as healthcheck.aspx. The probe must return an HTTP 200 OK response for the load balancer to keep the host in rotation.
To create a TCP health probe, you use Add-AzureRmLoadBalancerProbeConfig. The following example creates a health probe named myHealthProbe that monitors each VM on HTTP port 80:
$probe = New-AzureRmLoadBalancerProbeConfig `
-Name "myHealthProbe" `
-RequestPath healthcheck2.aspx `
-Protocol http `
-Port 80 `
-IntervalInSeconds 16 `
-ProbeCount 2
A load balancer rule is used to define how traffic is distributed to the VMs. You define the frontend IP configuration for the incoming traffic and the backend IP pool to receive the traffic, along with the required source and destination port. To make sure only healthy VMs receive traffic, you also define the health probe to use.
Create a load balancer rule with Add-AzureRmLoadBalancerRuleConfig. The following example creates a load balancer rule named myLoadBalancerRule and balances traffic on TCP port 80:
$lbrule = New-AzureRmLoadBalancerRuleConfig `
-Name "myLoadBalancerRule" `
-FrontendIpConfiguration $frontendIP `
-BackendAddressPool $backendPool `
-Protocol Tcp `
-FrontendPort 80 `
-BackendPort 80 `
-Probe $probe
Create NAT rules with Add-AzureRmLoadBalancerRuleConfig. The following example creates NAT rules named myLoadBalancerRDP1 and myLoadBalancerRDP2 to allow RDP connections to the backend servers with port 4221 and 4222:
$natrule1 = New-AzureRmLoadBalancerInboundNatRuleConfig `
-Name 'myLoadBalancerRDP1' `
-FrontendIpConfiguration $frontendIP `
-Protocol tcp `
-FrontendPort 4221 `
-BackendPort 3389
$natrule2 = New-AzureRmLoadBalancerInboundNatRuleConfig `
-Name 'myLoadBalancerRDP2' `
-FrontendIpConfiguration $frontendIP `
-Protocol tcp `
-FrontendPort 4222 `
-BackendPort 3389
Create the Standard Load Balancer with New-AzureRmLoadBalancer. The following example creates a public Basic Load Balancer named myLoadBalancer using the frontend IP configuration, backend pool, health probe, load balancing rule, and NAT rules that you created in the preceding steps:
$lb = New-AzureRmLoadBalancer `
-ResourceGroupName 'myResourceGroupLB' `
-Name 'MyLoadBalancer' `
-Location 'eastus' `
-FrontendIpConfiguration $frontendIP `
-BackendAddressPool $backendPool `
-Probe $probe `
-LoadBalancingRule $lbrule `
-InboundNatRule $natrule1,$natrule2 `
-sku Standard
Before you deploy some VMs and can test your balancer, you must create supporting network resources - virtual network and virtual NICs.
Create a virtual network with New-AzureRmVirtualNetwork. The following example creates a virtual network named myVnet with mySubnet:
# Create subnet config
$subnetConfig = New-AzureRmVirtualNetworkSubnetConfig `
-Name "mySubnet" `
-AddressPrefix 10.0.2.0/24
# Create the virtual network
$vnet = New-AzureRmVirtualNetwork `
-ResourceGroupName "myResourceGroupLB" `
-Location "EastUS" `
-Name "myVnet" `
-AddressPrefix 10.0.0.0/16 `
-Subnet $subnetConfig
Create network security group to define inbound connections to your virtual network.
Create a network security group rule to allow RDP connections through port 3389 with New-AzureRmNetworkSecurityRuleConfig.
$rule1 = New-AzureRmNetworkSecurityRuleConfig `
-Name 'myNetworkSecurityGroupRuleRDP' `
-Description 'Allow RDP' `
-Access Allow `
-Protocol Tcp `
-Direction Inbound `
-Priority 1000 `
-SourceAddressPrefix Internet `
-SourcePortRange * `
-DestinationAddressPrefix * `
-DestinationPortRange 3389
Create a network security group rule to allow inbound connections through port 80 with New-AzureRmNetworkSecurityRuleConfig.
$rule2 = New-AzureRmNetworkSecurityRuleConfig `
-Name 'myNetworkSecurityGroupRuleHTTP' `
-Description 'Allow HTTP' `
-Access Allow `
-Protocol Tcp `
-Direction Inbound `
-Priority 2000 `
-SourceAddressPrefix Internet `
-SourcePortRange * `
-DestinationAddressPrefix * `
-DestinationPortRange 80
Create a network security group with New-AzureRmNetworkSecurityGroup.
$nsg = New-AzureRmNetworkSecurityGroup `
-ResourceGroupName 'myResourceGroupLB' `
-Location 'EastUS' `
-Name 'myNetworkSecurityGroup' `
-SecurityRules $rule1,$rule2
Create virtual NICs created with New-AzureRmNetworkInterface. The following example creates two virtual NICs. (One virtual NIC for each VM you create for your app in the following steps). You can create additional virtual NICs and VMs at any time and add them to the load balancer:
# Create NIC for VM1
$nicVM1 = New-AzureRmNetworkInterface `
-ResourceGroupName 'myResourceGroupLB' `
-Location 'EastUS' `
-Name 'MyNic1' `
-LoadBalancerBackendAddressPool $backendPool `
-NetworkSecurityGroup $nsg `
-LoadBalancerInboundNatRule $natrule1 `
-Subnet $vnet.Subnets[0]
# Create NIC for VM2
$nicVM2 = New-AzureRmNetworkInterface `
-ResourceGroupName 'myResourceGroupLB' `
-Location 'EastUS' `
-Name 'MyNic2' `
-LoadBalancerBackendAddressPool $backendPool `
-NetworkSecurityGroup $nsg `
-LoadBalancerInboundNatRule $natrule2 `
-Subnet $vnet.Subnets[0]
To improve the high availability of your app, place your VMs in an availability set.
Create an availability set with New-AzureRmAvailabilitySet. The following example creates an availability set named myAvailabilitySet:
$availabilitySet = New-AzureRmAvailabilitySet `
-ResourceGroupName "myResourceGroupLB" `
-Name "myAvailabilitySet" `
-Location "EastUS" `
-Sku aligned `
-PlatformFaultDomainCount 2 `
-PlatformUpdateDomainCount 2
Set an administrator username and password for the VMs with Get-Credential:
$cred = Get-Credential
Now you can create the VMs with New-AzureRmVM. The following example creates two VMs and the required virtual network components if they do not already exist:
for ($i=1; $i -le 2; $i++)
{
New-AzureRmVm `
-ResourceGroupName "myResourceGroupLB" `
-Name "myVM$i" `
-Location "East US" `
-VirtualNetworkName "myVnet" `
-SubnetName "mySubnet" `
-SecurityGroupName "myNetworkSecurityGroup" `
-OpenPorts 80 `
-AvailabilitySetName "myAvailabilitySet" `
-Credential $cred `
-AsJob
}
The -AsJob parameter creates the VM as a background task, so the PowerShell prompts return to you. You can view details of background jobs with the Job cmdlet. It takes a few minutes to create and configure the two VMs.
Install IIS with a custom web page on both backend VMs as follows:
- Get the Public IP address of the Load Balancer. Using
Get-AzureRmPublicIPAdress, obtain the Public IP address of the Load Balancer.
Get-AzureRmPublicIPAddress `
-ResourceGroupName "myResourceGroupLB" `
-Name "myPublicIP" | select IpAddress
- Create a remote desktop connection to VM1 using the Public Ip address that you obtained from the previous step.
mstsc /v:PublicIpAddress:4221
- Enter the credentials for VM1 to start the RDP session.
- Launch Windows PowerShell on VM1 and using the following commands to install IIS server and update the default htm file.
# Install IIS Install-WindowsFeature -name Web-Server -IncludeManagementTools # Remove default htm file remove-item C:\inetpub\wwwroot\iisstart.htm #Add custom htm file Add-Content -Path "C:\inetpub\wwwroot\iisstart.htm" -Value $("Hello World from host" + $env:computername) - Close the RDP connection with myVM1.
- Create a RDP connection with myVM2 by running
mstsc /v:PublicIpAddress:4222command, and repeat step 4 for VM2.
Obtain the public IP address of your load balancer with Get-AzureRmPublicIPAddress. The following example obtains the IP address for myPublicIP created earlier:
Get-AzureRmPublicIPAddress `
-ResourceGroupName "myResourceGroupLB" `
-Name "myPublicIP" | select IpAddress
You can then enter the public IP address in to a web browser. The website is displayed, including the hostname of the VM that the load balancer distributed traffic to as in the following example:
To see the load balancer distribute traffic across all two VMs running your app, you can force-refresh your web browser.
When no longer needed, you can use the Remove-AzureRmResourceGroup command to remove the resource group, VM, and all related resources.
Remove-AzureRmResourceGroup -Name myResourceGroupLB
In this quickstart, you created a Basic Load Balancer, attached VMs to it, configured the load balancer traffic rule, health probe, and then tested the load balancer. To learn more about Azure Load Balancer, continue to the tutorials for Azure Load Balancer.
[!div class="nextstepaction"] Azure Load Balancer tutorials