| title | description | services | documentationcenter | author | manager | editor | tags | Customer intent | ms.assetid | ms.service | ms.devlang | ms.topic | ms.tgt_pltfrm | ms.workload | ms.date | ms.author |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
CLI Example - Load Balancer VMs within a zone - Azure | Microsoft Docs |
This Azure CLI script example shows how to load balance traffic to VMs within a specific availability zone |
load-balancer |
load-balancer |
KumudD |
jeconnoc |
tysonn |
As an IT administrator, I want to create a load balancer that load balances incoming internet traffic to virtual machines within a specific zone in a region. |
load-balancer |
azurecli |
sample |
infrastructure |
06/14/2018 |
kumud |
This Azure CLI script example creates everything needed to run several Ubuntu virtual machines configured in a highly available and load balanced configuration within a specific availability zone. After running the script, you will have three virtual machines in a single availability zones within a region that are accessible through an Azure Standard Load Balancer.
[!INCLUDE sample-cli-install]
[!INCLUDE quickstarts-free-trial-note]
#!/bin/bash
# Create a resource group.
az group create \
--name myResourceGroup \
--location westeurope
# Create a virtual network.
az network vnet create \
--resource-group myResourceGroup \
--location westeurope \
--name myVnet \
--subnet-name mySubnet
# Create a zonal Standard public IP address.
az network public-ip create \
--resource-group myResourceGroup \
--name myPublicIP \
--sku Standard
--zone 1
# Create an Azure Load Balancer.
az network lb create \
--resource-group myResourceGroupLB \
--name myLoadBalancer \
--public-ip-address myPublicIP \
--frontend-ip-name myFrontEndPool \
--backend-pool-name myBackEndPool \
--sku Standard
# Creates an LB probe on port 80.
az network lb probe create \
--resource-group myResourceGroup \
--lb-name myLoadBalancer \
--name myHealthProbe \
--protocol tcp \
--port 80
# Creates an LB rule for port 80.
az network lb rule create \
--resource-group myResourceGroup \
--lb-name myLoadBalancer \
--name myLoadBalancerRuleWeb \
--protocol tcp \
--frontend-port 80 \
--backend-port 80 \
--frontend-ip-name myFrontEndPool \
--backend-pool-name myBackEndPool \
--probe-name myHealthProbe
# Create three NAT rules for port 22.
for i in `seq 1 3`; do
az network lb inbound-nat-rule create \
--resource-group myResourceGroup \
--lb-name myLoadBalancer \
--name myLoadBalancerRuleSSH$i \
--protocol tcp \
--frontend-port 422$i \
--backend-port 22 \
--frontend-ip-name myFrontEndPool
done
# Create a network security group
az network nsg create \
--resource-group myResourceGroup \
--name myNetworkSecurityGroup
# Create a network security group rule for port 22.
az network nsg rule create \
--resource-group myResourceGroup \
--nsg-name myNetworkSecurityGroup \
--name myNetworkSecurityGroupRuleSSH \
--protocol tcp \
--direction inbound \
--source-address-prefix '*' \
--source-port-range '*' \
--destination-address-prefix '*' \
--destination-port-range 22 \
--access allow \
--priority 1000
# Create a network security group rule for port 80.
az network nsg rule create \
--resource-group myResourceGroup \
--nsg-name myNetworkSecurityGroup \
--name myNetworkSecurityGroupRuleHTTP \
--protocol tcp \
--direction inbound \
--source-address-prefix '*' \
--source-port-range '*' \
--destination-address-prefix '*' \
--destination-port-range 80 \
--access allow \
--priority 2000
# Create three virtual network cards and associate with public IP address and NSG.
for i in `seq 1 3`; do
az network nic create \
--resource-group myResourceGroup \
--name myNic$i \
--vnet-name myVnet \
--subnet mySubnet \
--network-security-group myNetworkSecurityGroup \
--lb-name myLoadBalancer \
--lb-address-pools myBackEndPool \
--lb-inbound-nat-rules myLoadBalancerRuleSSH$i
done
# Create three virtual machines, this creates SSH keys if not present.
for i in `seq 1 3`; do
az vm create \
--resource-group myResourceGroup \
--name myVM$i \
--zone 1 \
--nics myNic$i \
--image UbuntuLTS \
--generate-ssh-keys \
--no-wait
done
Run the following command to remove the resource group, VM, and all related resources.
az group delete --name myResourceGroup
This script uses the following commands to create a resource group, virtual machine, availability set, load balancer, and all related resources. Each command in the table links to command specific documentation.
| Command | Notes |
|---|---|
| az group create | Creates a resource group in which all resources are stored. |
| az network vnet create | Creates an Azure virtual network and subnet. |
| az network public-ip create | Creates a public IP address with a static IP address and an associated DNS name. |
| az network lb create | Creates an Azure load balancer. |
| az network lb probe create | Creates a load balancer probe. A load balancer probe is used to monitor each VM in the load balancer set. If any VM becomes inaccessible, traffic is not routed to the VM. |
| az network lb rule create | Creates a load balancer rule. In this sample, a rule is created for port 80. As HTTP traffic arrives at the load balancer, it is routed to port 80 one of the VMs in the LB set. |
| az network lb inbound-nat-rule create | Creates load balancer Network Address Translation (NAT) rule. NAT rules map a port of the load balancer to a port on a VM. In this sample, a NAT rule is created for SSH traffic to each VM in the load balancer set. |
| az network nsg create | Creates a network security group (NSG), which is a security boundary between the internet and the virtual machine. |
| az network nsg rule create | Creates an NSG rule to allow inbound traffic. In this sample, port 22 is opened for SSH traffic. |
| az network nic create | Creates a virtual network card and attaches it to the virtual network, subnet, and NSG. |
| az vm create | Creates the virtual machine and connects it to the network card, virtual network, subnet, and NSG. This command also specifies the virtual machine image to be used and administrative credentials. |
| az group delete | Deletes a resource group including all nested resources. |
For more information on the Azure CLI, see Azure CLI documentation.
Additional Azure Networking CLI script samples can be found in the Azure Networking documentation.