Introduction to Azure load balancer

Varma Rudra
A free video tutorial from Varma Rudra
TOGAF Certified Enterprise Architect
4.4 instructor rating • 3 courses • 32,052 students

Lecture description

By the end of this lecture, you will gain understanding of key capabilities and components of Azure load balancer and key differences between basic and standard tiers.

Learn more from the full course

A to Z of Azure Network services - Covers AZ 300, 103 & more

The most comprehensive course on Azure networking services with lots of lab demonstrations

12:02:13 of on-demand video • Updated October 2019

  • Design & deploy virtual networks, subnets
  • Configure network security groups using service tags and application security groups
  • Create user defined routes, multiple NIC's, IP Address configuration
  • Configure availability sets and deploy zone based and zonal based services
  • Configure load balancer for internet load balancing, create NAT rules, configuration of Backend Pools & health probes and monitoring
  • Configure application gateway for URL path based routing, multi site hosting, Web application firewall and monitoring
  • Configure traffic manager with priority, performence, weight and geographic routing methods and use nested profiles
  • Establish peering, point to site, VPN to VPN, site to site VPN connection
  • Connect Azure virtual network with AWS VPC
  • Delivering hybrid applications/solutions network connectivity
  • Use network watcher and network performance monitor to monitor network performance
  • Create and configure Azure Public DNS and Private DNS zones
English Hi, welcome to this lecture. In this lecture I'm going to take you through Azure load balancer and its capabilities. Typically a load balancer is used to distribute the incoming traffic to a pool of virtual machines and the idea is if any of the virtual machines is down in that pool of virtual machines load balancer will recognize it and stop routing the traffic to that failed virtual machine. In this way, you're essentially making your application resilient to any software or hardware failures in that pool of virtual machines. In addition to this capability, there are lot of other capabilities with a typical load balancer. So let me take you through them from Azure load balancer perspective. OK. In terms of Azure load balancer capabilities first one is load balancing by default Azure load balancer uses a 5-tuple hash composed of source IP, source port, destination IP, destination port, and protocol. Basically, you can configure a load-balancing rule within the load balancer in such a way based on the source port and source IP address from where the traffic is originating you can configure to route the traffic to a particular destination pool of virtual machines. OK. Similarly, Azure load balancer also has port forwarding capability. So, for example, let's say you have a pool of webservers and you don't want to associate public IP address for each web server in that pool. However If you want to carry out any maintenance activities you need to RDP into those Web servers without having public IP address on that web servers you will not be able to RDP into them from internet. So one way of providing RDP access into those web servers is to utilize load balancers public IP address. So what you can do is you can able to configure Inbound NAT rule to port forward RDP traffic from a specified port of a specific frontend IP address to a specific port of a specific backend instance inside virtual network. OK. Don't worry if you don't understand this we have a specific lab to show you how we can achieve this using Inbound NAT rule configuration of Azure load balancer. And thirdly all these rules are application agnostics and transparent, so load balancer doesn't directly interact with the TCP or UDP or the application layer. But in case if you want to have that capability i.e., in other words, route the traffic based on URL or multi-site hosting then you can go for application gateway. I will discuss about application gateway in detail in the upcoming lectures and labs. And the fourth capability is automatic reconfiguration load balancer can instantly reconfigure itself when you scale up or down instances. So if you are adding more number of virtual machines into backend pool automatically load balancer will reconfigure. You don't need to do anything else. And the fifth one is health probes. As I said earlier load balancer has a capability to recognize any failed virtual machines in the backend pool and stop routing the traffic to that particular failed virtual machine. The way they will recognize is using health probes you can configure health probes to determine the health of the instances in the backend pool and based on the feedback load balancer receives from the health probes it will decide whether it need to forward the traffic or stop forwarding the traffic to that particular virtual machine. And the next one is Outbound connection all the Outbound flows from private IP addresses inside your virtual network to public IP addresses on the Internet can be translated to a front end IP of load balancer. In other words what happens is if your virtual machine has a public IP address then well and good that particular public IP address will be used in the Outbound connections with Internet, however, if your virtual machine doesn't have any public IP address and whenever the virtual machine try to initiate an Outbound connection into the Internet then a public IP address from a pool of IP addresses will be selected on a random manner by Azure. So basically you can't predict which public IP address will be chosen by Azure in order to initiate that Outbound connection from virtual machine. And this will be a very big problem when the other party which is accepting the connections from your virtual machine need to whitelist IP addresses because they want to accept the traffic from only known IP addresses always. To resolve that issue you can use load balancers public IP address to initiate the Outbound connection. So once you configured the Outbound rule in load balancer your virtual machines private IP address will be translated to front-end IP address of load balancer whenever an Outbound flow is initiated from the particular virtual machine into the internet. Okay. I will show you how to configure this Outbound connection in one of the upcoming labs. And finally, there are two pricing tiers that are available in load balancer. One is basic and another one is standard and the standard one came up with lot of capabilities mainly when Azure introduced availability zones they introduced several services that support availability zones. One of those services is standard load balancer, I will take you through in more detail. what standard load balancer offers in the upcoming slides. Now these are all the capabilities of Azure load balancer. But what is actually constituted of Azure load balancer? What is the typical configuration elements let's go through them now. In terms of Azure load balancer there are five key configuration elements. First one is Front-end IP configuration. Basically, these are IP addresses to which the incoming traffic will initially come to and Azure load balancer can have one or more Front-end IP addresses they are sometimes called as also virtual IP's. OK so these are the IP addresses to which the traffic initially comes to and the second key configuration element is Back-end address pool. These are the pool of virtual machines to which the traffic will eventually go to. And the third one is load-balancing rule a load balancing rule is simply a mapping between the Front-end IP configuration and Back-end address pool. So basically when you are defining a load balancer rule you will specify source Front-end IP address and source port and the Back-end IP addresses or Back-end pools and Back-end ports and when you are configuring this load balancing rule you will also specify which probe you want to use in order to monitor the health of Back-end pool virtual machines. So what probes do they enable you to keep track of health of VM instances. And as I said earlier If a health probe files the VM instance will be taken out of rotation automatically. Basically what this mean is whenever load balancer try to distribute the traffic between a pool of virtual machine it does on a round-Robin basis. And when one VM instance is down then it will be taken out and the traffic will be distributed to the remaining VM's on a round-robin basis. And finally, you can configure two types of rules Inbound NAT rules and Outbound NAT rules. So these are all the configuration elements related to Azure load balancer in the upcoming labs I'm going to show you how to configure each one of them. But before we go into the labs one last thing I want to discuss is standard load balancer capabilities. As I said earlier there are two types of pricing tiers available with Azure load balancer. One is basic. And the second one is standard. There are lot of differences between basic and standard. But I picked up five key of them. But for other differences, I'm going to attach a link to the documentation please click on that and refer to that link to understand more about basic and standard tiers. So let's go through these differences Back-end pool in terms of basic you can only include virtual machines in a single availability set or virtual machine scale set in the Back-end pool of a basic tier load balancer. But when it comes to standard you can include any virtual machine as long as they belong to a single virtual network you should be able to include any virtual machine in the Back-end pool of standard load balancer. And the second thing is health probes in terms of basic load balancer only TCP and HTTP health probing is allowed. But when it comes to standard you can use TCP, HTTP, and HTTPS also. And when it comes to availability zones they are not supported using basic load balancer but they are supported using standard load balancer. When you are trying to create standard load balancer you can either select it as Zone-redundant or deploy this load balancer into one of those zones based on the region you select. Each region can have two or more zones so you might decide to deploy a load balancer in one of the zones or you can make it Zone-redundant also. And the next thing is Outbound rules these are not available in basic but are available in standard. So I'm going to show you how to configure this Outbound rules using standard load balancer and in terms of Front-end's as you might have imagined standard will allow both of them. Oh sorry. This has to be other way around sorry for this. Actually standard will allow both Inbound and Outbound and basic will allow only Inbound only you can easily guess this in basic load balancer you can configure Inbound NAT rules only but with respect to standard load balancer you can configure Outbound NAT rules also. So by default, multiple Front-ends both inbound and outbound is allowed in standard and Inbound only allowed in basic. OK, so that's it for this lecture in this lecture I have taken you through Azure balancer and its capabilities. Next lecture is a lab where I'm going to show you how to create a standard load balancer and go through some of the configuration settings associated with the same. So if you have some time join me in the next lab.