Load balancing refers to the practice of evenly distributing traffic load (incoming network traffic) across a group of backend resources or servers.
Azure Load Balancer operates at layer 4 of the Open Systems Interconnection (OSI) model. The Azure load balancer the single point of contact for clients. Load balancers distribute inbound flows that arrive at the load balancer’s front end to backend pool instances.
Deployment of an internal load balancer via powershell is broken down into the following components:
Deployment Steps:
Step 1 - Identity your target vnet
Identify your target vnet and place into a variable
$rgname = "allen-vnet"
$vnetname = "vnet-uaenorth"
$net = @{
Name = $vnetname
ResourceGroupName = $rgname
}
$vnet = Get-AzVirtualNetwork @net
Step 2 - Create a front-end IP
Create a front-end IP. This IP receives the incoming traffic on the load balancer and acts as your “front door”.
I am configuring the private ip adress with a 3 availability zones for redundancy. The ip address falls within the scope of my target internal subnet CIDR.
$lbfrontEnd = "ilb-frontend"
$privip = "10.0.1.69" #internal subnet location
$lbip = @{
Name = $lbfrontEnd
PrivateIpAddress = $privip
SubnetId = $vnet.subnets[0].Id
Zone = 1, 2, 3 # 3 availability zone
}
$feip = New-AzLoadBalancerFrontendIpConfig @lbip
Step 3 - Create backend address pool
Create backend address pool configuration and place into a variable.
$bepool = New-AzLoadBalancerBackendAddressPoolConfig `
-Name 'FGBackEndPool'
Step 4 - Create a health probe
The health probe is used for continually probing your backend targets / virtual machines / endpoints to make sure that they are healthy and reachable and so that they dont send traffic to dead back-endpoints.
$probe = @{
Name = 'HealthProbe-22'
Protocol = 'tcp'
Port = '22'
IntervalInSeconds = '360'
ProbeCount = '5'
}
$healthprobe = New-AzLoadBalancerProbeConfig @probe
Step 5 - Create the load balancer rule
The load balancer rule is what binds the front-end to the backend pool (and targets) and includes the middle pieces such as the health probes.
$lbrule = @{
Name = 'SSL-Rule'
Protocol = 'tcp'
FrontendPort = '443'
BackendPort = '443'
IdleTimeoutInMinutes = '5'
FrontendIpConfiguration = $feip
BackendAddressPool = $bePool
}
$rule = New-AzLoadBalancerRuleConfig @lbrule
Step 6 - Deploy a public load balancer instance
$rgNameILB = "allen-fgilb" #destination resource group
$ILBname = "fg-internal-lb"
$location = "uaenorth"
$loadbalancer = @{
ResourceGroupName = $rgNameILB
Name = $ILBname
Location = $location
Sku = 'Standard'
FrontendIpConfiguration = $feip
BackendAddressPool = $bePool
LoadBalancingRule = $rule
Probe = $healthprobe
}
New-AzLoadBalancer @loadbalancer
Step 7 - Manually add the backend targets Fortigate NGFW NVA's
Backend Pool > Add
Add both payg and byol scale sets to the backend pool on the internal load balancer > Save.
Step 8 - Go to Load Balancer Rules
Go to your load balancer rules:
High availability ports > enable,
Health probe > select your existing / pre-created health probe,
–End–
I went over this web site and I think you have a lot of fantastic info , saved to bookmarks (:.
I’d should examine with you here. Which isn’t one thing I usually do! I get pleasure from reading a submit that will make individuals think. Also, thanks for allowing me to comment!