Create a public load balancer with an IP-based backend

This Edition will teach us how to create a public load balancer with an IP-based backend pool.

Traditionally, an Azure Load Balancer deployment uses virtual machines' network interfaces. However, an IP-based backend allows virtual machines to be added to the backend using their IP addresses.

This Example will guide you through the following steps:

• Creating a virtual network
• Setting up a NAT gateway for outbound connectivity
• Deploying an Azure Load Balancer
• Configuring an IP-based backend pool
• Creating two virtual machines
• Testing the load balancer

Create a Virtual Network

In this section, we will set up a virtual network to support the load balancer, NAT gateway, and virtual machines.

1. Sign in to the Azure portal.

2. In the upper-left corner, select Create a resource and search for Virtual network in the search box.

3. On the Marketplace page, select Create > Virtual network.

4. In the Create Virtual Network page, go to the Basics tab and fill in the necessary details.

5. Navigate to the IP Addresses tab or select Next: IP Addresses at the bottom of the page, then enter the required IP address settings.

6. Under Subnets, select + Add subnet and enter the necessary subnet information.

7. Click Add to confirm.

8. Proceed to the Security tab.

9. Under BastionHost, enable BastionHost and enter any required details.

10. Select the Review + create tab or click Review + create.

11. Finally, select Create to complete the setup.

Create a NAT Gateway

In this section, we will create a NAT gateway and assign it to the subnet in the virtual network you previously set up.

1. On the upper-left corner of the Azure portal, search for NAT gateway in the search box.

2. On the Marketplace page, select Create > NAT gateway.

3. In the Create network address translation (NAT) gateway page, go to the Basics tab and fill in the required details.

4. Navigate to the Outbound IP tab or click Next: Outbound IP at the bottom of the page, then enter or select the necessary outbound IP settings.

5. Proceed to the Subnet tab or click Next: Subnet.

6. In the Subnet tab:

- Select myVNet from the Virtual network dropdown.

- Check the box next to myBackendSubnet.

7. Go to the Review + Create tab or click the Review + Create button.

8. Click Create to deploy the NAT gateway.

Create a Load Balancer

In this section, you will create a zone-redundant load balancer to distribute traffic across virtual machines. This setup ensures that as long as one availability zone in the region is healthy, the data path will remain intact even if other zones fail.

During the creation process, you will configure:

- Frontend IP address

- Backend pool

- Inbound load-balancing rules

1. In the search bar at the top of the Azure portal, type Load balancers and select Load balancers from the results.

2. On the Load balancer page, click + Create.

3. In the Basics tab of the Create load balancer page, fill in the necessary information and select Next: Frontend IP configuration at the bottom.

4. Under Frontend IP configuration, click + Add a Frontend IP configuration.

- Enter myLoadBalancerFrontend for Name.

- Choose IPv4 or IPv6 for IP version.

- Select the IP address as the IP type.

- Click Create New for Public IP address.

5. In Add a public IP address:

- Enter myPublicIP-LB for Name.

- Choose Zone-redundant for Availability zone.

- Keep Microsoft Network as the default for Routing preference.

- Click OK.

6. Click Add to finalize the frontend IP configuration.

7. Select Next: Backend pools at the bottom of the page.

8. In the Backend Pools tab, click + Add a Backend Pool.

- Enter myBackendPool for Name.

- Choose myVNet (myResourceGroup) for the Virtual network.

- Select IP Address for Backend Pool Configuration.

- Click Save.

9. Click Next: Inbound rules at the bottom of the page.

10. Under Inbound rules, click + Add a load balancing rule.

- Enter or select the required information for the rule.

- Click Add.

11. Click the Review + Create button at the bottom.

12. Select Create to deploy the load balancer.

Create Virtual Machines

In this section, you will create two virtual machines (VMs), named myVM1 and myVM2, in different availability zones (Zone 1 and Zone 2). These VMs will be added to the backend pool of the previously created load balancer.

1. In the Azure portal search bar, type Virtual machines and select it from the results.

2. Click + Create > Azure virtual machine.

3. In the Create a Virtual Machine page, go to the Basics tab and input the required values.

4. Navigate to the Networking tab by selecting Next: Disks and then Next: Networking.

5. In the Networking tab, ensure you select or enter the appropriate values for network configuration.

6. Click Review + create.

7. Review all the settings, then click Create to deploy myVM1.

8. Repeat steps 1 to 7 to create myVM2 using the same configuration as myVM1, but adjust the zone to Zone 2 and any other necessary changes.

Install IIS

1. In the Azure portal, select All Services from the left-hand menu and choose All Resources. From the resources list, select myVM1 located in the myResourceGroup resource group.

2. On the Overview page, click Connect and then choose Bastion.

3. Click Use Bastion.

4. Enter the username and password used during the VM's creation.

5. Click Connect.

6. On the server desktop, navigate to Windows Administrative Tools and open Windows PowerShell.

7. In the PowerShell window, run the following commands to:

- Install the IIS server.

- Remove the default iisstart.htm file.

- Add a new iisstart.htm file displaying the VM's name.

# Install IIS server role

Install-WindowsFeature -name Web-Server -IncludeManagementTools

# Remove the default htm file

Remove-Item C:\inetpub\wwwroot\iisstart.htm

# Add a new htm file that displays the server name

Add-Content -Path "C:\inetpub\wwwroot\iisstart.htm" -Value $("Hello World from " + $env:computername)

8. Close the Bastion session with myVM1.

9. Repeat steps 1 to 8 to install IIS and update the iisstart.htm file on myVM2.

Test the Load Balancer

1. Locate the public IP address for the load balancer by selecting All services from the left-hand menu, choosing All resources, and then selecting myPublicIP-LB.

2. Copy the public IP address and paste it into your web browser's address bar. The default IIS web server page should be displayed.

3. To verify that the load balancer is distributing traffic, force-refresh the web page in your browser to see responses from myVM2.

Clean Up Resources

If you do not plan to use this setup further, follow these steps to delete the virtual network, VMs, and NAT gateway:

1. From the left-hand menu, select Resource Groups.

2. Choose the myResourceGroup resource group.

3. Click Delete resource group.

4. Enter myResourceGroup to confirm and select Delete.