Overview
The network load balancer that can be deployed in the Azure Cloud fits the architecture and features we are looking for as described in this article Ingress High Availability in Public Clouds . More details in Microsoft Documentation can be found at this link for those interested https://docs.microsoft.com/en-us/azure/load-balancer/components#frontend-ip-configurations.
Automated deployment into your Resource Group using Arm Template is described in
this Github repo NLB Azure README.
Important Notes:
Add the following rule to the edge routers' ufw to allow in healthcheck probes, because the source IP is 168.63.129.16 and not the LB Frontend IP.
sudo ufw allow in to any port {#} proto {type} from 168.63.129.16
If you need public IPs to be assigned to your backend ERs, then you need the standard SKU type for the Public IP resources. Otherwise, you will need to remove them and use NAT Instance to reach internet.
Configuration Steps:
-
Log into the Azure Cloud Console https://portal.azure.com/
-
Navigate to home page and enter Load Balancer in the search area at the top of the screen
-
Click on “Create Load Balancer” (Microsoft Load Balancer)
-
Fill in the options as desired but the Type must be Internal.
-
Hit “Review+create”
-
Navigate to the LB Main Menu and add backend pool
-
Fill in the details and add ERs to it
-
Navigate to the health probes menu and hit the add button
-
Fill in the details as required and hit the add button.
-
Navigate to the LB main menu and add load balancing rules
-
Fill in the details as required and hit the add button
-
Select HA ports required
-
Session persistence - selection depends on which type of load balancing hash algorithm is required
-
Floating IP and TCP Reset disabled
-
-
Update the routing table to point to the LB Front End Private IP for routes to be sent over NetFoundry Network.
- Repeat this step for every route you want to point to the load balancer.