Overview
The network load balancer that can be deployed in the Azure Cloud fits the architecture and features we are looking for as described in this article Ingress High Availability in Public Clouds . More details in Microsoft Documentation can be found at this link for those interested https://docs.microsoft.com/en-us/azure/load-balancer/components#frontend-ip-configurations.
Automated deployment into your Resource Group using Arm Template is described in
this Github repo NLB Azure README.
Important Notes:
Add the following rule to the edge routers' ufw to allow in healthcheck probes, because the source IP is 168.63.129.16 and not the LB Frontend IP.
sudo ufw allow in to any port {#} proto {type} from 168.63.129.16
If you need public IPs to be assigned to your backend ERs, then you need the standard SKU type for the Public IP resources. Otherwise, you will need to remove them and use NAT Instance to reach internet.
FQDN Based Service
Please see the DNS Resolution Section in the Ingress Cloud HA Article for more details
Configuration Steps:
-
Log into the Azure Cloud Console https://portal.azure.com/
-
Navigate to home page and enter Load Balancer in the search area at the top of the screen
-
Click on “Create Load Balancer” (Microsoft Load Balancer)
-
Fill in the options as indicated, i.e. standard, internal, regional.
-
Navigate to Frontend IP Configuration and fill in the details
-
Navigate to Load Balancing Configuration and fill in the details
-
Select HA ports required
-
Session persistence - None to use 5 Tuple hash
-
Floating IP and TCP Reset unchecked
-
-
Navigate to the health probe menu, which is part of the load balancing option. Fill in the details
- Add BE Routers
- Update the routing table to point to the LB Front End Private IP for routes to be sent over NetFoundry Network.
- Repeat this step for every route you want to point to the load balancer.