Azure Cloud - Ingress High Availability

Overview

The network load balancer that can be deployed in the Azure Cloud fits the architecture and features we are looking for as described in this article Ingress High Availability in Public Clouds . More details in Microsoft Documentation can be found at this link for those interested https://docs.microsoft.com/en-us/azure/load-balancer/components#frontend-ip-configurations.

Automated deployment into your Resource Group using Arm Template is described in 
this Github repo
NLB Azure README.

Important Notes: 

Add the following rule to the edge routers' ufw to allow in healthcheck probes, because the source IP is 168.63.129.16 and not the LB Frontend IP.

sudo ufw allow in to any port {#} proto {type} from 168.63.129.16

If you need public IPs to be assigned to your backend ERs, then you need the standard SKU type for the Public IP resources. Otherwise, you will need to remove them and use NAT Instance to reach internet.

 

Configuration Steps:

  1. Log into the Azure Cloud Console https://portal.azure.com/

  2. Navigate to home page and enter Load Balancer in the search area at the top of the screen

    b4132430-0460-4627-8586-4e8f0cb40f39.png
  3. Click on “Create Load Balancer” (Microsoft Load Balancer)

  4. Fill in the options as desired but the Type must be Internal.

    0358a2ed-e4ad-4f56-bedb-3bccefc5a4b8.png
  5. Hit “Review+create”

  6. Navigate to the LB Main Menu and add backend pool

    a61b0018-a622-4198-b093-4448de2d95c8.png
  7. Fill in the details and add ERs to it

    aafb8bae-4f20-445c-abc8-d91f07e05f6b.png
  8. Navigate to the health probes menu and hit the add button

    1d7a70e9-2219-4226-89bf-3191b3672d8c.png
  9. Fill in the details as required and hit the add button.

    3f2f7bfc-40f1-440b-9b77-fc727fb9cc5e.png
  10. Navigate to the LB main menu and add load balancing rules

    3d49caf4-85e3-405b-8722-bd6c093c026a.png
  11. Fill in the details as required and hit the add button

    1. Select HA ports required

    2. Session persistence - selection depends on which type of load balancing hash algorithm is required

    3. Floating IP and TCP Reset disabled

      e8d46c51-de2d-4db4-b041-e46f686419e8.png
  12. Update the routing table to point to the LB Front End Private IP for routes to be sent over NetFoundry Network.mceclip0.png

  13. Repeat this step for  every route you want to point to the load balancer.
Was this article helpful?
3 out of 3 found this helpful