Fundamentals of Azure Internal Load balancers (ILBs)


  1. Internal load balancing (ILB) enables you to run highly available services behind a private IP address

  2. Internal load balancers are only accessible only within a cloud service or Virtual Network (VNet)

    • This provides additional security on that endpoint.

Some questions I am hearing

  1. I am able to access internal load balancer using IP address but not via load balancer or service name?

    • See Accessing the ILB below
  2. Is there any option on Azure portal to view load balancer configuration?

    • Internal load balancing cannot be configured through the portal as of today, this will be supported in the future
    • However, it can be configured using powershell cmdlets.

      • ILB can be used in a deployment inside a Regional Virtual Network as well in a new deployment that is outside the Virtual Network
  3. How do I monitor the traffic and which server it is redirecting it to?

  4. How do I setup the probing and rules/alerts for it?

    • See the links below

ILB ENABLES THE FOLLOWING NEW TYPES OF LOAD BALANCING:

  1. Between virtual machines within a cloud service.

  2. Between virtual machines in different cloud services that are themselves contained within a virtual network.

  3. Between on-premises computers and virtual machines in a cross-premises virtual network.

Some diagrams

EXAMPLE OF A MULTI-TIER APPLICATION USING WEB SERVERS AS THE FRONT END AND DATABASE SERVERS AS THE BACK END IN A CLOUD SERVICE.

  1. Multi-Tier Web App

    elv3u2uu

    Figure 1: Architecture for a Multi-Tier Web App

ILB CAN PERFORM LOAD BALANCING FOR TRAFFIC FROM INTRANET CLIENTS

  1. Traffic from clients on the on-premises network get load-balanced across the set of LOB servers running in a cross-premises virtual network

  2. You don’t need a separate load balancer in the on-premises network or in the virtual network

    ujbhqgml

    Figure 2: Architecture for an Intranet Network

LOAD BALANCING ON-PREMISES SERVER TRAFFIC

  1. ILB also allows traffic from servers on the on-premises network to be load-balanced across virtual machines running in a cross-premises virtual network.

    zlwhdrcl

    Figure 3: Architecture for an On-Premises Network

FROM ON PREMISES

  1. When used within a Virtual Network the ILB endpoint is also accessible from on-premises and other inter-connected VNets allowing some powerful hybrid scenarios

ACCESSING THE ILB

FROM INSIDE A CLOUD SERVICE

  1. VMs inside a cloud service have private IP address spaces

  2. You can talk to the ILB using this private IP address

FROM WITHIN A VIRTUAL NETWORK

  1. A customer can specify a static VNet IP address

  2. A customer can retrieve the load balanced IP is acquired from a virtual subnet

  3. This allows you to be connected VNets through the secure IP Sec tunnel

Some useful links

Regional Virtual Networks http://azure.microsoft.com/blog/2014/05/14/regional-virtual-networks/#
Internal Load Balancing http://azure.microsoft.com/blog/2014/05/20/internal-load-balancing/#
Configure an internal load-balanced set http://msdn.microsoft.com/en-us/library/azure/dn690125.aspx#
Azure Load Balancer http://msdn.microsoft.com/en-us/library/azure/dn655058.aspx#
Configure a load-balanced set http://msdn.microsoft.com/en-us/library/azure/dn655055.aspx#

Comments (3)

  1. Ben says:

    How do you get the internal load balancer status? i.e. which VMs are currently servicing requests?

  2. Tristan says:

    Same question as Ben here – how can we see the current status of the ILB, and which members are flagged as up/down? It would also be useful to see history here, to identify for example whether a particular member has been flapping.

  3. Jesse says:

    Can someone provide a simple breakdown even a diagram of a multi-tier service?  Scenario includes 1 site Prod 1 site DR. 4 IaaS VMs internet facing located in US Central, 4 IaaS VMs internet facing located in US West, ATM For managing redundancy, ALB Over IaaS VMs or Cloud Service, what comes next?  Is ILB required to connect to the non internet exposed network to access backend SQL servers.  If someone can provide the information I'm looking for It would be greatly appreciated.