MSDN Documentation

Azure Load Balancing

Load balancing distributes network traffic across multiple virtual machines or services, enhancing availability, performance, and scalability of your applications.

What is Load Balancing?

In Azure, load balancing is achieved through services that act as a single point of contact for clients. These services distribute incoming network traffic to a pool of backend resources, such as virtual machines or containers. This ensures that no single resource is overwhelmed and that your application remains available even if one or more backend instances fail.

Types of Azure Load Balancers

Azure offers several load balancing solutions tailored to different needs:

  • Azure Load Balancer: A Layer 4 (TCP/UDP) load balancer that distributes traffic based on IP address and port. It's ideal for high-performance, low-latency scenarios.
  • Azure Application Gateway: A Layer 7 (HTTP/HTTPS) load balancer that provides advanced routing capabilities, including SSL termination, cookie-based session affinity, and URL-based routing.
  • Azure Traffic Manager: A DNS-based traffic load balancer that distributes traffic to endpoints in different Azure regions, improving application availability and responsiveness.
  • Azure Front Door: A modern cloud CDN and application acceleration platform that provides global, scalable entry-point services to quickly improve the performance and availability of your web applications.

Azure Load Balancer

Azure Load Balancer is a regional service that distributes inbound and outbound traffic flowing over Azure. It can balance traffic across multiple virtual machines and services. Key features include:

  • High availability and fault tolerance
  • Low latency and high throughput
  • Standard Load Balancer SKU provides public and internal load balancing, network address translation (NAT) for inbound and outbound connections, and health probes.
  • Basic Load Balancer SKU offers inbound NAT rules and outbound connectivity.

Creating an Azure Load Balancer

You can create an Azure Load Balancer through the Azure portal, Azure CLI, PowerShell, or ARM templates. The process typically involves:

  1. Defining frontend IP configurations.
  2. Creating backend IP pools.
  3. Configuring health probes to monitor the health of backend instances.
  4. Defining load balancing rules to map frontend to backend traffic.
  5. Configuring inbound NAT rules (optional).
Tip: For high availability, ensure your backend pool contains at least two virtual machines, preferably in different Availability Zones.

Azure Application Gateway

Azure Application Gateway is a managed web traffic load balancer that enables you to manage traffic to your web applications. It offers:

  • Layer 7 load balancing (HTTP/HTTPS)
  • Web Application Firewall (WAF) for security
  • SSL termination
  • Cookie-based session affinity
  • URL-based content routing
  • WebSockets and HTTP/2 support

Application Gateway vs. Azure Load Balancer

Choose Application Gateway when you need:

  • To perform URL-based routing.
  • To offload SSL/TLS.
  • To use Web Application Firewall (WAF).
  • To handle HTTP/2 traffic.

Choose Azure Load Balancer when you need:

  • To load balance TCP or UDP traffic.
  • To achieve very low latency.
  • A simpler Layer 4 solution.
Note: Application Gateway is a Layer 7 service, while Azure Load Balancer operates at Layer 4.

Example Scenario: Web Application Deployment

Consider a web application deployed on multiple virtual machines. To ensure high availability and scalability:

  1. Create a Virtual Network.
  2. Deploy virtual machines into an Availability Set or Availability Zones.
  3. Create an Azure Load Balancer (Standard SKU).
  4. Configure a frontend IP address for the Load Balancer.
  5. Create a backend pool containing the virtual machines.
  6. Define a health probe to check the web server's status (e.g., on port 80).
  7. Create a load balancing rule to forward incoming HTTP traffic (port 80) from the frontend to the backend pool.

Configuration Snippet (Azure CLI)

Here's a basic example of creating a Load Balancer using Azure CLI:

az network lb create \
    --resource-group myResourceGroup \
    --name myLoadBalancer \
    --sku Standard \
    --public-ip-address myPublicIP

az network lb frontend-ip create \
    --resource-group myResourceGroup \
    --lb-name myLoadBalancer \
    --name myFrontendIP \
    --public-ip-address myPublicIP

az network lb probe create \
    --resource-group myResourceGroup \
    --lb-name myLoadBalancer \
    --name myHealthProbe \
    --protocol Tcp \
    --port 80

az network lb rule create \
    --resource-group myResourceGroup \
    --lb-name myLoadBalancer \
    --name myHTTPRule \
    --protocol Tcp \
    --frontend-port 80 \
    --backend-port 80 \
    --frontend-ip-name myFrontendIP \
    --probe-name myHealthProbe \
    --backend-pool-name myBackendPool # Assuming myBackendPool exists

Best Practices

  • Use Standard Load Balancer for production workloads due to its advanced features and availability guarantees.
  • Implement robust health probes to ensure traffic is only sent to healthy instances.
  • Consider using Application Gateway for HTTP/HTTPS traffic requiring advanced routing and security features.
  • For global distribution, leverage Azure Traffic Manager or Azure Front Door.
  • Configure Network Security Groups (NSGs) to control traffic flow to your backend resources.