Create a Windows Virtual Machine in Azure with a Load Balancer

This article guides you through the process of deploying a Windows Virtual Machine (VM) in Azure and configuring an Azure Load Balancer to distribute network traffic across multiple VM instances.

Overview

Azure Load Balancer is a Layer-4 load balancer that distributes incoming traffic across multiple healthy instances of services. This ensures high availability and responsiveness of your applications.

Prerequisites

An active Azure subscription. If you don't have one, create a free account.
Azure CLI or Azure PowerShell installed and configured.

Steps

Create a Resource Group

A resource group is a logical container into which Azure resources are deployed and managed. We'll create a new one for our VM and load balancer.

az group create --name myResourceGroup --location eastus

Create a Virtual Network and Subnet

A virtual network provides a private network space for your Azure resources. We need a subnet within this network for our VMs.

az network vnet create \
  --resource-group myResourceGroup \
  --name myVNet \
  --address-prefix 10.0.0.0/16 \
  --subnet-name mySubnet \
  --subnet-prefix 10.0.0.0/24
                    

Create a Public IP Address for the Load Balancer

The load balancer needs a public IP address to receive incoming traffic from the internet.

az network public-ip create \
  --resource-group myResourceGroup \
  --name myLoadBalancerIP \
  --allocation-method Static \
  --sku Standard
                    

Create the Azure Load Balancer

This command creates a Standard SKU load balancer with a frontend IP configuration pointing to the public IP address created in the previous step.

az network lb create \
  --resource-group myResourceGroup \
  --name myLoadBalancer \
  --sku Standard \
  --public-ip-address myLoadBalancerIP
                    

Configure a Backend Address Pool

The backend address pool contains the network interfaces of the VMs that will receive the traffic.

az network lb address-pool create \
  --resource-group myResourceGroup \
  --lb-name myLoadBalancer \
  --name myBackendPool
                    

Create a Health Probe

A health probe monitors the health of the backend VMs. If a VM is unhealthy, the load balancer stops sending traffic to it.

az network lb probe create \
  --resource-group myResourceGroup \
  --lb-name myLoadBalancer \
  --name myHealthProbe \
  --protocol Tcp \
  --port 80
                    

Create a Load Balancing Rule

This rule defines how traffic is distributed. We'll forward TCP traffic on port 80 to the backend pool.

az network lb rule create \
  --resource-group myResourceGroup \
  --lb-name myLoadBalancer \
  --name myHttpRule \
  --protocol Tcp \
  --frontend-port 80 \
  --backend-port 80 \
  --frontend-ip-name myLoadBalancerIP \
  --backend-pool-name myBackendPool \
  --probe-name myHealthProbe
                    

Create a Network Security Group (NSG)

An NSG acts as a firewall for your VM network interfaces. We'll open port 80 for HTTP traffic.

az network nsg create \
  --resource-group myResourceGroup \
  --name myNsg \
  --location eastus

az network nsg rule create \
  --resource-group myResourceGroup \
  --nsg-name myNsg \
  --name AllowHttp \
  --priority 100 \
  --protocol Tcp \
  --destination-port-range 80 \
  --access Allow
                    

Create the First Windows VM

Now, let's create the first Windows VM and associate it with the load balancer's backend pool and the NSG.

az vm create \
  --resource-group myResourceGroup \
  --name myVM1 \
  --image Win2019Datacenter \
  --vnet-name myVNet \
  --subnet mySubnet \
  --nsg myNsg \
  --lb myLoadBalancer \
  --backend-pool-name myBackendPool \
  --admin-username azureuser \
  --admin-password "YourStrongPassword123!" \
  --public-ip-sku Standard
                    

Replace "YourStrongPassword123!" with a strong password.

Create the Second Windows VM

Repeat the process for the second VM to ensure high availability.

az vm create \
  --resource-group myResourceGroup \
  --name myVM2 \
  --image Win2019Datacenter \
  --vnet-name myVNet \
  --subnet mySubnet \
  --nsg myNsg \
  --lb myLoadBalancer \
  --backend-pool-name myBackendPool \
  --admin-username azureuser \
  --admin-password "YourStrongPassword123!" \
  --public-ip-sku Standard
                    

Test the Load Balancer

Retrieve the public IP address of the load balancer and try accessing it via a web browser. You should see the default IIS welcome page on one of the VMs. Refreshing the page should distribute the traffic to the other VM.

az network public-ip show \
  --resource-group myResourceGroup \
  --name myLoadBalancerIP \
  --query ipAddress \
  --output tsv
                    

Access this IP address in your browser.

Clean up Resources

To avoid ongoing charges, delete the resource group when you are finished.

az group delete --name myResourceGroup --yes --no-wait

Azure Documentation

Virtual Machines