Create a global load balancer with cross-subscription backends
In this article, you learn how to create a global load balancer with cross-subscription backends.
A cross-subscription load balancer can reference a virtual network that resides in a different subscription other than the load balancers. This feature allows you to deploy a load balancer in one subscription and reference a virtual network in another subscription.
Prerequisites
- Two Azure subscriptions.
- An Azure account with active subscriptions. Create an account for free
- A global public IP address deployed in Azure Subscription A.
- A regional load balancer deployed in Azure Subscription B.
- Azure PowerShell installed locally or Azure Cloud Shell.
If you choose to install and use PowerShell locally, this article requires the Azure PowerShell module version 5.4.1 or later. Run Get-Module -ListAvailable Az
to find the installed version. If you need to upgrade, see Install Azure PowerShell module. If you're running PowerShell locally, you also need to run Connect-AzAccount
to create a connection with Azure.
Important
All of the code samples will use example names and placeholders. Be sure to replace these with the values from your environment.
The values needing replacement will be enclosed in angle brackets, like this: <example value>
.
Sign in to Azure
With Azure PowerShell, you sign into Azure with Connect-AzAccount
, and change your subscription context with Set-AzContext
to Azure Subscription A. Then get the regional load balancer information with Get-AzLoadBalancer
and `Get-AzLoadBalancerFrontendIpConfig. You need the Azure subscription ID, resource group name, and virtual network name from your environment.
# Sign in to Azure
Connect-AzAccount
# Set the subscription context to Azure Subscription A
Set-AzContext -Subscription '<Azure Subscription A>'
# Get the Virtual Network information with Get-AzVirtualNetwork
$rlb= @{
Name = '<regional load balancer name>'
ResourceGroupName = '<Resource Group Subscription A>'
}
$RLB-info = Get-AzLoadBalancer @rlb
$RLBFE = Get-AzLoadBalancerFrontendIpConfig @ RLB-info
Create a resource group
In this section, you create a resource group in Azure Subscription B. This resource group is for all of your resources associate with your load balancer.
With Azure PowerShell, you switch the subscription context with Set-AzContext
and create a resource group with New-AzResourceGroup
.
# Set the subscription context to Azure Subscription B
Set-AzContext -Subscription '<Azure Subscription B>'
# Create a resource group
$rg = @{
Name = 'myResourceGroupLB'
Location = 'westus'
}
New-AzResourceGroup @rg
Note
When create the resource group for your load balancer, use the same Azure region as the virtual network in Azure Subscription A.
Create a global load balancer
In this section, you create the resources needed for the cross-region load balancer. A global standard sku public IP is used for the frontend of the cross-region load balancer.
With Azure PowerShell, you:
- Use
New-AzPublicIpAddress
to create the public IP address. - Create a frontend IP configuration with
New-AzLoadBalancerFrontendIpConfig
. - Create a backend address pool with
New-AzLoadBalancerBackendAddressPoolConfig
. - Create a load balancer rule with
Add-AzLoadBalancerRuleConfig
. - Create a global load Balancer with
New-AzLoadBalancer
.
# Create global IP address for load balancer
$ip = @{
Name = 'myPublicIP-CR'
ResourceGroupName = ‘ Resource Group B’
Location = 'eastus2'
Sku = 'Standard'
Tier = 'Global'
AllocationMethod = 'Static'
}
$publicIP = New-AzPublicIpAddress @ip
# Create frontend configuration
$fe = @{
Name = 'myFrontEnd-CR'
PublicIpAddress = $publicIP
}
$feip = New-AzLoadBalancerFrontendIpConfig @fe
# Create backend address pool
$be = @{
Name = 'myBackEndPool-CR'
}
$bepool = New-AzLoadBalancerBackendAddressPoolConfig @be
# Create the load balancer rule
$rul = @{
Name = 'myHTTPRule-CR'
Protocol = 'tcp'
FrontendPort = '80'
BackendPort = '80'
FrontendIpConfiguration = $feip
BackendAddressPool = $bepool
}
$rule = New-AzLoadBalancerRuleConfig @rul
# Create cross-region load balancer resource
$lbp = @{
ResourceGroupName = ‘ Resource Group B’
Name = 'myLoadBalancer-CR'
Location = ‘eastus2’
Sku = 'Standard'
Tier = 'Global'
FrontendIpConfiguration = $feip
BackendAddressPool = $bepool
LoadBalancingRule = $rule
}
$lb = New-AzLoadBalancer @lbp
Add load balancer frontends to cross-region load balancer
In this section, you add a frontend IP configuration to the cross-region load balancer.
With Azure PowerShell, you:
- Use
Set-AzLoadBalancerFrontendIpConfig
to add the regional load balancer frontend to the cross-region backend pool. - Use
New-AzLoadBalancerBackendAddressConfig
to create the backend address pool configuration for the load balancer.
## Create the cross-region backend address pool configuration for region 2 ##
$RLB-BAF = @{
Name = 'MyBackendPoolConfig-RLB'
LoadBalancerFrontendIPConfigurationId = $RLBFE.Id
}
$beaddressconfigRLB = New-AzLoadBalancerBackendAddressConfig @region2ap
## Apply the backend address pool configuration for the cross-region load balancer ##
$bepoolcr = @{
ResourceGroupName = ‘ Resource Group B’
LoadBalancerName = 'myLoadBalancer-CR'
Name = 'myBackEndPool-CR'
LoadBalancerBackendAddress = $beaddressconfigRLB
}
Set-AzLoadBalancerBackendAddressPool @bepoolcr