Quickstart: Een interne load balancer maken om taken van VM's te verdelen met behulp van een ARM-sjabloon

In deze quickstart leert u hoe u een Azure Resource Manager-sjabloon (ARM-sjabloon) gebruikt om een interne Azure-load balancer te maken. De interne load balancer verdeelt verkeer naar virtuele machines in een virtueel netwerk in de back-endpool van de load balancer. Naast de interne load balancer maakt deze sjabloon een virtueel netwerk, netwerkinterfaces, een NAT-gateway en een Azure Bastion-exemplaar.

Als u een ARM-sjabloon gebruikt, hoeft u minder stappen te voltooien in vergelijking met andere implementatiemethoden.

Een Azure Resource Manager-sjabloon is een JSON-bestand (JavaScript Object Notation) dat de infrastructuur en configuratie voor uw project definieert. Voor de sjabloon is declaratieve syntaxis vereist. U beschrijft de beoogde implementatie zonder de reeks programmeeropdrachten te schrijven om de implementatie te maken.

Als uw omgeving voldoet aan de vereisten en u benkend bent met het gebruik van ARM-sjablonen, selecteert u de knop Implementeren naar Azure. De sjabloon wordt in Azure Portal geopend.

Vereisten

Als u geen Azure-abonnement hebt, maakt u een gratis account voordat u begint.

De sjabloon controleren

De sjabloon die in deze quickstart wordt gebruikt, komt uit de Azure-quickstartsjablonen.

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "metadata": {
    "_generator": {
      "name": "bicep",
      "version": "0.27.1.19265",
      "templateHash": "14348520895393914284"
    }
  },
  "parameters": {
    "adminUsername": {
      "type": "string",
      "metadata": {
        "description": "Admin username"
      }
    },
    "adminPassword": {
      "type": "securestring",
      "metadata": {
        "description": "Admin password"
      }
    },
    "vmNamePrefix": {
      "type": "string",
      "defaultValue": "BackendVM",
      "metadata": {
        "description": "Prefix to use for VM names"
      }
    },
    "location": {
      "type": "string",
      "defaultValue": "[resourceGroup().location]",
      "metadata": {
        "description": "Location for all resources."
      }
    },
    "vmSize": {
      "type": "string",
      "defaultValue": "Standard_D2s_v3",
      "metadata": {
        "description": "Size of VM"
      }
    },
    "vNetAddressPrefix": {
      "type": "string",
      "defaultValue": "10.0.0.0/16",
      "metadata": {
        "description": "Virtual network address prefix"
      }
    },
    "vNetSubnetAddressPrefix": {
      "type": "string",
      "defaultValue": "10.0.0.0/24",
      "metadata": {
        "description": "Backend subnet address prefix"
      }
    },
    "vNetBastionSubnetAddressPrefix": {
      "type": "string",
      "defaultValue": "10.0.2.0/24",
      "metadata": {
        "description": "Bastion subnet address prefix"
      }
    },
    "lbPublicIPAddress": {
      "type": "string",
      "defaultValue": "10.0.0.6",
      "metadata": {
        "description": "Public IP address of load balancer"
      }
    }
  },
  "variables": {
    "natGatewayName": "lb-nat-gateway",
    "natGatewayPublicIPAddressName": "lb-nat-gateway-ip",
    "vNetName": "lb-vnet",
    "vNetSubnetName": "backend-subnet",
    "storageAccountType": "Standard_LRS",
    "storageAccountName": "[uniqueString(resourceGroup().id)]",
    "loadBalancerName": "internal-lb",
    "networkInterfaceName": "lb-nic",
    "numberOfInstances": 2,
    "lbSkuName": "Standard",
    "bastionName": "lb-bastion",
    "bastionSubnetName": "AzureBastionSubnet",
    "bastionPublicIPAddressName": "lb-bastion-ip"
  },
  "resources": [
    {
      "type": "Microsoft.Network/natGateways",
      "apiVersion": "2023-09-01",
      "name": "[variables('natGatewayName')]",
      "location": "[parameters('location')]",
      "sku": {
        "name": "Standard"
      },
      "properties": {
        "idleTimeoutInMinutes": 4,
        "publicIpAddresses": [
          {
            "id": "[resourceId('Microsoft.Network/publicIPAddresses', variables('natGatewayPublicIPAddressName'))]"
          }
        ]
      },
      "dependsOn": [
        "[resourceId('Microsoft.Network/publicIPAddresses', variables('natGatewayPublicIPAddressName'))]"
      ]
    },
    {
      "type": "Microsoft.Network/publicIPAddresses",
      "apiVersion": "2023-09-01",
      "name": "[variables('natGatewayPublicIPAddressName')]",
      "location": "[parameters('location')]",
      "sku": {
        "name": "Standard"
      },
      "properties": {
        "publicIPAddressVersion": "IPv4",
        "publicIPAllocationMethod": "Static",
        "idleTimeoutInMinutes": 4
      }
    },
    {
      "type": "Microsoft.Network/virtualNetworks",
      "apiVersion": "2023-09-01",
      "name": "[variables('vNetName')]",
      "location": "[parameters('location')]",
      "properties": {
        "addressSpace": {
          "addressPrefixes": [
            "[parameters('vNetAddressPrefix')]"
          ]
        }
      }
    },
    {
      "type": "Microsoft.Network/virtualNetworks/subnets",
      "apiVersion": "2023-09-01",
      "name": "[format('{0}/{1}', variables('vNetName'), variables('bastionSubnetName'))]",
      "properties": {
        "addressPrefix": "[parameters('vNetBastionSubnetAddressPrefix')]"
      },
      "dependsOn": [
        "[resourceId('Microsoft.Network/virtualNetworks', variables('vNetName'))]"
      ]
    },
    {
      "type": "Microsoft.Network/virtualNetworks/subnets",
      "apiVersion": "2023-09-01",
      "name": "[format('{0}/{1}', variables('vNetName'), variables('vNetSubnetName'))]",
      "properties": {
        "addressPrefix": "[parameters('vNetSubnetAddressPrefix')]",
        "natGateway": {
          "id": "[resourceId('Microsoft.Network/natGateways', variables('natGatewayName'))]"
        }
      },
      "dependsOn": [
        "[resourceId('Microsoft.Network/natGateways', variables('natGatewayName'))]",
        "[resourceId('Microsoft.Network/virtualNetworks', variables('vNetName'))]"
      ]
    },
    {
      "type": "Microsoft.Network/bastionHosts",
      "apiVersion": "2023-09-01",
      "name": "[variables('bastionName')]",
      "location": "[parameters('location')]",
      "properties": {
        "ipConfigurations": [
          {
            "name": "IpConf",
            "properties": {
              "privateIPAllocationMethod": "Dynamic",
              "publicIPAddress": {
                "id": "[resourceId('Microsoft.Network/publicIPAddresses', variables('bastionPublicIPAddressName'))]"
              },
              "subnet": {
                "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vNetName'), variables('bastionSubnetName'))]"
              }
            }
          }
        ]
      },
      "dependsOn": [
        "[resourceId('Microsoft.Network/publicIPAddresses', variables('bastionPublicIPAddressName'))]",
        "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vNetName'), variables('bastionSubnetName'))]"
      ]
    },
    {
      "type": "Microsoft.Network/publicIPAddresses",
      "apiVersion": "2023-09-01",
      "name": "[variables('bastionPublicIPAddressName')]",
      "location": "[parameters('location')]",
      "sku": {
        "name": "[variables('lbSkuName')]"
      },
      "properties": {
        "publicIPAddressVersion": "IPv4",
        "publicIPAllocationMethod": "Static"
      }
    },
    {
      "copy": {
        "name": "networkInterface",
        "count": "[length(range(0, variables('numberOfInstances')))]"
      },
      "type": "Microsoft.Network/networkInterfaces",
      "apiVersion": "2023-09-01",
      "name": "[format('{0}{1}', variables('networkInterfaceName'), range(0, variables('numberOfInstances'))[copyIndex()])]",
      "location": "[parameters('location')]",
      "properties": {
        "ipConfigurations": [
          {
            "name": "ipconfig1",
            "properties": {
              "privateIPAllocationMethod": "Dynamic",
              "subnet": {
                "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vNetName'), variables('vNetSubnetName'))]"
              },
              "loadBalancerBackendAddressPools": [
                {
                  "id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools', variables('loadBalancerName'), 'BackendPool1')]"
                }
              ]
            }
          }
        ]
      },
      "dependsOn": [
        "[resourceId('Microsoft.Network/loadBalancers', variables('loadBalancerName'))]",
        "[resourceId('Microsoft.Network/virtualNetworks', variables('vNetName'))]",
        "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vNetName'), variables('vNetSubnetName'))]"
      ]
    },
    {
      "type": "Microsoft.Network/loadBalancers",
      "apiVersion": "2023-09-01",
      "name": "[variables('loadBalancerName')]",
      "location": "[parameters('location')]",
      "sku": {
        "name": "Standard"
      },
      "properties": {
        "frontendIPConfigurations": [
          {
            "properties": {
              "subnet": {
                "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vNetName'), variables('vNetSubnetName'))]"
              },
              "privateIPAddress": "[parameters('lbPublicIPAddress')]",
              "privateIPAllocationMethod": "Static"
            },
            "name": "LoadBalancerFrontend"
          }
        ],
        "backendAddressPools": [
          {
            "name": "BackendPool1"
          }
        ],
        "loadBalancingRules": [
          {
            "properties": {
              "frontendIPConfiguration": {
                "id": "[resourceId('Microsoft.Network/loadBalancers/frontendIpConfigurations', variables('loadBalancerName'), 'LoadBalancerFrontend')]"
              },
              "backendAddressPool": {
                "id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools', variables('loadBalancerName'), 'BackendPool1')]"
              },
              "probe": {
                "id": "[resourceId('Microsoft.Network/loadBalancers/probes', variables('loadBalancerName'), 'lbprobe')]"
              },
              "protocol": "Tcp",
              "frontendPort": 80,
              "backendPort": 80,
              "idleTimeoutInMinutes": 15
            },
            "name": "lbrule"
          }
        ],
        "probes": [
          {
            "properties": {
              "protocol": "Tcp",
              "port": 80,
              "intervalInSeconds": 15,
              "numberOfProbes": 2
            },
            "name": "lbprobe"
          }
        ]
      },
      "dependsOn": [
        "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vNetName'), variables('vNetSubnetName'))]"
      ]
    },
    {
      "type": "Microsoft.Storage/storageAccounts",
      "apiVersion": "2023-01-01",
      "name": "[variables('storageAccountName')]",
      "location": "[parameters('location')]",
      "sku": {
        "name": "[variables('storageAccountType')]"
      },
      "kind": "StorageV2"
    },
    {
      "copy": {
        "name": "vm",
        "count": "[length(range(0, variables('numberOfInstances')))]"
      },
      "type": "Microsoft.Compute/virtualMachines",
      "apiVersion": "2023-09-01",
      "name": "[format('{0}{1}', parameters('vmNamePrefix'), range(0, variables('numberOfInstances'))[copyIndex()])]",
      "location": "[parameters('location')]",
      "properties": {
        "hardwareProfile": {
          "vmSize": "[parameters('vmSize')]"
        },
        "osProfile": {
          "computerName": "[format('{0}{1}', parameters('vmNamePrefix'), range(0, variables('numberOfInstances'))[copyIndex()])]",
          "adminUsername": "[parameters('adminUsername')]",
          "adminPassword": "[parameters('adminPassword')]"
        },
        "storageProfile": {
          "imageReference": {
            "publisher": "MicrosoftWindowsServer",
            "offer": "WindowsServer",
            "sku": "2019-Datacenter",
            "version": "latest"
          },
          "osDisk": {
            "createOption": "FromImage"
          }
        },
        "networkProfile": {
          "networkInterfaces": [
            {
              "id": "[resourceId('Microsoft.Network/networkInterfaces', format('{0}{1}', variables('networkInterfaceName'), range(0, variables('numberOfInstances'))[range(0, variables('numberOfInstances'))[copyIndex()]]))]"
            }
          ]
        },
        "diagnosticsProfile": {
          "bootDiagnostics": {
            "enabled": true,
            "storageUri": "[reference(resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName')), '2023-01-01').primaryEndpoints.blob]"
          }
        }
      },
      "dependsOn": [
        "[resourceId('Microsoft.Network/networkInterfaces', format('{0}{1}', variables('networkInterfaceName'), range(0, variables('numberOfInstances'))[range(0, variables('numberOfInstances'))[copyIndex()]]))]",
        "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]"
      ]
    }
  ],
  "outputs": {
    "location": {
      "type": "string",
      "value": "[parameters('location')]"
    },
    "name": {
      "type": "string",
      "value": "[variables('loadBalancerName')]"
    },
    "resourceGroupName": {
      "type": "string",
      "value": "[resourceGroup().name]"
    },
    "resourceId": {
      "type": "string",
      "value": "[resourceId('Microsoft.Network/loadBalancers', variables('loadBalancerName'))]"
    }
  }
}

Er zijn meerdere Azure-resources gedefinieerd in de sjabloon:

• Microsoft.Network/virtualNetworks: Virtueel netwerk voor load balancer en virtuele machines.
• Microsoft.Network/networkInterfaces: Netwerkinterfaces voor virtuele machines.
• Microsoft.Network/loadBalancers: Interne load balancer.
• Microsoft.Network/natGateways
• Microsoft.Network/publicIPAddresses: openbare IP-adressen voor de NAT-gateway en Azure Bastion.
• Microsoft.Compute/virtualMachines: Virtuele machines in de back-endpool.
• Microsoft.Network/bastionHosts: Azure Bastion-exemplaar.
• Microsoft.Network/virtualNetworks/subnetten: Subnetten voor het virtuele netwerk.
• Microsoft.Storage/storageAccounts: Opslagaccount voor de virtuele machines.

Zie Azure-quickstartsjablonen als u meer sjablonen wilt vinden die gerelateerd zijn aan Azure Load Balancer.

De sjabloon implementeren

In deze stap implementeert u de sjabloon met behulp van Azure PowerShell met de [New-AzResourceGroupDeployment](/powershell/module/az.resources/new-azresourcegroupdeployment) opdracht.

1. Selecteer Proberen in het volgende codeblok om Azure Cloud Shell te openen en volg de instructies om u aan te melden bij Azure.

2. Implementeer het Bicep-bestand met behulp van Azure CLI of Azure PowerShell.

   CLI

    echo "Enter a project name with 12 or less letters or numbers that is used to generate Azure resource names"
    read projectName
    echo "Enter the location (i.e. centralus)"
    read location
   
    resourceGroupName="${projectName}rg"
    templateUri="https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.network/internal-loadbalancer-create/azuredeploy.json"
   
    az group create --name $resourceGroupName --location $location
    az deployment group create --resource-group $resourceGroupName --template-uri $templateUri --name $projectName --parameters location=$location
   
    read -p "Press [ENTER] to continue."
   

   Powershell

   $projectName = Read-Host -Prompt "Enter a project name with 12 or less letters or numbers that is used to generate Azure resource names"
   $location = Read-Host -Prompt "Enter the location (i.e. centralus)"
   
   $resourceGroupName = "${projectName}rg"
   $templateUri = "https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/quickstarts/microsoft.network/internal-loadbalancer-create/azuredeploy.json"
   
   New-AzResourceGroup -Name $resourceGroupName -Location $location
   New-AzResourceGroupDeployment -ResourceGroupName $resourceGroupName -TemplateUri $templateUri -Name $projectName -location $location
   
   Write-Host "Press [ENTER] to continue."
   

   U wordt gevraagd de volgende waarden in te voeren:

   • projectName: wordt gebruikt voor het genereren van resourcenamen.
   • adminUsername: gebruikersnaam van de beheerder van de virtuele machine.
   • adminPassword: beheerderswachtwoord voor virtuele machines.

Het duurt ongeveer 10 minuten om de sjabloon te implementeren.

Azure PowerShell of Azure CLI wordt gebruikt om de sjabloon te implementeren. U kunt ook de Azure-portal en REST API gebruiken. Zie Sjablonen implementeren voor meer informatie over andere implementatiemethoden.

Geïmplementeerde resources bekijken

Gebruik Azure CLI of Azure PowerShell om de geïmplementeerde resources in de resourcegroep weer te geven met de volgende opdrachten:

CLI

az resource list --resource-group $resourceGroupName

Powershell

Get-AzResource -ResourceGroupName $resourceGroupName

Resources opschonen

Wanneer u deze niet meer nodig hebt, gebruikt u Azure CLI of Azure PowerShell om de resourcegroep en de bijbehorende resources te verwijderen met de volgende opdrachten:

CLI

Remove-AzResourceGroup -Name "${projectName}rg"

Powershell

Remove-AzResourceGroup -Name CreateIntLBQS-rg

Volgende stappen

Zie voor een stapsgewijze zelfstudie die u door het proces van het maken van een sjabloon leidt:

Uw eerste ARM-sjabloon maken en implementeren