High Availability in Azure

Posted: October 15, 2017 in Azure

Concepts

Load balancer can include one or more frontend IP addresses, otherwise known as a virtual IPs (VIPs). These IP addresses serve as ingress for the traffic.
Back-end address pool – these are IP addresses associated with the virtual machine Network Interface Card (NIC) to which load is distributed.
Load balancing rules – a rule property maps a given frontend IP and port combination to a set of backend IP addresses and port combination. A single load balancer can have multiple load balancing rules. Each rule is a combination of a frontend IP and port and backend IP and port associated with VMs.
Probes – probes enable you to keep track of the health of VM instances. If a health probe fails, the VM instance is taken out of rotation automatically.
Inbound rules – NAT rules defining the inbound traffic flowing through the frontend IP and distributed to the backend IP.

Creating Availability Set

Availability set is logical grouping of 2 or more Azure VM’s.While placing your virtual machines into an availability set does not protect your application from operating system or application-specific failures, it does limit the impact of potential physical hardware failures, network outages, or power interruptions.

In Azure portal click New-Availability set

Give it name and specify Resource Group

A Fault Domain defines set of Hyper-V hosts that could be affected by a physical failure such as a power source or network failure. 2 VMs in the same availability set means Azure will provision them in to 2 different racks so that if say, the network or the power failed, only one rack would be affected.

Update domain is set of physical hosts that Azure fabric can update and reboot at the same time without disrupting VM’s availability.Upgrade domains exist so when Microsoft rolls out a new software feature or bug fix, each upgrade domain is upgraded at different times. This ensures that if you have at least 2 instances, your service will never go down as the result of an upgrade.

Create 2 VM and associate it to Availability Set

Specify Availability Set

Creating Load Balancer

Click New and type Load balancer

Create New Load Balancer IP

Creating Backed Pool

All resources-Load Balancers-click on Load Balancer

Click on Backed pools-Add

Select Availability set-Add a target network IP configuration add VM’s

Creating Health Probes

These VM’s will host web site so we need to define criteria for Availability

Under Load balancers click on LB then on properties click on Click Health probes-add

Protocol HTTP-port 80

Set Interval for check and number of checks after which Load balancer will consider node as unhealthy

Creating Load Balancer Rules

Click on Load balancing rules under Load balancing properties

Select port Backed pool and Health Probe

Installing IIS on VM’s

We’ll use desired state configuration (DSC)

IISinstall.ps1 will be pushed to both VM’s

Configuration IISInstall
{
    Node localhost
   {
	WindowsFeature IIS
        {
	    Name = "Web-Server"
	    Ensure = "Present"
        } 
    }
}

To apply DSC to Azure Resource manager we’ll use another script:

Login-AzureRmAccount

Get-AzureRmSubscription

$resourceGroupName = (Get-AzureRmResourceGroup).ResourceGroupName
$location =(Get-AzureRmResourceGroup).Location

$storageAccount = (Get-AzureRmStorageAccount | Where-Object {($_.Location -eq $location) -and ($_.ResourceGroupName -eq $resourceGroupName) })[0]
$storageAccountKey = (Get-AzureRmStorageAccountKey -ResourceGroupName $resourceGroupName -Name $storageAccount.StorageAccountName).Value[0]

 

# we are using default container
$containerName = 'windows-powershell-dsc'

$configurationName = 'IISInstall'
#path to previous script
$configurationPath = "C:\Users\lap-top\Desktop\IISInstall.ps1"
#publish Azure DSC configuration to Azure storage account (it will generate zip file containing all scripts and
#upload it to Azure account

$moduleURL = Publish-AzureRmVMDscConfiguration -ConfigurationPath $configurationPath -ResourceGroupName $resourceGroupName -StorageAccountName $storageAccount.StorageAccountName -Force

#creating a shared access signature token that will provide access to archive configuration file in Azure storage account

$storageContext = New-AzureStorageContext -StorageAccountName $storageAccount.StorageAccountName -StorageAccountKey $storageAccountKey

#shared access signature is digitally signed string that identifies azure storage object
$sasToken = New-AzureStorageContainerSASToken -Name $containerName -Context $storageContext -Permission r

#creating a variable that contains settings for DSC archive,DSC configuration function and shared access token
$settingsHashTable = @{
"ModulesUrl" = "$moduleURL";
"ConfigurationFunction" = "$configurationName.ps1\$configurationName";
"SasToken" = "$sasToken"
}

$vmName1= 'your machine name'
$vmName2= 'your machine name 2'
$extensionName = 'DSC'
$extensionType = 'DSC'
$publisher = 'Microsoft.Powershell'
$typeHandlerVersion = '2.1'

Set-AzureRmVMExtension -ResourceGroupName $resourceGroupName -VMName $vmName1 -Location $storageAccount.Location `
-Name $extensionName -Publisher $publisher -ExtensionType $extensionType -TypeHandlerVersion $typeHandlerVersion `
-Settings $settingsHashTable

Set-AzureRmVMExtension -ResourceGroupName $resourceGroupName -VMName $vmName2 -Location $storageAccount.location `
-Name $extensionName -Publisher $publisher -ExtensionType $extensionType -TypeHandlerVersion $typeHandlerVersion `
-Settings $settingsHashTable

Save script ,connect to Azure and run it (for steps how to connect to Azure see one of previous posts