使用模板部署分配了 IPv6 的面向 Internet 的负载均衡器解决方案Deploy an Internet-facing load-balancer solution with IPv6 using a template

备注

本文介绍了一项简介性的 IPv6 功能,该功能允许基本负载均衡器提供 IPv4 和 IPv6 连接。This article describes an introductory IPv6 feature to allow Basic Load Balancers to provide both IPv4 and IPv6 connectivity. 适用于 Azure VNET 的 IPv6 现在提供综合性 IPv6 连接,可以将 IPv6 连接与虚拟网络集成,包含 IPv6 网络安全组规则、IPv6 用户定义路由、IPv6 基本和标准负载均衡等关键功能。Comprehensive IPv6 connectivity is now available with IPv6 for Azure VNETs which integrates IPv6 connectivity with your Virtual Networks and includes key features such as IPv6 Network Security Group rules, IPv6 User-defined routing, IPv6 Basic and Standard load balancing, and more. 适用于 Azure VNET 的 IPv6 是建议用于 Azure 中的 IPv6 应用程序的标准。IPv6 for Azure VNETs is the recommended standard for IPv6 applications in Azure. 请参阅适用于 Azure VNET PowerShell 部署的 IPv6See IPv6 for Azure VNET Powershell Deployment

Azure load balancer 是位于第 4 层 (TCP, UDP) 的负载均衡器。An Azure load balancer is a Layer-4 (TCP, UDP) load balancer. 该负载均衡器可以在云服务或负载均衡器集的虚拟机中运行状况良好的服务实例之间分配传入流量,从而提供高可用性。The load balancer provides high availability by distributing incoming traffic among healthy service instances in cloud services or virtual machines in a load balancer set. Azure Load Balancer 还可以在多个端口和/或多个 IP 地址上显示这些服务。Azure Load Balancer can also present those services on multiple ports, multiple IP addresses, or both.

示例部署方案Example deployment scenario

下图演示了使用本文所述示例模板部署的负载均衡解决方案。The following diagram illustrates the load balancing solution being deployed using the example template described in this article.

此图显示了本文中使用的示例方案,其中显示工作站客户端通过 Internet 连接到 Azure 负载均衡器,而后者则连接到两个虚拟机。

在此方案中,将创建以下 Azure 资源:In this scenario you will create the following Azure resources:

  • 虚拟网络接口,用于每个已分配 IPv4 和 IPv6 地址的 VMa virtual network interface for each VM with both IPv4 and IPv6 addresses assigned
  • 已分配 IPv4 和 IPv6 公共 IP 地址的面向 Internet 的负载均衡器an Internet-facing Load Balancer with an IPv4 and an IPv6 Public IP address
  • 两个负载均衡规则,用于将公共 VIP 映射到专用终结点two load balancing rules to map the public VIPs to the private endpoints
  • 包含两个 VM 的可用性集an Availability Set that contains the two VMs
  • 两个虚拟机 (VM)two virtual machines (VMs)

使用 Azure 门户部署模板Deploying the template using the Azure portal

本文档参考了 Azure 快速入门模板库中发布的模板。This article references a template that is published in the Azure Quickstart Templates gallery. 可以从该库下载模板,或者在 Azure 中直接从库启动部署。You can download the template from the gallery or launch the deployment in Azure directly from the gallery. 本文假设已将模板下载到本地计算机。This article assumes you have downloaded the template to your local computer.

  1. 打开 Azure 门户,使用有权在 Azure 订阅中创建 VM 和网络资源的帐户登录。Open the Azure portal and sign in with an account that has permissions to create VMs and networking resources within an Azure subscription. 此外,除非使用现有资源,否则该帐户必须有权创建资源组和存储帐户。Also, unless you're using existing resources, the account needs permission to create a resource group and a storage account.

  2. 在菜单中单击“+新建”,并在搜索框中键入“模板”。Click "+New" from the menu then type "template" in the search box. 在搜索结果中选择“模板部署”。Select "Template deployment" from the search results.

    屏幕截图显示了选中“新建”和“模板部署”的 Azure 门户。

  3. 在“全部”边栏选项卡中,单击“模板部署”。In the Everything blade, click "Template deployment."

    屏幕截图显示了市场中的“模板部署”。

  4. 单击“创建”。Click "Create."

    屏幕截图显示了市场中“模板部署”的说明。

  5. 单击“编辑模板”。Click "Edit template." 删除现有内容,复制/粘贴模板文件的整个内容(包括左右大括号 {}),并单击“保存”。Delete the existing contents and copy/paste in the entire contents of the template file (to include the start and end { }), then click "Save."

    备注

    如果使用的是 Microsoft Internet Explorer,在粘贴内容时,会看到一个对话框,询问是否允许访问 Windows 剪贴板。If you are using Microsoft Internet Explorer, when you paste you receive a dialog box asking you to allow access to the Windows clipboard. 请单击“允许访问”。Click "Allow access."

    屏幕截图显示了“自定义部署”的第一步,即“编辑模板”。

  6. 单击“编辑参数”。Click "Edit parameters." 在“参数”边栏选项卡中,根据指导在“模板参数”部分中指定值,并单击“保存”关闭“参数”边栏选项卡。In the Parameters blade, specify the values per the guidance in the Template parameters section, then click "Save" to close the Parameters blade. 在“自定义部署”边栏选项卡中选择订阅、选择现有资源组或创建一个资源组。In the Custom Deployment blade, select your subscription, an existing resource group or create one. 如果要创建资源组,请选择资源组的位置。If you are creating a resource group, then select a location for the resource group. 接下来,单击“法律条款” ,并单击法律条款后面的“购买” 。Next, click Legal terms, then click Purchase for the legal terms. Azure 开始部署资源。Azure begins deploying the resources. 部署所有资源需要花费几分钟时间。It takes several minutes to deploy all the resources.

    屏幕截图显示了“自定义部署”所涉及的步骤,从输入模板参数值开始。

    有关这些参数的详细信息,请参阅本文后面的模板参数和变量部分。For more information about these parameters, see the Template parameters and variables section later in this article.

  7. 要查看模板创建的资源,请单击“浏览”,向下滚动列表,直到看到“资源组”,并单击它。To see the resources created by the template, click Browse, scroll down the list until you see "Resource groups," then click it.

    屏幕截图显示了选中“浏览”和“资源组”的 Azure 门户。

  8. 在“资源组”边栏选项卡上,单击步骤 6 中指定的资源组名称。On the Resource groups blade, click the name of the resource group you specified in step 6. 随后可以看到所有已部署资源的列表。You see a list of all the resources that were deployed. 如果一切正常,“上次部署”下面应会显示“成功”。If all went well, it should say "Succeeded" under "Last deployment." 否则,请确保使用的帐户有权创建所需的资源。If not, ensure that the account you're using has permissions to create the necessary resources.

    屏幕截图显示了资源组的上次部署的状态(在此示例中为“成功”)。

    备注

    正在部署资源时,如果在完成步骤 6 之后立即浏览资源组,“上次部署”将显示“正在部署”状态。If you browse your Resource Groups immediately after completing step 6, "Last deployment" will display the status of "Deploying" while the resources are being deployed.

  9. 在资源列表中单击“myIPv6PublicIP”。Click "myIPv6PublicIP" in the list of resources. 可以看到它在 IP 地址下有一个 IPv6 地址,其 DNS 名称是在步骤 6 中为 dnsNameforIPv6LbIP 参数指定的值。You see that it has an IPv6 address under IP address, and that its DNS name is the value you specified for the dnsNameforIPv6LbIP parameter in step 6. 此资源是公共 IPv6 地址和主机名,可以访问 Internet 客户端。This resource is the public IPv6 address and host name that is accessible to Internet-clients.

    屏幕截图显示了 IPv6 公共地址。

验证连接Validate connectivity

成功部署模板后,可以通过完成以下任务来验证连接:When the template has deployed successfully, you can validate connectivity by completing the following tasks:

  1. 登录到 Azure 门户,并连接到模板部署创建的每个 VM。Sign in to the Azure portal and connect to each of the VMs created by the template deployment. 如果部署的是 Windows Server VM,请从命令提示符运行 ipconfig /all。If you deployed a Windows Server VM, run ipconfig /all from a command prompt. 可以看到 VM 同时使用了 IPv4 和 IPv6 地址。You see that the VMs have both IPv4 and IPv6 addresses. 如果部署的是 Linux VM,则需要根据 Linux 分发版提供的说明,将 Linux OS 配置为接收动态 IPv6 地址。If you deployed Linux VMs, you need to configure the Linux OS to receive dynamic IPv6 addresses using the instructions provided for your Linux distribution.
  2. 从已连接到 IPv6 Internet 的客户端发起与负载均衡器公共 IPv6 地址的连接。From an IPv6 Internet-connected client, initiate a connection to the public IPv6 address of the load balancer. 若要确认负载均衡器是否在两个 VM 之间均衡负载,可在每个 VM 上安装一个 Web 服务器,例如 Microsoft Internet Information Services (IIS)。To confirm that the load balancer is balancing between the two VMs, you could install a web server like Microsoft Internet Information Services (IIS) on each of the VMs. 每台服务器的默认网页上可能会包含“Server0”或“Server1”文本用于唯一标识该服务器。The default web page on each server could contain the text "Server0" or "Server1" to uniquely identify it. 然后,在已连接到 IPv6 Internet 的客户端上打开 Internet 浏览器,导航到为负载均衡器的 dnsNameforIPv6LbIP 参数指定的主机名,确认每个 VM 的端到端 IPv6 连接。Then, open an Internet browser on an IPv6 Internet-connected client and browse to the hostname you specified for the dnsNameforIPv6LbIP parameter of the load balancer to confirm end-to-end IPv6 connectivity to each VM. 如果只在其中一台服务器看到网页,可能需要清除浏览器缓存。If you only see the web page from only one server, you may need to clear your browser cache. 打开多个专用浏览会话。Open multiple private browsing sessions. 随后应会看到来自每台服务器的响应。You should see a response from each server.
  3. 从已连接到 IPv4 Internet 的客户端发起与负载均衡器公共 IPv4 地址的连接。From an IPv4 Internet-connected client, initiate a connection to the public IPv4 address of the load balancer. 若要确认负载均衡器是否在两个 VM 之间均衡负载,可按步骤 2 中的详述使用 IIS 进行测试。To confirm that the load balancer is load balancing the two VMs, you could test using IIS, as detailed in Step 2.
  4. 从每个 VM 向已连接到 IPv6 或 IPv4 的 Internet 设备发起出站连接。From each VM, initiate an outbound connection to an IPv6 or IPv4-connected Internet device. 在这两种情况下,目标设备看到的源 IP 是负载均衡器的公共 IPv4 或 IPv6 地址。In both cases, the source IP seen by the destination device is the public IPv4 or IPv6 address of the load balancer.

备注

IPv4 和 IPv6 的 ICMP 在 Azure 网络中已被阻止。ICMP for both IPv4 and IPv6 is blocked in the Azure network. 因此,使用 ping 等 ICMP 工具始终会失败。As a result, ICMP tools like ping always fail. 若要测试连接,请使用 TCP 替代方法,例如 TCPing 或 PowerShell Test-NetConnection cmdlet。To test connectivity, use a TCP alternative such as TCPing or the PowerShell Test-NetConnection cmdlet. 请注意,图中显示的 IP 地址是可能会出现的示例值。Note that the IP addresses shown in the diagram are examples of values that you might see. 由于 IPv6 地址是动态分配的,收到的地址可能会根据区域的不同而异。Since the IPv6 addresses are assigned dynamically, the addresses you receive will differ and can vary by region. 此外,负载均衡器上公共 IPv6 地址前缀与后端池中专用 IPv6 地址的前缀经常不同。Also, it is common for the public IPv6 address on the load balancer to start with a different prefix than the private IPv6 addresses in the back-end pool.

模板参数和变量Template parameters and variables

Azure 资源管理器模板包含可根据需要自定义的多个变量和参数。An Azure Resource Manager template contains multiple variables and parameters that you can customize to your needs. 对于不希望用户更改的固定值,可以使用变量。Variables are used for fixed values that you do not want a user to change. 对于在部署模板不希望用户提供的值,可以使用参数。Parameters are used for values that you want a user to provide when deploying the template. 该示例模板是针对本文所述的方案配置的。The example template is configured for the scenario described in this article. 可以根据环境需求自定义此模板。You can customize this to needs of your environment.

本文中使用的示例模板包含以下变量和参数:The example template used in this article includes the following variables and parameters:

参数/变量Parameter / Variable 说明Notes
adminUsernameadminUsername 指定用于登录到虚拟机的管理员帐户名。Specify the name of the admin account used to sign in to the virtual machines with.
adminPasswordadminPassword 指定用于登录到虚拟机的管理员帐户密码。Specify the password for the admin account used to sign in to the virtual machines with.
dnsNameforIPv4LbIPdnsNameforIPv4LbIP 指定想要分配为负载均衡器公共名称的 DNS 主机名。Specify the DNS host name you want to assign as the public name of the load balancer. 此名称解析为负载均衡器的公共 IPv4 地址。This name resolves to the load balancer's public IPv4 address. 此名称必须是小写,并与正则表达式匹配:^[a-z][a-z0-9-]{1,61}[a-z0-9]$。The name must be lowercase and match the regex: ^[a-z][a-z0-9-]{1,61}[a-z0-9]$.
dnsNameforIPv6LbIPdnsNameforIPv6LbIP 指定想要分配为负载均衡器公共名称的 DNS 主机名。Specify the DNS host name you want to assign as the public name of the load balancer. 此名称解析为负载均衡器的公共 IPv6 地址。This name resolves to the load balancer's public IPv6 address. 此名称必须是小写,并与正则表达式匹配:^[a-z][a-z0-9-]{1,61}[a-z0-9]$。The name must be lowercase and match the regex: ^[a-z][a-z0-9-]{1,61}[a-z0-9]$. 此名称可与 IPv4 地址的名称相同。This can be the same name as the IPv4 address. 当名称相同时,如果客户端针对此名称发出 DNS 查询,Azure 将返回 A 和 AAAA 记录。When a client sends a DNS query for this name Azure will return both the A and AAAA records when the name is shared.
vmNamePrefixvmNamePrefix 指定 VM 名称前缀。Specify the VM name prefix. 创建 VM 时,模板会在名称后面追加一个编号(0、1 等等)。The template appends a number (0, 1, etc.) to the name when the VMs are created.
nicNamePrefixnicNamePrefix 指定网络接口名称前缀。Specify the network interface name prefix. 创建网络接口时,模板会在名称后面追加一个编号(0、1 等等)。The template appends a number (0, 1, etc.) to the name when the network interfaces are created.
storageAccountNamestorageAccountName 输入现有存储帐户的名称,或指定模板创建的新存储帐户的名称。Enter the name of an existing storage account or specify the name of a new one to be created by the template.
availabilitySetNameavailabilitySetName 输入要配合 VM 使用的可用性集的名称Enter then name of the availability set to be used with the VMs
addressPrefixaddressPrefix 用于定义虚拟网络地址范围的地址前缀The address prefix used to define the address range of the Virtual Network
subnetNamesubnetName 为 VNet 创建的子网的名称The name of the subnet in created for the VNet
subnetPrefixsubnetPrefix 用于定义子网地址范围的地址前缀The address prefix used to define the address range of the subnet
vnetNamevnetName 指定 VM 使用的 VNet 的名称Specify the name for the VNet used by the VMs.
ipv4PrivateIPAddressTypeipv4PrivateIPAddressType 专用 IP 地址使用的分配方法(Static 或 Dynamic)The allocation method used for the private IP address (Static or Dynamic)
ipv6PrivateIPAddressTypeipv6PrivateIPAddressType 专用 IP 地址使用的分配方法 (Dynamic)。The allocation method used for the private IP address (Dynamic). IPv6 仅支持 Dynamic(动态)分配。IPv6 only supports Dynamic allocation.
numberOfInstancesnumberOfInstances 模板部署的负载均衡实例的数目The number of load balanced instances deployed by the template
ipv4PublicIPAddressNameipv4PublicIPAddressName 指定用来与负载均衡器公共 IPv4 地址通信的 DNS 名称。Specify the DNS name you want to use to communicate with the public IPv4 address of the load balancer.
ipv4PublicIPAddressTypeipv4PublicIPAddressType 公共 IP 地址使用的分配方法(Static 或 Dynamic)The allocation method used for the public IP address (Static or Dynamic)
Ipv6PublicIPAddressNameIpv6PublicIPAddressName 指定用来与负载均衡器公共 IPv6 地址通信的 DNS 名称。Specify the DNS name you want to use to communicate with the public IPv6 address of the load balancer.
ipv6PublicIPAddressTypeipv6PublicIPAddressType 公共 IP 地址使用的分配方法 (Dynamic)。The allocation method used for the public IP address (Dynamic). IPv6 仅支持 Dynamic(动态)分配。IPv6 only supports Dynamic allocation.
lbNamelbName 指定负载均衡器的名称。Specify the name of the load balancer. 此名称会显示在门户中,或者通过 CLI 或 PowerShell 命令引用它时会用到它。This name is displayed in the portal or used when referring to it with a CLI or PowerShell command.

模板中的其余变量是 Azure 创建资源时分配的派生值。The remaining variables in the template contain derived values that are assigned when Azure creates the resources. 请不要更改这些变量。Do not change those variables.

后续步骤Next steps

有关模板中负载均衡器的 JSON 语法和属性,请参阅 Microsoft.Network/loadBalancersFor the JSON syntax and properties of a load balancer in a template, see Microsoft.Network/loadBalancers.