什么是 Azure 负载均衡器?What is Azure Load Balancer?
“负载均衡”是指在一组后端资源或服务器之间均衡地分配负载(传入网络流量)。Load balancing refers to evenly distributing load (incoming network traffic) across a group of backend resources or servers.
Azure 负载均衡器在开放式系统互连 (OSI) 模型的第四层上运行。Azure Load Balancer operates at layer four of the Open Systems Interconnection (OSI) model. 它是客户端的单一联系点。It's the single point of contact for clients. 负载均衡器将抵达负载均衡器前端的入站流量分配到后端池实例。Load Balancer distributes inbound flows that arrive at the load balancer's front end to backend pool instances. 这些流取决于所配置的负载均衡规则和运行状况探测。These flows are according to configured load balancing rules and health probes. 后端池实例可以是 Azure 虚拟机,或虚拟机规模集中的实例。The backend pool instances can be Azure Virtual Machines or instances in a virtual machine scale set.
公共负载均衡器 可以为虚拟网络中的虚拟机 (VM) 提供出站连接。A public load balancer can provide outbound connections for virtual machines (VMs) inside your virtual network. 可以通过将专用 IP 地址转换为公共 IP 地址来实现这些连接。These connections are accomplished by translating their private IP addresses to public IP addresses. 公共负载均衡器用于对传入 VM 的 Internet 流量进行负载均衡。Public Load Balancers are used to load balance internet traffic to your VMs.
内部(或专用)负载平衡器 用于仅在前端需要专用 IP 的情况。An internal (or private) load balancer is used where private IPs are needed at the frontend only. 内部负载均衡器用于对虚拟网络内部的流量进行负载均衡。Internal load balancers are used to load balance traffic inside a virtual network. 负载均衡器前端可以在混合方案中从本地网络进行访问。A load balancer frontend can be accessed from an on-premises network in a hybrid scenario.
图:使用公共和内部负载均衡器对多层应用程序进行均衡Figure: Balancing multi-tier applications by using both public and internal Load Balancer
有关各个负载均衡器组件的详细信息,请参阅 Azure 负载均衡器组件。For more information on the individual load balancer components, see Azure Load Balancer components.
为什么使用 Azure 负载均衡器?Why use Azure Load Balancer?
使用标准负载均衡器,你可以缩放应用程序,并创建高度可用的服务。With Standard Load Balancer, you can scale your applications and create highly available services. 负载均衡器支持入站和出站方案。Load balancer supports both inbound and outbound scenarios. 负载均衡器提供低延迟和高吞吐量,以及为所有 TCP 和 UDP 应用程序纵向扩展到数以百万计的流。Load balancer provides low latency and high throughput, and scales up to millions of flows for all TCP and UDP applications.
可以使用标准负载均衡器完成的关键方案包括:Key scenarios that you can accomplish using Standard Load Balancer include:
- 对发往 Azure 虚拟机的 内部 和 外部 流量进行负载均衡。Load balance internal and external traffic to Azure virtual machines.
配置 Azure 虚拟机的 出站连接 。Configure outbound connectivity for Azure virtual machines.
使用 运行状况探测 来监视已实现负载均衡的资源。Use health probes to monitor load-balanced resources.
使用 端口转发 通过公共 IP 地址和端口访问虚拟网络中的虚拟机。Employ port forwarding to access virtual machines in a virtual network by public IP address and port.
启用对 IPv6 负载均衡 的支持。Enable support for load-balancing of IPv6.
标准负载均衡器通过 Azure Monitor 提供多维度指标。Standard Load Balancer provides multi-dimensional metrics through Azure Monitor. 可以就给定维度对这些指标进行筛选、分组和细分。These metrics can be filtered, grouped, and broken out for a given dimension. 可便于深入了解服务的当前及历史性能和运行状况。They provide current and historic insights into performance and health of your service. 还支持资源运行状况。Resource Health is also supported. 有关更多详细信息,请查看 标准负载均衡器诊断 。Review Standard Load Balancer Diagnostics for more details.
对 多个端口和/或多个 IP 地址 上的服务进行负载均衡。Load balance services on multiple ports, multiple IP addresses, or both.
跨 Azure 区域移动 内部 和 外部 负载均衡器资源。Move internal and external load balancer resources across Azure regions.
使用 HA 端口 ,同时对所有端口上的 TCP 和 UDP 流进行负载均衡。Load balance TCP and UDP flow on all ports simultaneously using HA ports.
默认保护Secure by default
标准负载均衡器的核心是零信任网络安全模型。Standard Load Balancer is built on the zero trust network security model at its core. 标准负载均衡器默认情况下为安全状态,并且是虚拟网络的一部分。Standard Load Balancer is secure by default and part of your virtual network. 虚拟网络是一个专用的隔离网络。The virtual network is a private and isolated network. 这意味着除非由网络安全组打开,否则,标准负载均衡器和标准公用 IP 地址将对入站流关闭。This means Standard Load Balancers and Standard Public IP addresses are closed to inbound flows unless opened by Network Security Groups. NSG 用于显式允许允许的流量。NSGs are used to explicitly permit allowed traffic. 如果虚拟机资源的子网或 NIC 上没有 NSG,禁止流量到达此资源。If you do not have an NSG on a subnet or NIC of your virtual machine resource, traffic is not allowed to reach this resource. 若要详细了解 NSG 以及如何将其应用于自己的方案,请参阅网络安全组。To learn more about NSGs and how to apply them for your scenario, see Network Security Groups. 默认情况下,基本负载均衡器对 Internet 是开放的。Basic Load Balancer is open to the internet by default. 此外,负载均衡器不会存储客户数据。In addition, Load Balancer does not store customer data.
定价和 SLAPricing and SLA
有关标准负载均衡器的定价信息,请参阅负载均衡器定价。For Standard Load Balancer pricing information, see Load Balancer pricing. 基本负载均衡器是免费提供的。Basic Load Balancer is offered at no charge. 请参阅负载均衡器的 SLA。See SLA for Load Balancer. 基本负载均衡器没有 SLA。Basic Load Balancer has no SLA.
后续步骤Next steps
请参阅创建公共标准负载均衡器以开始使用负载均衡器。See Create a public standard load balancer to get started with using a load balancer.
有关 Azure 负载均衡器限制和组件的详细信息,请参阅 Azure 负载均衡器组件和 Azure 负载均衡器概念For more information on Azure Load Balancer limitations and components see Azure Load Balancer components and Azure Load Balancer concepts