Bird
Raised Fist0
Azurecloud~5 mins

High availability design patterns in Azure - Commands & Configuration

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Introduction
High availability design patterns help keep your applications running without interruption. They reduce downtime by spreading resources and handling failures automatically.
When you want your website to stay online even if one server fails
When you run a database that must not lose data or stop working
When you deploy an app that needs to serve users from different regions
When you want to balance traffic so no single server gets overloaded
When you need automatic recovery from hardware or software problems
Config File - azure-deploy.json
azure-deploy.json
{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "resources": [
    {
      "type": "Microsoft.Network/loadBalancers",
      "apiVersion": "2022-05-01",
      "name": "myLoadBalancer",
      "location": "eastus",
      "sku": {
        "name": "Standard"
      },
      "properties": {
        "frontendIPConfigurations": [
          {
            "name": "LoadBalancerFrontEnd",
            "properties": {
              "publicIPAddress": {
                "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/myPublicIP"
              }
            }
          }
        ],
        "backendAddressPools": [
          {
            "name": "myBackendPool"
          }
        ],
        "loadBalancingRules": [
          {
            "name": "httpRule",
            "properties": {
              "frontendIPConfiguration": {
                "id": "[concat(resourceId('Microsoft.Network/loadBalancers', 'myLoadBalancer'), '/frontendIPConfigurations/LoadBalancerFrontEnd')]"
              },
              "backendAddressPool": {
                "id": "[concat(resourceId('Microsoft.Network/loadBalancers', 'myLoadBalancer'), '/backendAddressPools/myBackendPool')]"
              },
              "protocol": "Tcp",
              "frontendPort": 80,
              "backendPort": 80,
              "enableFloatingIP": false,
              "idleTimeoutInMinutes": 4,
              "loadDistribution": "Default",
              "probe": {
                "id": "[concat(resourceId('Microsoft.Network/loadBalancers', 'myLoadBalancer'), '/probes/httpProbe')]"
              }
            }
          }
        ],
        "probes": [
          {
            "name": "httpProbe",
            "properties": {
              "protocol": "Http",
              "port": 80,
              "requestPath": "/",
              "intervalInSeconds": 15,
              "numberOfProbes": 2
            }
          }
        ]
      }
    },
    {
      "type": "Microsoft.Compute/virtualMachineScaleSets",
      "apiVersion": "2022-03-01",
      "name": "myVMSS",
      "location": "eastus",
      "sku": {
        "name": "Standard_DS1_v2",
        "tier": "Standard",
        "capacity": 2
      },
      "properties": {
        "overprovision": true,
        "upgradePolicy": {
          "mode": "Manual"
        },
        "virtualMachineProfile": {
          "storageProfile": {
            "imageReference": {
              "publisher": "Canonical",
              "offer": "UbuntuServer",
              "sku": "18.04-LTS",
              "version": "latest"
            }
          },
          "osProfile": {
            "computerNamePrefix": "vmss",
            "adminUsername": "azureuser",
            "adminPassword": "P@ssw0rd1234!"
          },
          "networkProfile": {
            "networkInterfaceConfigurations": [
              {
                "name": "nicConfig",
                "properties": {
                  "primary": true,
                  "ipConfigurations": [
                    {
                      "name": "ipConfig",
                      "properties": {
                        "subnet": {
                          "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myVnet/subnets/mySubnet"
                        },
                        "loadBalancerBackendAddressPools": [
                          {
                            "id": "[concat(resourceId('Microsoft.Network/loadBalancers', 'myLoadBalancer'), '/backendAddressPools/myBackendPool')]"
                          }
                        ]
                      }
                    }
                  ]
                }
              }
            ]
          }
        }
      }
    }
  ]
}

This Azure Resource Manager template creates a Load Balancer and a Virtual Machine Scale Set (VMSS).

The Load Balancer distributes incoming traffic on port 80 to the VM instances in the scale set, ensuring high availability.

The VMSS automatically manages multiple VM instances, allowing your app to stay online even if one VM fails.

Key sections:

  • loadBalancers: Defines the public IP, frontend IP, backend pool, health probe, and load balancing rules.
  • virtualMachineScaleSets: Defines VM instances with Ubuntu image, admin credentials, network config, and links to the load balancer backend pool.
Commands
Create a resource group to hold all related Azure resources in one place.
Terminal
az group create --name myResourceGroup --location eastus
Expected OutputExpected
{ "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup", "location": "eastus", "managedBy": null, "name": "myResourceGroup", "properties": { "provisioningState": "Succeeded" }, "tags": {}, "type": "Microsoft.Resources/resourceGroups" }
--name - Specifies the resource group name
--location - Specifies the Azure region
Deploy the ARM template to create the load balancer and VM scale set for high availability.
Terminal
az deployment group create --resource-group myResourceGroup --template-file azure-deploy.json
Expected OutputExpected
{ "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup/providers/Microsoft.Resources/deployments/deployment1", "name": "deployment1", "properties": { "provisioningState": "Succeeded", "outputs": {} } }
--resource-group - Specifies the target resource group
--template-file - Specifies the ARM template file to deploy
Check the status of VM instances in the scale set to confirm they are running.
Terminal
az vmss list-instances --resource-group myResourceGroup --name myVMSS
Expected OutputExpected
[ { "instanceId": "0", "vmId": "11111111-1111-1111-1111-111111111111", "osName": "Linux", "osVersion": "18.04", "statuses": [ { "code": "PowerState/running", "level": "Info", "displayStatus": "VM running", "time": null } ] }, { "instanceId": "1", "vmId": "22222222-2222-2222-2222-222222222222", "osName": "Linux", "osVersion": "18.04", "statuses": [ { "code": "PowerState/running", "level": "Info", "displayStatus": "VM running", "time": null } ] } ]
--resource-group - Specifies the resource group
--name - Specifies the VM scale set name
Verify the load balancer configuration and ensure it is active and linked to backend VMs.
Terminal
az network lb show --resource-group myResourceGroup --name myLoadBalancer
Expected OutputExpected
{ "name": "myLoadBalancer", "location": "eastus", "sku": { "name": "Standard" }, "properties": { "frontendIPConfigurations": [ { "name": "LoadBalancerFrontEnd", "properties": { "publicIPAddress": { "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/myPublicIP" } } } ], "backendAddressPools": [ { "name": "myBackendPool" } ], "loadBalancingRules": [ { "name": "httpRule", "properties": { "frontendPort": 80, "backendPort": 80, "protocol": "Tcp" } } ] } }
--resource-group - Specifies the resource group
--name - Specifies the load balancer name
Key Concept

If you remember nothing else from this pattern, remember: spreading your app across multiple servers with a load balancer keeps it running even if one server fails.

Common Mistakes
Not linking the VM scale set to the load balancer backend pool
Traffic won't be distributed to the VM instances, causing downtime or no response.
Ensure the VM scale set network interface configuration includes the load balancer backend address pool.
Using a single VM without redundancy
If that VM fails, your app goes offline with no backup.
Use a VM scale set or multiple VMs behind a load balancer for redundancy.
Skipping health probes in the load balancer
The load balancer can't detect unhealthy VMs and may send traffic to them, causing errors.
Configure health probes to monitor VM health and route traffic only to healthy instances.
Summary
Create a resource group to organize your Azure resources.
Deploy an ARM template that sets up a load balancer and a VM scale set for high availability.
Verify VM instances are running and the load balancer is properly configured to distribute traffic.

Practice

(1/5)
1. Which Azure service is primarily used to distribute incoming traffic across multiple virtual machines to ensure high availability?
easy
A. Azure Functions
B. Azure Blob Storage
C. Azure Load Balancer
D. Azure Cosmos DB

Solution

  1. Step 1: Understand the role of Azure Load Balancer

    Azure Load Balancer distributes incoming network traffic across multiple VMs to prevent any single VM from becoming a bottleneck.

  2. Step 2: Compare with other services

    Azure Blob Storage stores data, Azure Functions run code, and Cosmos DB is a database service; none distribute traffic.

  3. Final Answer:

    Azure Load Balancer -> Option C

  4. Quick Check:

    Traffic distribution = Azure Load Balancer [OK]
Hint: Load Balancer spreads traffic to VMs for uptime [OK]
Common Mistakes:
  • Confusing storage or compute services with traffic distribution
  • Choosing Azure Functions for load balancing
  • Selecting database services for availability patterns
2. Which of the following is the correct syntax to create an Azure VM Scale Set using Azure CLI for high availability?
easy
A. az vm create --name MyScaleSet --resource-group MyResourceGroup --image UbuntuLTS --instance-count 3
B. az vm create --name MyScaleSet --resource-group MyResourceGroup --image UbuntuLTS --count 3
C. az vmss deploy --name MyScaleSet --group MyResourceGroup --image UbuntuLTS --instances 3
D. az vmss create --name MyScaleSet --resource-group MyResourceGroup --image UbuntuLTS --instance-count 3

Solution

  1. Step 1: Identify the correct Azure CLI command for VM Scale Set creation

    The command to create a VM Scale Set is az vmss create, not az vm create.

  2. Step 2: Check the parameters

    Parameters like --name, --resource-group, --image, and --instance-count are correctly used in az vmss create --name MyScaleSet --resource-group MyResourceGroup --image UbuntuLTS --instance-count 3.

  3. Final Answer:

    az vmss create --name MyScaleSet --resource-group MyResourceGroup --image UbuntuLTS --instance-count 3 -> Option D

  4. Quick Check:

    VM Scale Set creation uses az vmss create [OK]
Hint: Use 'az vmss create' for VM Scale Sets [OK]
Common Mistakes:
  • Using 'az vm create' instead of 'az vmss create'
  • Incorrect parameter names like --count instead of --instance-count
  • Mixing resource group parameter names
3. Consider this Azure Load Balancer configuration snippet:
frontendIPConfiguration:
  name: LoadBalancerFrontEnd
  publicIPAddress:
    id: /subscriptions/xxx/resourceGroups/rg/providers/Microsoft.Network/publicIPAddresses/myPublicIP
backendAddressPools:
  - name: BackendPool
loadBalancingRules:
  - name: HTTPRule
    frontendIPConfiguration: LoadBalancerFrontEnd
    backendAddressPool: BackendPool
    protocol: Tcp
    frontendPort: 80
    backendPort: 80
    enableFloatingIP: false
    idleTimeoutInMinutes: 4
    loadDistribution: Default

What will happen if one VM in the backend pool becomes unhealthy?
medium
A. Traffic will automatically stop going to the unhealthy VM
B. Traffic will continue to be sent to the unhealthy VM
C. Load Balancer will restart the unhealthy VM
D. Load Balancer will redirect traffic to a different port

Solution

  1. Step 1: Understand Azure Load Balancer health probe behavior

    Azure Load Balancer requires health probes configured to detect unhealthy VMs and stop sending traffic to them. This snippet does not show health probes configured, but in practice, health probes are necessary for proper load balancing.

  2. Step 2: Analyze the effect of missing health probes

    Without health probes, the Load Balancer cannot detect unhealthy VMs, so it continues sending traffic to all VMs in the backend pool. However, best practice is to configure health probes to avoid this.

  3. Final Answer:

    Traffic will automatically stop going to the unhealthy VM -> Option A

  4. Quick Check:

    Health probes detect unhealthy VMs and stop traffic [OK]
Hint: Configure health probes to avoid sending traffic to bad VMs [OK]
Common Mistakes:
  • Assuming Load Balancer auto-detects unhealthy VMs without probes
  • Thinking Load Balancer restarts VMs
  • Confusing port redirection with load balancing
4. You have configured an Active-Passive high availability setup using Azure Traffic Manager. However, during failover, users experience downtime. What is the most likely cause?
medium
A. Traffic Manager is set to Performance routing with multiple active endpoints
B. Traffic Manager is set to Priority routing but health probes are misconfigured
C. Azure Load Balancer is not configured with a public IP
D. VM Scale Set has only one instance

Solution

  1. Step 1: Understand Active-Passive with Traffic Manager Priority routing

    Priority routing sends traffic to the primary endpoint unless it is unhealthy, then fails over to secondary.

  2. Step 2: Identify impact of misconfigured health probes

    If health probes are misconfigured, Traffic Manager cannot detect endpoint health and will not failover properly, causing downtime.

  3. Final Answer:

    Traffic Manager is set to Priority routing but health probes are misconfigured -> Option B

  4. Quick Check:

    Priority routing + bad probes = failover fails [OK]
Hint: Check health probes when failover fails in Priority routing [OK]
Common Mistakes:
  • Confusing routing methods in Traffic Manager
  • Blaming Load Balancer or VM Scale Set for Traffic Manager failover
  • Ignoring health probe configuration
5. You want to design a geo-redundant high availability solution for a web app in Azure that must remain available even if an entire Azure region fails. Which combination of Azure services and design patterns best achieves this?
hard
A. Deploy the app in two regions with Azure Traffic Manager using Performance routing and Azure SQL Geo-Replication
B. Deploy the app in one region with Azure Load Balancer and VM Scale Sets, and use Azure Backup for disaster recovery
C. Deploy the app in two regions with Azure Traffic Manager using Priority routing and VM Scale Sets in each region
D. Deploy the app in one region with Azure Application Gateway and use Azure Blob Storage for static content

Solution

  1. Step 1: Understand geo-redundancy requirements

    To survive a full region failure, the app must be deployed in multiple regions with traffic routed between them.

  2. Step 2: Evaluate options for traffic routing and data replication

    Performance routing in Traffic Manager directs users to the closest healthy region. Azure SQL Geo-Replication ensures database availability across regions.

  3. Step 3: Compare with other options

    Priority routing is for Active-Passive, not best for geo-load balancing. Single region deployments cannot survive region failure. Application Gateway is regional and does not provide geo-failover.

  4. Final Answer:

    Deploy the app in two regions with Azure Traffic Manager using Performance routing and Azure SQL Geo-Replication -> Option A

  5. Quick Check:

    Geo-redundancy needs multi-region + performance routing + geo-replication [OK]
Hint: Use multi-region + Traffic Manager Performance + Geo-Replication [OK]
Common Mistakes:
  • Choosing Priority routing for geo-load balancing
  • Relying on single region with backup for high availability
  • Confusing Application Gateway with global traffic routing