🚨Retiring Basic Tier Azure Load Balancer🚨

🚀Step-by-Step Guide: Migrating Azure Load Balancer from Basic to Standard🚀

Introduction

With the continuous evolution of Azure services, Microsoft has announced the retirement of Basic Azure Load Balancer. This transition is part of Microsoft's commitment to providing improved services, enhanced features, and better performance for users. In this blog post, we'll explore the retirement of Basic Azure Load Balancer and what steps you need to take to adapt to the changes.

Why Retirement?

Basic Azure Load Balancer served its purpose well, but as technology advances, Microsoft is introducing more powerful and feature-rich solutions. The retirement is a strategic move to encourage users to migrate to the more advanced Standard Load Balancer, which offers additional capabilities, increased scalability, and improved performance.

Key Dates

Microsoft has provided a timeline for the retirement of Basic Azure Load Balancer:

• Retirement Announcement: September 30, 2025
• End of New Deployments: March 31, 2025
• 
  
• It's crucial to be aware of these dates to plan your migration accordingly.

Pre- and Post-migration Steps

Pre-migration steps:

• Validate that your scenario is supported.
• Plan for application downtime during migration.
• Develop inbound and outbound connectivity tests for your traffic.
• Plan for instance-level Public IP changes on Virtual Machine Scale Set instances (see note above)
• [Recommended] Create Network Security Groups or add security rules to an existing Network Security Group for your backend pool members, allowing the traffic through the Load Balancer and any other traffic which will need to be explicitly allowed on public Standard SKU resources.
• [Recommended] Prepare your outbound connectivity, taking one of the following approaches:
• Add a NAT Gateway to your backend member's subnets.
• Add Public IP addresses to each backend Virtual Machine or Virtual Machine Scale Set instance.
• Plan to create Outbound Rules for Public Load Balancers with multiple backend pools post-migration.

Post-migration steps:

• Validate that your migration was successful.
• Test inbound application connectivity through the Load Balancer
• Test outbound connectivity from backend pool members to the Internet.
• For Public Load Balancers with multiple backend pools, create Outbound Rules for each backend pool.

Migration Steps

1. Assess Your Current Configuration Before starting the migration, review your existing Basic Azure Load Balancer configuration. Document backend pools, frontend IP configurations, health probes, and any custom settings. 2. Check Compatibility Ensure your virtual machines and associated resources are compatible with Standard Load Balancer. Verify the SKU and version of your virtual machines and the virtual network. 3. Create a Standard Load Balancer

In the Azure portal:

• Navigate to "Create a resource" > Search for "Load Balancer."
• Select "Standard Load Balancer" and configure basic settings, including subscription, resource group, and instance details.
• Choose the Standard SKU and set up frontend IP configurations, backend pools, and health probes.
• Review settings and create the Standard Load Balancer.

4. Update DNS and IP Configurations

If your application uses a custom domain, update DNS configurations to point to the new IP address associated with the Standard Load Balancer. Modify any IP configurations or rules referencing the old Basic Load Balancer IP addresses.

5. Migrate Backend Pools and Probes

In the Azure portal:

• Go to the new Standard Load Balancer resource.
• Recreate backend pools and configure health probes, ensuring they match the settings from the Basic Load Balancer.

6. Adjust Network Security Group Rules

Review and update Network Security Group (NSG) rules associated with virtual machines to allow traffic through the new Standard Load Balancer. Update any inbound or outbound rules related to IP addresses and ports.

7. Thorough Testing

Perform comprehensive testing of the new Standard Load Balancer configuration. Verify backend pool health and test application functionality to ensure a seamless migration.

Below are the PowerShell steps for migrating from Basic Azure Load Balancer to Standard Load Balancer:

Prerequisites:

Ensure you have the Azure PowerShell module installed. If not, install it using:

"Install-Module -Name Az -AllowClobber -Force -Scope CurrentUser
Log in to your Azure account:
Connect-AzAccount
Step 1: Review Current Load Balancer Configuration
1.1. Get details of the existing Basic Load Balancer:
$resourceGroupName = "YourResourceGroup"
$loadBalancerName = "YourBasicLoadBalancer"

$basicLoadBalancer = Get-AzLoadBalancer -ResourceGroupName $resourceGroupName -Name $loadBalancerName
$basicLoadBalancer | Format-List
Step 2: Check Compatibility
2.1. Verify compatibility of virtual machines:
$virtualMachines = Get-AzVM -ResourceGroupName $resourceGroupName

foreach ($vm in $virtualMachines) {
    # Check VM compatibility
    $vm.HardwareProfile.VmSize
}
2.2. Verify virtual network compatibility:
$virtualNetwork = Get-AzVirtualNetwork -ResourceGroupName $resourceGroupName -Name "YourVirtualNetwork"
$virtualNetwork.Sku
Step 3: Create a Standard Load Balancer
3.1. Create a new Standard Load Balancer:
$standardLoadBalancerName = "YourStandardLoadBalancer"
$frontendIpConfig = New-AzLoadBalancerFrontendIpConfig -Name "FrontendConfig" -PrivateIpAddressVersion IPv4 -SubnetId $virtualNetwork.Subnets[0].Id
$backendPool = New-AzLoadBalancerBackendAddressPoolConfig -Name "BackendPool"

$standardLoadBalancer = New-AzLoadBalancer -ResourceGroupName $resourceGroupName -Name $standardLoadBalancerName -Sku Standard -FrontendIpConfiguration $frontendIpConfig -BackendAddressPool $backendPool
3.2. Configure frontend, backend pools, and health probes as needed.
Step 4: Update DNS and IP Configurations
4.1. Update DNS configurations if applicable.
4.2. Update IP configurations or rules referencing the old Basic Load Balancer IP addresses.
Step 5: Migrate Backend Pools and Probes
5.1. Migrate backend pools:
$basicBackendPools = $basicLoadBalancer.BackendAddressPools
$standardBackendPool = $standardLoadBalancer.BackendAddressPools[0]

foreach ($basicPool in $basicBackendPools) {
    Add-AzLoadBalancerBackendAddressPoolConfig -LoadBalancer $standardLoadBalancer -Name $basicPool.Name -BackendAddresses $basicPool.BackendAddresses
}

Set-AzLoadBalancer -LoadBalancer $standardLoadBalancer
5.2. Migrate health probes:
$basicHealthProbes = $basicLoadBalancer.Probes
$standardHealthProbe = $standardLoadBalancer.Probes[0]

foreach ($basicProbe in $basicHealthProbes) {
    Add-AzLoadBalancerProbeConfig -LoadBalancer $standardLoadBalancer -Name $basicProbe.Name -Protocol $basicProbe.Protocol -Port $basicProbe.Port -IntervalInSeconds $basicProbe.IntervalInSeconds -NumberOfProbes $basicProbe.NumberOfProbes
}

Set-AzLoadBalancer -LoadBalancer $standardLoadBalancer
Step 6: Adjust Network Security Group Rules
6.1. Update NSG rules associated with virtual machines:

$nsg = Get-AzNetworkSecurityGroup -ResourceGroupName $resourceGroupName -Name "YourNSG"

# Update inbound rules
$nsg | Set-AzNetworkSecurityRuleConfig -Name "InboundRule" -Access Allow -Priority 100 -Direction Inbound -SourceAddressPrefix "*" -SourcePortRange "*" -DestinationAddressPrefix "*" -DestinationPortRange "YourNewLBPort" -Protocol Tcp -Action Allow

# Update outbound rules if needed
$nsg | Set-AzNetworkSecurityRuleConfig -Name "OutboundRule" -Access Allow -Priority 100 -Direction Outbound -SourceAddressPrefix "*" -SourcePortRange "*" -DestinationAddressPrefix "*" -DestinationPortRange "YourNewLBPort" -Protocol Tcp -Action Allow

$nsg | Set-AzNetworkSecurityGroup
Step 7: Testing
7.1. Perform thorough testing of the new Standard Load Balancer configuration.
7.2. Verify backend pool health and test application functionality to ensure a seamless migration.
Unsupported Scenarios
Basic Load Balancers with IPv6 frontend IP configurations
Basic Load Balancers with a Virtual Machine Scale Set backend pool member where one or more Virtual Machine Scale Set instances have ProtectFromScaleSetActions Instance Protection policies enabled.
Migrating a Basic Load Balancer to an existing Standard Load Balancer
Conclusion
Retiring Basic Azure Load Balancer signifies a positive step towards embracing newer, more advanced technologies. By planning and executing a smooth migration to Standard Load Balancer, you not only ensure the continued reliability of your applications but also take advantage of enhanced features provided by Azure.
By following these PowerShell steps, you can successfully migrate from Basic Azure Load Balancer to Standard Load Balancer. Ensure to adapt the scripts based on your specific environment and requirements. Always test thoroughly before implementing changes in a production environment.