1. Deploy VM, change public IP addresses to "Standard".
2. Deploy LB.
resource "azurerm_lb" "lb-services-int" {
resource_group_name = azurerm_resource_group.resource_group.name
name = local.lb_name
location = azurerm_resource_group.resource_group.location
sku = "Standard"
frontend_ip_configuration {
name = local.lb_name
subnet_id = data.azurerm_subnet.eastus-test4.id
}
tags = azurerm_resource_group.resource_group.tags
}
resource "azurerm_lb_backend_address_pool" "backend_pool_services" {
loadbalancer_id = azurerm_lb.lb-services-int.id
name = local.lb_backend_name
}
resource "azurerm_lb_probe" "lb_probe-ldap-389-Tcp" {
#resource_group_name = azurerm_resource_group.resource_group.name
loadbalancer_id = azurerm_lb.lb-services-int.id
name = "tcpProbe-389-Tcp"
protocol = "Tcp"
port = 389
interval_in_seconds = 5
number_of_probes = 2
}
resource "azurerm_lb_rule" "lb_rule-int-no-all" {
loadbalancer_id = azurerm_lb.lb-services-int.id
name = "LBRule-int-all-tcp"
protocol = "All"
frontend_port = 0
backend_port = 0
frontend_ip_configuration_name = local.lb_name
enable_floating_ip = true
backend_address_pool_ids = [azurerm_lb_backend_address_pool.backend_pool_services.id]
idle_timeout_in_minutes = 5
probe_id = azurerm_lb_probe.lb_probe-ldap-389-Tcp.id
depends_on = [azurerm_lb_probe.lb_probe-ldap-389-Tcp]
disable_outbound_snat = true
}
data "azurerm_network_interface" "int1" {
name = "jarek7sndvm-nic"
resource_group_name = "jareksandbox3-rg"
}
resource "azurerm_network_interface_backend_address_pool_association" "int1" {
network_interface_id = data.azurerm_network_interface.int1.id
ip_configuration_name = "ipconfiguration-jarek7sndvm"
backend_address_pool_id = azurerm_lb_backend_address_pool.backend_pool_services.id
}
data "azurerm_network_interface" "int2" {
name = "jarek8sndvm-nic"
resource_group_name = "jareksandbox4-rg"
}
resource "azurerm_network_interface_backend_address_pool_association" "int2" {
network_interface_id = data.azurerm_network_interface.int2.id
ip_configuration_name = "ipconfiguration-jarek8sndvm"
backend_address_pool_id = azurerm_lb_backend_address_pool.backend_pool_services.id
}
3. Configure interfaces on VMs.
netsh interface ipv4 set interface "Ethernet" weakhostreceive=enabled
netsh interface ipv4 add addr "Loopback Pseudo-Interface 1" "10.5.2.10" "255.255.255.128"
netsh interface ipv4 set interface "Loopback Pseudo-Interface 1" weakhostreceive=enabled weakhostsend=enabled
4. Install domain controller DSC.
5. Configure DNS:
All AD records are also configured - VIP was added to _sites, _tcp, _udp. This might not be required.
6. Test:
1..20| % {
Get-ADUser test01 -Server jarek8sndvm.contoso.local
Start-Sleep -Seconds 1
}
Get-ADUser test01 -server jarek7sndvm.contoso.local| Remove-ADUser -Confirm:$false;repadmin /syncall jarek7sndvm.contoso.local /AdeP
New-ADUser -Name 'test01' -Server jarek7sndvm.contoso.local;repadmin /syncall jarek7sndvm.contoso.local /AdeP
