Azure scale sets was built to provide a fast and easy way to deploy and manage collection of virtual machines. The initial way scale sets were deployed included a core set of network features most commonly associated with scalable compute nodes; for example, Azure Load Balancer and Application Gateway integration, support for load balancing and dynamic NAT pools routing to private IP addresses.
The cool additional networking features opens up exciting new application scenarios for scale sets with more complex networking requirements, as well as allowing existing applications that were designed for standalone virtual machines to take advantage of scale set features such as easy dynamic scaling, autoscale and patching.
Here’s a summary of the new features you can now use with scale sets.
Public IPv4 addresses per VM
Previously you could only assign private IP addresses to scale set VMs. Typical architectures for scale set would assign one or more public IP addresses to a load balancer, which would route incoming connections to the private scale set VM IP addresses, or assign a public IP address to a “jump box” VM in the same VNet which could connect directly to the VMs.
Though private IP addresses per VM is an optimal configuration for many applications which deploy at scale, in some cases it is useful for VMs to support direct external connections, and to connect to one another across regions. There are also cases where outbound network bandwidth requirements exceed that provided by a load balancer.
Configurable DNS Functionalities
Previously scale sets relied on the specific DNS settings of the Virtual Network and subnet they were created in. With the configurable DNS functionalities, you can now configure the DNS settings for a scale set directly. You can configure which DNS Servers the VMs in the scale set should reference, and specify a domain name label to apply to each VM.
Multiple IP addresses per NIC, multiple NICs per VM
Why limit yourself to one public IP address per VM when you can have up to 400 Public IP Address per VM? The ability to define more than one IP address and NIC Adapter for a virtual machine is particularly useful for applications like Web Application Firewalls, which need to manage multiple networks and can optimize resources by being able to easily scale out VMs.
Now you can define up to 50 IP addresses per NIC, and up to 8 NICs per VM (depending on VM size) for all the VMs in your scale set.
Network Security Groups per scale set
A Network Security Group (NSG) contains a list of security rules that allow or deny network traffic to resources connected to Azure Virtual Networks. NSGs enable you to customize your security requirements to your security needs.
Previously you could assign an NSG to a subnet, or to standalone virtual machine NICS, but not directly to a scale set. NSGs can now be applied directly to scale sets. Network traffic rules can be enforced and controlled through NSGs securing your scale sets in Azure, allowing finer grained control over your infrastructure.
IPv6 Load Balancer support – public preview
As IPv4 addresses become scarcer, more applications are leveraging the 128-bit address space provided by IPv6. Now with the public preview of IPv6 load balancer support, you can configure Azure Load Balancers with public IPv6 addresses, which can route requests to scale set VMs.
The Azure Accelerated Networking feature, which dramatically improves network performance by enabling single root I/O virtualization (SR-IOV) to a VM, is now available for virtual machine scale sets. This feature is generally available for Windows, and in public preview for Linux.