This is a set of AZ CLI commands to create a sample workload for resiliency testing.

zone-redundant-vms.azcli

# # Setup
# PREFIX=jrtest-lb
# REGION=eastus

# Create Resource Group
az group create --name $PREFIX --location $REGION

# Create VNet
az network vnet create --resource-group $PREFIX --name $PREFIX-vnet --address-prefix 10.1.0.0/16
az network vnet subnet create --resource-group $PREFIX --vnet-name $PREFIX-vnet --name $PREFIX-sub-a --address-prefixes 10.1.0.0/24
az network vnet subnet create --resource-group $PREFIX --vnet-name $PREFIX-vnet --name $PREFIX-sub-b --address-prefixes 10.1.1.0/24

# Create NSGs
az network nsg create \
    --resource-group $PREFIX \
    --name $PREFIX-nsg 
az network nsg rule create \
    --resource-group $PREFIX \
    --nsg-name $PREFIX-nsg \
    --name port-80-in \
    --protocol '*' \
    --direction inbound \
    --source-address-prefix '*' \
    --source-port-range '*' \
    --destination-address-prefix '*' \
    --destination-port-range 80 \
    --access allow \
    --priority 200

# Create VMs
for i in {1..3}; do
  az network nic create \
    --resource-group $PREFIX \
    --name "$PREFIX-nic$i" \
    --vnet-name $PREFIX-vnet \
    --subnet $PREFIX-sub-b \
    --network-security-group $PREFIX-nsg 
  az vm create \
    --resource-group $PREFIX  \
    --name "$PREFIX-vm$i" \
    --nics "$PREFIX-nic$i" \
    --image UbuntuLTS \
    --public-ip-address "" \
    --generate-ssh-keys \
    --zone "$i" \
    --admin-username azureuser \
    --custom-data lib/nginx-vm-config.txt
done

# Create Inbound Public IP & Load Balancers
az network public-ip create --resource-group $PREFIX --name $PREFIX-ip --allocation-method Static --sku Standard
az network lb create \
    --resource-group $PREFIX \
    --name $PREFIX-lb \
    --public-ip-address $PREFIX-ip \
    --sku Standard \
    --frontend-ip-name $PREFIX-fe \
    --backend-pool-name $PREFIX-be

# Probe and Routing
az network lb probe create \
    --resource-group $PREFIX \
    --name $PREFIX-probe \
    --lb-name $PREFIX-lb \
    --protocol http \
    --path / \
    --port 80
az network lb rule create \
    --resource-group $PREFIX \
    --name $PREFIX-rule \
    --lb-name $PREFIX-lb \
    --protocol tcp \
    --frontend-port 80 \
    --backend-port 80 \
    --frontend-ip-name $PREFIX-fe \
    --backend-pool-name $PREFIX-be \
    --probe-name $PREFIX-probe \
    --disable-outbound-snat true \
    --idle-timeout 15 \
    --enable-tcp-reset true

# Add vms/nics to the load balancers backend pool
for i in {1..3}; do
    az network nic ip-config address-pool add \
        --address-pool "$PREFIX-be" \
        --ip-config-name ipconfig1 \
        --nic-name "$PREFIX-nic$i" \
        --resource-group $PREFIX \
        --lb-name $PREFIX-lb 
done

# Create Outbound IP
az network public-ip create \
    --resource-group $PREFIX \
    --name "$PREFIX-ip-out" \
    --sku Standard

# Create Outbound IP Configuration
az network lb frontend-ip create \
    --resource-group $PREFIX \
    --name "$PREFIX-fe-out" \
    --lb-name $PREFIX-lb \
    --public-ip-address "$PREFIX-ip-out"
az network lb address-pool create \
    --resource-group $PREFIX \
    --name "$PREFIX-be-out" \
    --lb-name $PREFIX-lb 

# Create outbound rule
az network lb outbound-rule create \
    --resource-group $PREFIX \
    --name "$PREFIX-rule-out" \
    --lb-name $PREFIX-lb \
    --frontend-ip-configs "$PREFIX-fe-out" \
    --protocol All \
    --idle-timeout 15 \
    --outbound-ports 10000 \
    --address-pool "$PREFIX-be-out"

# Add vms/nics to the load balancers outbound pool
for i in {1..3}; do
  az network nic ip-config address-pool add \
    --address-pool "$PREFIX-be-out" \
    --ip-config-name ipconfig1 \
    --nic-name "$PREFIX-nic$i" \
    --resource-group $PREFIX \
    --lb-name $PREFIX-lb 
done