Virtual machines must be in a cloud service, which acts as a container and provides a unique public DNS name, a public IP address, and a set of endpoints to access the virtual machine over the Internet. The cloud service can optionally be in a virtual network.
If a cloud service is not in a virtual network, the virtual machines in that cloud service can only communicate with other virtual machines through the use of the other virtual machines’ public DNS names, and that traffic would travel over the Internet. If a cloud service is in a virtual network, the virtual machines in that cloud service can communicate with all other virtual machines in the virtual network without sending any traffic over the Internet.
If you place your virtual machines in the same standalone cloud service, you can take advantage of load balancing and availability sets. For details, see Load balancing virtual machines and Manage the availability of virtual machines. However, you cannot organize the virtual machines on subnets or connect a standalone cloud service to your on-premises network. Here is an example.
If you place your virtual machines in a virtual network, you can decide how many cloud services you want to use to take advantage of load balancing and availability sets. Additionally, you can organize the virtual machines on subnets in the same way as your on-premises network and connect the virtual network to your on-premises network. Here is an example.
Virtual networks are the recommended way to connect virtual machines in Azure. The best practice is to configure each tier of your application in a separate cloud service. This enables advanced user rights delegation through Role Based Access Control (RBAC). For more information, see Role Based Access Control in Azure Preview Portal. However, you may need to combine some virtual machines from different application tiers into the same cloud service to remain within the maximum of 200 cloud services per subscription.
To connect virtual machines in a virtual network:
Here is an example using the Azure Management Portal.
To connect virtual machines in a standalone cloud service:
Here is an example using the Azure Management Portal for the existing cloud service named EndpointTest.
After you create a virtual machine, it's a good idea to add a data disk so your services and workloads have a location to store data. See one of the following: