Configure and Understand Azure Application Gateway in 45 minutes
What is Azure Application Gateway?
Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications.(Referenced: Official Docs)
Core Components of Azure Application Gateway
Note: The configurations to be done in the same order as the numbers in above diagram.
- Frontend IP Configuration
The IP of the application gateway can be public or private. Listeners are associated are to the IP.
2. Listener
A listener listens to the requests that are coming to a particular domain. The application gateway has capability to listen to multiple domain sites.
Types of Listeners
- Basic: A listener which listens to a single domain site where it has a single DNS mapping to IP address of the Application Gateway.
- Multi-site: A listener which listens to a specific domain site(host)
For example:
For three subdomains — abc.alpha.com, xyz.alpha.com and pqr.alpha.com pointing to the IP Address of the Application Gateway. Create multiple listeners of the type ‘multi-site’. If a HTTPS url then provide the client-certificate in “.pfx” format.
3. Backend Pool
The IP of the target backend, be it a Load Balancer or a Virtual Machine Scale Set which is going to serve the request.
4. Custom Health Probe
A custom health probe url to check the health of the backend pool which is linked/tied up to a HTTP Setting.
5. HTTP Settings
Setting which helps in validating the request if is going to the correct backend pool or not. It is tied up to a custom domain url and the backend pool.
When creating HTTPS setting — backend-certificate is required in “.cer” format.
6. Rules
The most important part of the application gateway which exactly tells what do to when.
Default Settings: For a listener(Eg: abc.alpha.com/*) which backend pool should serve the request with the associated HTTP Setting.
Path Based Routing: Usually used in case of API requests(Eg: abc.alpha.com/api/*). This rule gives us the flexibility to route the request to a specific backend pool based on the routing url.
Note: One listener can be attached to one rule.
Once done with the configurations. Check the backend health of the application gateway.
Tools for Automation of Configuration
- az-cli
- powershell script
- deploying ARM Templates using “az group deployment create” command
Some links for reference:
1. https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-faq
2. https://stackoverflow.com/questions/36576113/redirect-http-to-https-in-azure-application-gateway
3. https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-introduction