Configure and Understand Azure Application Gateway in 45 minutes

What is Azure Application Gateway?
Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications.(Referenced: Official Docs)

Core Components of Azure Application Gateway

A sample workflow for Azure Application Gateway
Note: The configurations to be done in the same order as the numbers in above diagram.
  1. Frontend IP Configuration

The IP of the application gateway can be public or private. Listeners are associated are to the IP.

Frontend IP Configuration

2. Listener

A listener listens to the requests that are coming to a particular domain. The application gateway has capability to listen to multiple domain sites.

Types of Listeners

  1. Basic: A listener which listens to a single domain site where it has a single DNS mapping to IP address of the Application Gateway.
  2. Multi-site: A listener which listens to a specific domain site(host)

For example: 
For three subdomains —, and pointing to the IP Address of the Application Gateway. Create multiple listeners of the type ‘multi-site’. If a HTTPS url then provide the client-certificate in “.pfx” format.

Multisite Listener Configuration Window

3. Backend Pool

The IP of the target backend, be it a Load Balancer or a Virtual Machine Scale Set which is going to serve the request.

4. Custom Health Probe

A custom health probe url to check the health of the backend pool which is linked/tied up to a HTTP Setting.

Health Probe Configuration Window

5. HTTP Settings
Setting which helps in validating the request if is going to the correct backend pool or not. It is tied up to a custom domain url and the backend pool.

When creating HTTPS setting — backend-certificate is required in “.cer” format.

6. Rules
The most important part of the application gateway which exactly tells what do to when.

Default Settings: For a listener(Eg:*) which backend pool should serve the request with the associated HTTP Setting.

Path Based Routing: Usually used in case of API requests(Eg:*). This rule gives us the flexibility to route the request to a specific backend pool based on the routing url.

Note: One listener can be attached to one rule.

Path-Based Routing Rules

Once done with the configurations. Check the backend health of the application gateway.

Voila! Healthy Resources! (Backend Health)

Tools for Automation of Configuration

  1. az-cli
  2. powershell script
  3. deploying ARM Templates using “az group deployment create” command

Some links for reference: