Azure Application Gateway Documentation

Introduction to Azure Application Gateway

Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. It offers a variety of layer 7 load balancing capabilities for your applications. This documentation provides comprehensive information to help you understand, deploy, and manage Application Gateway.

What is Application Gateway?

Application Gateway provides features like:

  • URL-based routing: Route traffic to backend pools based on URL paths.
  • Cookie-based session affinity: Keep a user's session on the same backend server.
  • SSL termination: Offload SSL decryption to the gateway.
  • Web Application Firewall (WAF): Protect your web applications from common web vulnerabilities.
  • End-to-end SSL encryption: Ensure data is encrypted from the client to the backend.
  • Multiple site hosting: Host multiple web applications on the same Application Gateway instance.
  • Health probes: Monitor the health of your backend servers and route traffic only to healthy instances.

Key Features

Application Gateway is designed to be highly available and scalable. Some of its key features include:

  • Performance: High throughput and low latency.
  • Scalability: Can be scaled up or out to handle varying traffic loads.
  • Security: Integrated WAF, SSL termination, and end-to-end encryption.
  • Manageability: Comprehensive monitoring and logging capabilities.
  • Resilience: Built-in fault tolerance and availability zones support.

Web Application Firewall (WAF)

The integrated WAF helps protect your web applications from common exploits, such as SQL injection, cross-site scripting, and other OWASP Top 10 vulnerabilities. It operates at layer 7 and provides centralized protection for your applications.

Routing Capabilities

Application Gateway supports sophisticated routing rules:

  • Path-based routing: Direct requests to different backend pools based on the requested URL path. For example, /images/* could be routed to one pool, and /api/* to another.
  • Host-based routing: Route traffic to different backend pools based on the host header in the request. This is ideal for hosting multiple domains on a single Application Gateway.

Common Use Cases

Azure Application Gateway is well-suited for a variety of scenarios:

  • Load balancing HTTP/S traffic for applications hosted on Azure Virtual Machines, Virtual Machine Scale Sets, or Azure App Service.
  • Securing web applications with a Web Application Firewall.
  • Enabling SSL termination for web applications.
  • Providing a single point of access for multiple internal web applications.
  • Implementing microservices architectures with path-based routing.

Getting Started

To start using Azure Application Gateway, you can follow these steps:

Recommended: Begin with our Quickstart tutorials to deploy a basic Application Gateway configuration quickly. For more in-depth guidance, explore the tutorials.

You can create an Application Gateway instance using the Azure portal, Azure CLI, PowerShell, or ARM templates. Refer to the Azure CLI reference and Azure PowerShell reference for detailed commands.

Example Configuration Snippet (Conceptual)


{
  "name": "myAppGateway",
  "location": "West US",
  "sku": {
    "name": "Standard_v2",
    "tier": "Standard_v2"
  },
  "properties": {
    "frontendIPConfigurations": [ ... ],
    "backendAddressPools": [ ... ],
    "httpListeners": [ ... ],
    "requestRoutingRules": [ ... ]
  }
}

Ensure you have appropriate network configurations in place, including a virtual network and subnets, before deploying an Application Gateway.