MSDN Documentation

Deploying Azure Application Gateway

This guide provides step-by-step instructions for deploying and configuring Azure Application Gateway. Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. It offers path-based routing, cookie-based session affinity, SSL termination, and more.

Prerequisites

Before you begin, ensure you have the following:

• An Azure subscription.
• Appropriate permissions to create resources within your subscription.
• A virtual network (VNet) with a dedicated subnet for Application Gateway. This subnet must not have any other resources deployed in it.
• An IP address configuration for the gateway (public or private).

Deployment Steps

1. Navigate to Azure Portal: Log in to the Azure portal.

2. Create Application Gateway:

   • In the Azure portal search bar, type "Application Gateway" and select it.
   • Click Create Application Gateway.

3. Basics Tab:

   • Subscription: Select your Azure subscription.
   • Resource group: Choose an existing resource group or create a new one.
   • Name: Provide a unique name for your Application Gateway.
   • Region: Select the Azure region where you want to deploy the gateway.
   • Tier: Choose the appropriate tier (e.g., Standard_v2, WAF_v2) based on your requirements.
   • Availability zone: (Optional) Select availability zones for high availability.

4. Frontends Tab:

   • Frontend IP address type: Select 'Public' or 'Private'.
   • If 'Public', assign or create a new Public IP address.
   • If 'Private', associate with a virtual network and subnet.

5. Backends Tab:

   • Backend pools: Define your backend pools (e.g., VM scale sets, App Services, IP addresses).
   • Add backend pool: Click to configure a new backend pool.
   • Target type: Select the type of backend resources.
   • Target: Specify the actual backend resources.
   • Health probes: Configure health probes to monitor the health of your backend servers.

6. Configuration Tab:

   • Routing rules: This is where you define how traffic is directed.
   • Add routing rule: Click to create a new rule.
   • Listener: Configure the listener for incoming traffic (protocol, port, hostname, SSL certificate if HTTPS).
   • Backend target: Select the backend pool and HTTP settings to route traffic to.
   • HTTP settings: Configure backend protocol, port, cookie-based affinity, SSL settings, etc.

7. Tags Tab: (Optional) Apply tags for resource management.

8. Review + create: Review all your settings. If validation passes, click Create.

Post-Deployment Configuration

After successful deployment, you can further configure your Application Gateway:

• SSL Certificates: Upload or manage SSL certificates for secure HTTPS traffic.
• Web Application Firewall (WAF): If you chose a WAF SKU, configure WAF policies and rules to protect your applications.
• Autoscaling: Configure autoscaling rules based on traffic patterns.
• Monitoring: Set up diagnostics and alerts for performance and availability.

Example: Basic Deployment with Path-Based Routing

This scenario assumes you have two backend pools, 'AppPool1' and 'AppPool2', and you want to route traffic based on the URL path:

• Requests to /app1/* go to 'AppPool1'.
• Requests to /app2/* go to 'AppPool2'.

You would configure two routing rules:

1. Rule 1:

   • Listener: Port 80, Hostname * (or specific hostname).
   • Backend Target: 'AppPool1'.
   • Path-based routing: Enable, and add a path map.
   • Path Map: Define a path /app1/* to target 'AppPool1'.

2. Rule 2:

   • Listener: Port 80, Hostname * (or specific hostname).
   • Backend Target: 'AppPool2'.
   • Path-based routing: Enable, and add a path map.
   • Path Map: Define a path /app2/* to target 'AppPool2'.

For more detailed information on specific settings, please refer to the official Azure Application Gateway documentation.