Microsoft Azure Application Gateway | Step-By-Step Process with REAL-TIME Examples

• In this article you will get
• What’s Azure Application Gateway?
• Azure operation Gateway features
• Secure Sockets Layer( SSL/ TLS) termination
• Access Controller for AKS
• How an operation gateway routes a request?
• What types of logs does Application Gateway give?
• How is Azure Application Gateway used?
• Conclusion

What’s Azure Application Gateway?

Azure operation Gateway is a web business cargo balancer that enables you to manage business on your web operations.Traditional cargo balancers operate at the transport subcaste( OSI Layer 4 – TCP and UDP) and route business to the destination IP address and harborage grounded on the source IP address and harborage.

The operation gateway can make routing opinions grounded on fresh characteristics of the HTTP request, for example the URI path or the host title. For illustration, you can route business grounded on an incoming URL. So if/ images is in the incoming URL, you can route the business to a specific set of waiters( known as a pool) configured for the images.However, that business is routed to another pool optimized for the videotape, If/ videotape is in theURL.Azure provides a suite of completely managed cargo- balancing results for your scripts.

• Still, per- HTTP/ HTTPS requests, or operation- subcaste processing conditions, If you want to perform DNS- grounded global routing and don’t have Transport Layer Security( TLS) protocol termination( “ SSL discharge ”).
• Still, check out Front Door, If you need to optimize the global routing of your web business and optimize top- position end- stoner performance and trustability through accelerated global failover.
• To perform network subcaste cargo balancing, review the cargo balancer. Your entire script can profit from combining these results as demanded. For a comparison of Azure cargo- balancing options, see Overview of cargo- balancing options in Azure.

Azure operation Gateway features

Azure operation Gateway is a web business cargo balancer that enables you to manage business on your web operations.Operation gateway abstract.

Secure Sockets Layer( SSL/ TLS) termination

• Bus scaling
• Field redundancy
• Stationary personality
• Web operation firewall
• Access Controller for AKS
• URL- Grounded Routing
• Multi-site hosting
• Redirection
• Session affinity
• Websockets and HTTP/ 2 business
• Connection drainage
• Custom error runner
• Rewrite HTTP heads and URLs
• Shape

Secure Sockets Layer( SSL/ TLS) termination:

The operation gateway supports SSL/ TLS termination at the gateway, after which the business generally flows unencrypted to the backend garçon. This point allows web waiters to be free of precious encryption and decryption outflow. But occasionally unencrypted communication from the garçon isn’t a respectable option. This may be due to security conditions, compliance conditions, or the operation can only accept a secure connection. For these operations, the operation Gateway supports end- to- end SSL/ TLS encryption.

Bus scaling:

Operation Gateway supportsStandard_v2 auto scaling and can gauge up or down grounded on changing business cargo patterns. Autoscaling also removes the need to choose deployment size or case count during provisioning.

Field redundancy:

AStandard_v2 operation gateway can gauge multiple vacuity zones, furnishing better fault adaptability and barring the need to provision a separate operation gateway in each zone.

Stationary personality:

The operation GatewayStandard_v2 SKU simply supports the stationary personality type. This ensures that the personality attached to the operation gateway doesn’t change over the continuance of the operation gateway.

Web operation firewall:

Web operation Firewall( WAF) is a service that provides centralized protection to your web operations from common exploits and vulnerabilities. WAF is grounded on the OWASP( Open Web operation Security design) core rule set 3.1(WAF_v2 only), rules 3.0 and 2.2.9.

Access Controller for AKS

Operation Gateway Ingress Controller( AGIC) allows you to use operation Gateway as the input for Azure Kubernetes Service( AKS) clusters. The doorway regulator runs as a cover within the AKS cluster and consumes Kubernetes Ingress coffers and converts them into an operation Gateway configuration, which allows the gateway to load- balance the business in the Kubernetes cover. The Access Controller only supports the operation GatewayStandard_v2 andWAF_v2 SKUs.

URL- Grounded Routing:

URL path grounded routing allows you to route business to a back- end garçon pool grounded on the URL paths of the request. One of the scripts is to route requests for different content types to different pools.

Multi-site hosting:

With operation Gateway, you can configure routing grounded on host name or sphere name for multiple web operations on the same operation gateway. It allows you to configure a more effective topology for your deployment by connecting 100 websites to a single operation gateway.For illustration, three disciplines,contoso.com,fabrikam.com, andadatum.com, point to the IP address of the operation gateway. You’ll produce three multi-site listeners and configure each listener for the separate harborage and protocol setting.

Redirection:

A common script for numerous web operations is to support automatic HTTP to HTTPS redirection to ensure that all communication between an operation and its drugs occurs over an translated path.

Session affinity:

The cookie- grounded session affinity point is useful when you want to keep a stoner session on the same garçon. By using gateway- managed eyefuls, the operation gateway can direct posterior business from the stoner session to the same garçon for processing. This is important in cases where the session state is saved locally on the garçon for the stoner session.

Websockets and HTTP/ 2 business:

Operation Gateway provides native support for WebSocket and HTTP/ 2 protocols. There’s no stoner- configurable setting to widely enable or disable WebSocket support.

Custom error runner:

Operation Gateway allows you to produce custom error runners rather than displaying dereliction error runners.

Rewrite HTTP heads and URLs:

HTTP heads allow the customer and garçon to pass fresh information along with the request or response. Rewriting these HTTP heads helps you meet a number of important scripts, similar as.

Shape:

Operation GatewayStandard_v2 can be configured for bus scaling or fixed- size deployment. The V2 SKU doesn’t give different case sizes. For further information on v2’s performance and pricing, see Understanding Autoscaling v2 and Pricing. Operation Gateway Standard( v1) is offered in three sizes: small, medium and large. Small illustration sizes are intended for development and testing.

How an operation gateway accepts a request?

Azure DNS returns the IP address to the customer, which is the frontend IP address of the operation gateway. The operation gateway intercepts incoming business on one or further listeners. A listener is a logical reality that examines connection requests. It’s configured with the frontend IP address, protocol and harborage number for the connection from the customer to the operation gateway.

Azure operation Gateway can be used as an internal operation cargo balancer or as an Internet- facing operation cargo balancer. An Internet- facing operation gateway uses a public IP address. The DNS name of an Internet- facing operation gateway is intimately soluble to its public IP address. As a result, Internet- facing operation gateways can route customer requests to and from the Internet.

Internal operation gateways only use private IPaddresses.However, the sphere name must be internally soluble to the operation gateway’s private IP address, If you’re using a custom or private DNS zone. Thus, internal cargo- balancers can only route requests from guests with access to the virtual network to the operation gateway.

Operation Gateway provides three logs

ApplicationGatewayAccessLog The access log contains each request submitted to the operation Gateway frontend. Data includes the frequenter’s IP, requested URL, response quiescence, return law, and bytes in and out. It has one record per operation gateway. Operation gateway performance log The performance log captures the performance information for each operation gateway. Information includes outturn in bytes, total requests served, failed request figures, and healthy and unhealthy backend case counts.

Operation gateway firewall log For the operation gateway you have configured with WAF, the firewall log contains requests that are logged either through discovery mode or forestallment mode.All logs are collected every 60 seconds. For further information, see Backend health, diagnostics logs and criteria for operation Gateway.

How is Azure Application Gateway used?

• It primarily provides a complete, pall grounded, secure and scalable cargo balancing result for web operations and services.
• Deliver and manage cargo balancing results for websites, web operations or Internet grounded services.
• Give cargo balancing for internal web enabled/ powered services.
• Give cookie grounded session affinity service.
• Enable SSL Offloading service which removes the encryption/ decryption burden from the primary web garçon.

Conclusion

Azure operation Gateway is a web business cargo balancer that enables us to manage business to your web operations. Generally a business cargo balancer, the transport subcaste uses TCP( Transmission Control Protocol) and UDP( stoner Datagram Protocol) to route druggies ’ requests( business) grounded on the source IP and harborage to destination.

On top of this Azure operation Gateway has an added advantage, like we can route the request grounded on fresh parameters like HTTP request and its URI path. This type of routing is known as operation Subcaste( OSI Layer 7) cargo balancing.Azure operation Gateway supports SSL/ TLS termination on the gateway. This allows for the fresh outflow of encryption and an indispensable option for decryption of the request. Still, it isn’t recommended if we’re enforcing a secure operation.