Azure Application Gateway – Configuring Load Balancing

Azure Application Gateway

Azure Application Gateway is a load balancing service that operates as a Layer 7 load balancer, which means it’s capable of interrogating the source request and directing its destination based on the path. Splitting destinations by path is a common function for web-based load balancing scenarios where resource delivery can be split into different pools and SKU types, which we discussed earlier in the chapter.

The main component to remember about this service is that it’s designed for regional load balancing of web-based services. One of the features of the service is the ability to enable WAF features that are catered to protecting against exploits and vulnerabilities of your web application workloads. Another main benefit of the service is the ability to enable SSL offloading capabilities, which can improve the performance of your web services as the strain is removed from them and delivered by the application gateway directly.

The Application Gateway service offers several features such as:

• Multiple-site hosting: Thisenables several sites to be hosted behind your application gateway, up to a limit of 100 websites. Each of these can be associated with its own backend pool. Sites can be directed based on URL, such as sitea. com and siteb.com, as well as subdomains, such as images.sitea.com and videos.sitea.com.

• Redirection: You can enable the automatic redirection of HTTP-based traffic to HTTPS. Along with this, you have granular control that allows redirects to occur for the whole site, as well as for path-based redirection and applying HTTPS enforcement for only certain paths of your site. You also have the ability to redirect to any other site that may be external to your Azure sites.

• Auto-scale: The service has the ability to auto-scale depending on the requirements.

• Zone-redundancy: The service has zone-redundancy options available to it too, making the service more resilient.

• Session affinity: There are occasions where you require traffic to flow to the same server for a connection with a client. The service relies on cookies to provide session affinity.

• WebSocket and HTTP/2 traffic: Application Gateway has native support for the WebSocket and HTTP/2 protocols. Configuration is simple and you can choose to either enable or disable the feature as required.

• Connection draining: When you are planning for service outages or unplanned failures, you can enable a more graceful removal of services by disabling new requests to specified servers that are to be removed from a backend pool.

• Custom error pages: In the event of an error, you have the capability to deliver your own custom error pages that may contain your own branding and styles.

• Rewrite HTTP headers and URLs: You have the ability to rewrite HTTP headers, which allows you to pass additional information in your requests and responses between the client and server. This enables you to improve your security and governance posture within your application. When rewriting URLs, you can rewrite the hostname, path, and querying string for your request based on the conditions you configure.

Top Tip

The Standard_v2 SKU of Application Gateway requires the use of a static

virtual IP (VIP).

Now that you know about some of the capabilities and features available to the Application Gateway service, we will explore how to configure it.