From time to time we’re going to be deploying applications that require some sort of high-availability. Sometimes they’ll even require disaster recovery… In the on-premises world we’d catch the front-end bit of this by using load balancers.
Turns out that Azure also has a web traffic load balancer, allowing you to manage traffic to web applications. It’s called the Azure Application gateway…
Typical load balancers operate at the layer 4 level (also known as the transport layer) and route traffic based on source IP address and port to a destination IP address and port.
The application gateway allows you to make routing decisions based on these attributes, but also on additional attributes of an HTTP request. You could route traffic based on the incoming URL for example. So you can route traffic to a specific set of servers (or pool) configured for that subset of traffic!
This type of routing is known as application layer load balancing, and it happens on layer 7 of the OSI model.
AG also supports SSL or TLS termination at the gateway, so traffic can flow unencrypted to the back-end servers. This allows your web servers to be unburdened from encryption and decryption overhead. This is not always acceptable, so end-to-end encryption is still supported by Azure Application gateway.
Any Application Gateway or WAF deployment under the Standard V2 (or WAF V2) SKU is going to automatically scale up or down based on changing traffic load patterns. This helps you, as you don’t have to choose a deployment size or instant count when provisioning.
Application gateways can span multiple zones, giving that better fault resilience, as well as removing the need to provision separate application gateways in each zone you’re deploying to.
As long as the application gateway exists, the VIP associated with it will not change. Making your life even easier!
Hosting Multiple sites
You can even configure more than one web site on a single application gateway instance. Up to a 100 web sites can be configured for a single application gateway, increasing the efficiency of your deployment
But wait, there’s more!
You can also configure it to perform redirection, session affinity, websocket, HTTP/2 traffic, Azure kubernetes Service (AKS) Ingress controller, connection draining, rewriting HTTP headers, and even custom error pages.