Application gateways are scalable and provide high availability. In this video, Sharon shows you how to configure an application gateway for your http/https instance.
- [Instructor] The Azure Application Gateway provides a scalable, and highly available, HTTP and HTTPS load balancing for both your private and public websites. Your HTTP and HTTPS traffic will be processed by the Application Gateway, and then distributed among your web instances. The Application Gateway supports SSL offload, load balancing, and cookie affinity. We're going to explore these in a little bit more detail. Let's start off with load balancing. The Application Gateway uses round-robin load balancing, and the inbound traffic is routed to the back-end.
This back-end could be your virtual machines. It could be web apps, an external IP, or if we're using the classic portal, a cloud service. The Azure Application Gateway also supports SLL offload. The Application Gateway removes decrypting HTTPS traffic from the web servers, therefore, reducing the load on the actual web server itself. The Application Gateway forwards the unencrypted request to the back-end server, and then on the return to the client, the Application Gateway re-encrypts the response.
And finally, the Application Gateway also supports cookie-based session affinity. This means that the client is always directed to the same back-end server. This ensures all the user requests are sent to the same instance during that session. Sometimes you'll hear this being referred to as sticky sessions. Additional features when you leverage the Application Gateway are, end-to-end SSL, URL-based content routing is also supported. This means you can use different servers for different traffic. The Gateway also supports multisite routing, which means you can have up to 20 websites in one Application Gateway.
The Gateway will provide health monitoring, and will not route traffic to an unhealthy server. And finally, the Application Gateway does come with some advance diagnostics. Now that we've covered the basics of Application Gateways, let's go ahead and implement one. As you can see, I've logged into Azure. I happen to be working within my load balancing resource group, and I have two back-end servers called DB1, DB2, and I have three front-end servers called Web1, 2, and 3. Let's go ahead and add in the Application Gateway. To do so, click Add. You're probably going to have to search for it.
Grab the Application Gateway. Select the Application Gateway. One thing I want to point out here, is this second line. Microsoft Azure provides a 99.9% uptime SLA for Application Gateway cloud services having two or more medium or larger instances. Please keep that in mind for your production environments, and to meet SLA. Go ahead and click Create. First of all, you're going to go ahead and provide a name. Next, we're going to go ahead and provide a Tier. We have a Standard, and WAF. WAF enables a web application firewall feature.
This is in preview at the moment. Next, our SKU. Again, remember what we just saw about the SLA. If you would like to meet SLA, you're going to have to configure two of these at the medium size SKU. I'm going to go ahead and select Medium. My Instance Count is two, so I should meet SLA, and the rest of my information is populated for me based on the fact that I've done this within that resource group. Click Ok. Next, we can go ahead and configure the Application Gateway. First, you can choose or create a virtual network. I'm going to go ahead and create a new virtual network. I'm going to go with the name of LoadBalancing, and add in the Subnet Name, just to keep track of this.
And I'm going to leave the default IP addresses. Click Ok. Next, we're going to go ahead and configure our front-end IP. So we can have a public or private IP address. I'm going to go ahead and choose Public, and I do not have an IP address that I can use for this one, so I'm going to go ahead and Create New. I'm going to leave the name the same, and click Ok. Next, your listener configuration. You can choose either HTTP or HTTPS. Keep in mind if you do HTTPS, you are going to have to provide the certificate. For our demonstration, I'm just going to use HTTP, and I can go ahead and upgrade to the web application firewall if I wanted to do so.
Again, for our demonstration today, I'm going to leave it as is, and click Ok. We have a summary. Verify that your settings are correct, and click Ok again. This will take a few moments for the deployment to be provisioned. While we're waiting for that, I'm going to close a few blades. Now that our Application Gateway has been created, we can go ahead and finalize our configuration for it. I'm going to go ahead, and open the blade associated with this Application Gateway. Now we can go ahead and configure the back-end pools. Those will be those web services on the back-end. I'm going to click Add.
I'm going to go ahead and enter a name, and I'm going to add in the IP address of my servers. In this case, it'll be Server. And I would go ahead and add in all the relevant IP addresses that are required, or you can use the fully qualified domain name as well. Click Ok. This will take a moment to save, and there we go. If you need to make any adjustments to your Application Gateway, you can do so through Configurations or HTTP Settings, and that's it. You've now created an Application Gateway.
- Creating an Azure virtual network
- Creating a virtual network using PowerShell
- Deploying a VM into a virtual network
- Modifying IP addresses
- Working with Azure DNS
- Configuring NSGs
- Setting up load balancers
- Configuring Azure load balancers
- Creating an application gateway
- Setting up on-premises connectivity
- Adding gateway VPNs
- Validating VPN devices
- Configuring VNet
- Creating site connections