Table of contents
1.
Introduction
2.
What is Azure Application Gateway
3.
Features of Azure Application Gateway
3.1.
Multi-site Hosting
3.2.
URL Based Routing
3.3.
Autoscaling
3.4.
SSL Termination
3.5.
Connection Draining
4.
Azure Application Gateway Pricing
5.
Azure Application Gateway v2 Architecture
5.1.
Reliability
5.2.
Security
5.3.
Cost Optimization
5.4.
Operational Excellence
5.5.
Performance Efficiency
6.
Features of v2 SKU
6.1.
Autoscaling
6.2.
Zone Redundancy
6.3.
Static VIP
6.4.
Header Rewrite
6.5.
Key Vault Integration
7.
Frequently Asked Questions
7.1.
Is Azure Application Gateway a reverse proxy?
7.2.
What is the difference between Application Gateway and load balancer in Azure?
7.3.
What is Microsoft Azure used for?
7.4.
What does an Application Gateway do?
7.5.
What is WAF service?
8.
Conclusions
Last Updated: Mar 27, 2024

Azure Application Gateway

Introduction

We are all aware of Microsoft Azure; if you don't know, then refer to this Link.

This article will discuss Microsoft Azure Application Gateway and its features. We will also discuss the factors on which the architecture of Azure Application Gateway standard_v2 depends.

At last, we will cover some frequently asked questions related to the azure application gateway.

So without delay, let's start this by knowing what the azure application gateway is.

What is Azure Application Gateway

Azure Application Gateway is a load balancer that helps to manage web application traffic. Azure Application Gateway works on the 7th layer of the OSI Model, unlike the traditional load balancers that work on the 4th layer of the OSI Model. It makes routing decisions based on additional attributes of an HTTP request, such as URI path or host headers.

Azure Application Gateway gives us application-level routing and load balancing services that help us to build a web front end in Azure that is scalable and highly available.

Azure Application Gateway is a beneficial tool for web traffic managers. It works similarly to AWS Application Gateway, wherein we can make routing decisions based on URI or host headers. 

microsoft azure

Features of Azure Application Gateway

Multi-site Hosting

multi-site hosting

We can configure routing based on domain name or hostname for many web applications on the same application gateway. This feature of Azure Application Gateway allows us to configure a more efficient topology for our application by adding up to 100+ websites to one application gateway. Each website can be directed to its backend pool.

URL Based Routing

This feature of Azure Application Gateway allows us to route traffic to the backend server pools based on the URL paths of the request.

One of the situations is to route requests for different content types to other backend server pools.

Autoscaling

Azure Application Gateway standard_v2 supports Autoscaling. The changing traffic load pattern can be scaled up or scaled-down.

It also removes the requirements to choose a deployment or instance count.

SSL Termination

It stands for Secure Sockets Layer Termination. Azure Application Gateway supports this feature at the gateway. SSL Termination allows web servers to escape expensive encryption and decryption overhead. But sometimes, unencrypted communication is not an acceptable option for the servers. This can be because of security or compliance requirements, or the application may only accept a secure connection. For these applications, the application gateway supports end-to-end SSL/TLS encryption.

Connection Draining

connection draining

It helps us to achieve the removal of backend pool members during service updates. All the existing connections to that particular server are kept until all requests are completed to that server. For example, consider a situation where ten servers are in a pool, and any of them is reported as unhealthy or requires a periodic update by the health probe. It helps us remove that particular server.

Azure Application Gateway Pricing

pricing

The price of the application gateway offered by Microsoft has different pricing tiers. Depending on the total usage and the gateway type, the services' cost varies from company to company. There are no upfront fees, or nothing is charged in the name of contract termination fees as the SaaS platform offers the application gateway. Microsoft's terms and conditions provide standard clauses for a pay-as-you-go contract.

Azure Application Gateway v2 Architecture

Azure Application Gateway v2 is the upgraded version of v1. This application Gateway is available under a Standard_v2 SKU. Autoscaling, zone redundancy, support for static VIPs, and many others are offered by the v2 SKU but not by v1 SKU.

v2 architecture

Let us discuss the architecture of the application gateway v2, which depends on the following things.

Reliability

In the world, we all want things to be reliable, so instead of trying to prevent failures, our goal must be to minimize the effects of a single failing component. 

We can achieve our goal by using application Gateway with a Web Application Firewall within a virtual application network to protect inbound HTTP traffic from the Internet.

We can also use health requests to detect backend unavailability.

Security

security

Security is an essential aspect of any architecture as it provides features to employ the principle of least privilege and defense-in-defense. We can use an appropriate DNS server for backend pool resources. We can also use an Azure Key Vault to store TLS certificates. We should ensure security by setting up a TLS policy for enhanced security. We should obey the NSG restrictions for the application gateway.

Cost Optimization

cost optimisation

We all want to save or reduce our costs, so cost optimization looks at ways to reduce unnecessary costs or expenses by improving operational efficiencies. We can do so by reviewing underutilized resources and stopping that application gateway that is not in use. We should follow the scale-in and scale-out policy.

Operational Excellence

Operational excellence is a mindset that holds certain principles and tools to create a culture of excellence within an organization. Monitoring and diagnostics are crucial. It enables diagnostics on Application Gateway and Web Application Firewall. We can measure performance statistics and use metrics to troubleshoot and remediate issues quickly. 

Performance Efficiency

performance efficiency

Performance efficiency is the capability of our workload to scale to efficiently meet the demands placed on it by users. We can check the performance efficiency by defining the minimum and maximum instance count. We should also specify the application gateway subnet size.

Features of v2 SKU

v2 sku

Autoscaling

Autoscaling offers proper elasticity. Application Gateway in the Standard_v2 and WAF_v2 SKU can be operated in both modes, i.e., disabled Autoscaling and enabled Autoscaling. Disabled mode is helpful for situations with consistent and predictable workloads. Autoscaling mode is useful in applications that see the variance in application traffic.

auto-scaling

Zone Redundancy

An Application Gateway can range from multiple Availability Zones. It removes the need for separate Application Gateway instances in each zone with a Traffic Manager. We can select single or multiple zones where Application Gateway instances are deployed, making it more resilient to zone failure. 

Static VIP

static VIP

Application Gateway standard_v2 SKU helps the static VIP type exclusively. The VIP associated with the application gateway doesn't change for the lifecycle even after a restart. 

Header Rewrite

Application Gateway allows us to add, remove, or update HTTP (Hyper Text Transfer Protocol) requests and response headers with v2 SKU. 

Key Vault Integration

integration

Application Gateway standard_v2 supports integration with Key Vault for server certificates attached to HTTPS-enabled listeners.

Frequently Asked Questions

Is Azure Application Gateway a reverse proxy?

Azure Application Gateway is a managed web traffic load balancer and HTTP(S) full reverse proxy that can do Secure Socket Layer (SSL) encryption and decryption.

What is the difference between Application Gateway and load balancer in Azure?

The difference between the Azure Load Balancer works with traffic at Layer 4 of the OSI model, and Application Gateway handles just Layer 7 traffic.

What is Microsoft Azure used for?

Microsoft Azure is Microsoft's public cloud computing platform that provides a range of cloud services, including computing, analytics, storage, and networking.

What does an Application Gateway do?

An app gateway is a security solution that lets users access traditional web applications hosted in corporate data centers and methods they use to access mobile apps and cloud services.

What is WAF service?

It protects your web applications from common web exploits.

Conclusions

This article taught us about the Azure Application Gateway, Standard_v2 SKU, and its feature.

After reading about the Azure Application Gateway, are you not feeling excited to read/explore more articles on various CMS Platforms? Don't worry; Coding Ninjas has you covered. See AzureAzure Queue StorageAzure Traffic Manager, and Azure SQL Database.

Do upvote our blogs if you find them helpful and engaging!

Happy Learning!

 

Thank you from Coding Ninjas

Live masterclass