Rajnish, MCT

Rajnish Kumar Jha, MCT: DevOps, Azure, Microsoft Certified Trainer

DevOps, Cloud, Azure resources & blog

You are here :► Rajnish Kumar Jha, MCT: DevOps, Azure, Microsoft Certified TrainerBlogAzure Virtual NetworksLearn to configure Azure Gateway components – Listeners, Health Probes, Routing Rules

Learn to configure Azure Gateway components – Listeners, Health Probes, Routing Rules

Written by

Rajnish Kumar Jha

/

Under the topic

/

Dated:

Table Of Content

To configure Azure Application Gateway components such as listeners, health probes, and routing rules, you can use the Azure Portal, Azure CLI, or ARM templates.

Below is a detailed guide on how to configure each of these components using Azure CLI.

1. Listeners

Listeners define how the Application Gateway handles incoming traffic based on the protocol (HTTP or HTTPS).

They are associated with a frontend IP address and a specific port.

a. Create an HTTP Listener

  • MyPublicIP: The public IP to associate with the listener.

  • MyHttpListener: The name of the listener.

  • frontend-port 80: The port to listen on (e.g., 80 for HTTP).

b. Create an HTTPS Listener

For SSL termination, you'll need to provide an SSL certificate.

  • --ssl-cert MySslCertificate: Specify the SSL certificate name (either stored in Azure Key Vault or uploaded manually).

Health Probes

Health probes are used to monitor the health of backend servers (or pools) to determine whether traffic should be forwarded to them.

Probes can use HTTP, HTTPS, or TCP protocols.

a. Create an HTTP Health Probe

  • --protocol Http: Set the protocol for the probe (can also be Https or Tcp).

  • --host: The host to check (usually the domain name or IP of the backend server).

  • --path: The URL path to check (e.g., /health for health checks).

  • --interval 30: The probe interval in seconds.

  • --timeout 20: The time in seconds before the probe times out.

  • --unhealthy-threshold 3: The number of consecutive failed probes before marking the backend as unhealthy.

b. Create an HTTPS Health Probe (Optional)

  • Use Https for encrypted probes if your backend supports HTTPS health checks.

Routing Rules

Routing rules define how traffic should be directed to backend pools based on URL paths or hostnames.

These rules are applied to listeners.

a. Basic Routing

Basic routing means routing all traffic from a listener to a single backend pool.

  • MyBackendPool: The backend pool to which traffic is forwarded.

  • MyHttpSettings: HTTP settings to configure how traffic is forwarded (e.g., port, protocol).

b. Path-Based Routing

Path-based routing allows traffic to be forwarded to different backend pools based on the URL path.

  • --paths "/api/*": Routes requests with /api/* to the ApiBackendPool.

  • ApiBackendPool: The backend pool for API services.

  • ApiHttpSettings: The HTTP settings associated with the API backend pool.

c. Multi-Site Routing

Multi-site routing allows different domains or hostnames to direct traffic to different backend pools.

  • --hosts "site1.example.com": Routes requests to site1.example.com to the Site1BackendPool.

You can also configure routing rules based on the hostname and path together, such as routing site1.example.com/api/* to a specific backend.

4. Combining Health Probes and Routing Rules

In a production environment, you should associate health probes with backend pools to ensure that traffic is only routed to healthy servers.

a. Associating Health Probes with Backend Pools

You can create or update a backend pool and associate the health probe with it.

  • --probe MyHttpProbe: Associates the health probe (MyHttpProbe) with the backend pool (MyBackendPool).

Example: Full Deployment with Listeners, Health Probes, and Routing Rules

This example sets up an Azure Application Gateway with:

  1. HTTP and HTTPS listeners.

  2. Health probes for backend monitoring.

  3. Path-based routing to route API traffic to a separate backend pool.

Final Configuration

After you have configured listeners, health probes, and routing rules, it's important to:

  • Monitor the Application Gateway using Azure Monitor for traffic insights.

  • Test the routing by accessing the gateway’s public IP or DNS name with different paths (e.g., /api/* or /images/*).

  • Scale the Application Gateway if needed (v2 allows automatic scaling based on traffic).

Write in comment and let me know if you need further assistance with any specific part of the configuration.

 

Related Articles

Learning IP flow verify diagnostics in Azure Network Watcher

Learning IP flow verify diagnostics in Azure Ne…

IP Flow Verify is a diagnostic tool in Azure Network Wa…

What is DNS and how does DNS work

What is DNS and how does DNS work

What is DNS? DNS (Domain Name System) is a foundational…

How to implement Service Endpoints in Azure

How to implement Service Endpoints in Azure

To implement Service Endpoints in Azure, follow these s…

Private and Public IP addresses in Azure – Features and Use-cases

Private and Public IP addresses in Azure &#8211…

In Azure, IP addresses play a crucial role in the confi…

Tags attached to this Post

About the Author

Rajnish Kumar Jha

MCT, MCSA, MCSE, MCAD, MCPD, MCTS, MCSD

My name is Rajnish Kumar Jha. I am Technical architect on Azure Cloud and .NET since 21+ years. I’ve worked for pioneer companies and as freelance trainer/consultant helping my clients to achieve their IT goals.

I find blogging, a great way to share back what I’ve learned all through my professional journey. You are welcome to connect or share feedback/suggestion here or through an email.

Featured Courses

Learn Azure DevOps from Scratch for Free

Rajnish Kumar Jha

MCT, MCSA, MCSE, MCAD, MCPD, MCTS, MCSD

My name is Rajnish Kumar Jha. I am Technical architect on Azure Cloud and .NET since 21+ years. I’ve worked for pioneer companies and as freelance trainer/consultant helping my clients to achieve their IT goals.

I find blogging, a great way to share back what I’ve learned all through my professional journey. You are welcome to connect or share feedback/suggestion here or through an email.

My MCT card (Microsoft)

My Certifications

Rajnish, MCT

Popular Posts

Popular TAGS

AZ-104 (41) Azure (41) Azure Administration (41) Azure ARM Template (2) Azure Bicep (2) Azure Policy (2) Azure RBAC (4) Azure Solution Expert (41) Cloud (41) Cloud Administration (41) Microsoft Azure (41) Microsoft Entra (11)

Popular Category

Azure Backup (29) Azure Compute (63) Azure DevOps (351) Azure Fundamentals (14) Azure Governance (12) Azure Identity (14) Azure Monitoring (40) Azure Storage (51) Azure Virtual Networks (48)

Table Of Content

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Stay Connected

Unlock the full potential of Azure Cloud with me
– Your trusted guide to Azure mastery!

SUBSCRIBE

My newsletter for exclusive content and offers. Type email and hit Enter.

No spam ever. Unsubscribe anytime.
Read the Privacy Policy.

Follow me on social media

Stay ahead of the curve
with the latest Azure tips, trends, and updates.

LinkedIn -|- GitHub -|- YouTube -|- Facebook -|- Twitter-|- Pinterest -|- Instagram