Azure-Advanced-Networking

M05-Unit 4 Deploy Azure Application Gateway

In this exercise, you use the Azure portal to create an application gateway. Then you test it to make sure it works correctly.

Estimated time: 25 minutes

The application gateway directs application web traffic to specific resources in a backend pool. You assign listeners to ports, create rules, and add resources to a backend pool. For the sake of simplicity, this article uses a simple setup with a public front-end IP, a basic listener to host a single site on the application gateway, a basic request routing rule, and two virtual machines in the backend pool.

For Azure to communicate between the resources that you create, it needs a virtual network. You can either create a new virtual network or use an existing one. In this example, you’ll create a new virtual network while you create the application gateway. Application Gateway instances are created in separate subnets. You create two subnets in this example: one for the application gateway, and another for the backend servers.

In this exercise, you will:

Task 1: Create an application gateway

  1. Sign in to the Azure portal with your Azure account.

  2. On any Azure Portal page, in Search resources, services and docs (G+/), enter application gateway, and then select Application gateways from the results. Azure Portal search for application gateway

  3. On the Application gateways page, select + Create.

  4. On the Create application gateway Basics tab, enter, or select the following information: Leave other settings at their default settings.

    Setting Value
    Subscription Select your subscription.
    Resource group Select Create new Name: ContosoResourceGroup
    Application Gateway name ContosoAppGateway
    Region Select East US
    Virtual Network Select Create new

  5. On the Create virtual network blade, enter, or select the following information:

    Setting Value
    Name ContosoVNet
    ADDRESS SPACE  
    Address range 10.0.0.0/16
    SUBNETS  
    Subnet name Change default to AGSubnet
    Address range 10.0.0.0/24

  6. Select OK to return to the Create application gateway Basics tab.

  7. Accept the default values for the other settings and then select Next: Frontends.

  8. On the Frontends tab, verify Frontend IP address type is set to Public.

  9. Select Add new for the Public IP address and enter AGPublicIPAddress for the public IP address name, and then select OK.

  10. Select Next: Backends.

  11. On the Backends tab, select Add a backend pool.

  12. On the Add a backend pool window that opens, enter the following values to create an empty backend pool:

    Setting Value
    Name BackendPool
    Add backend pool without targets Yes

  13. On the Add a backend pool window, select Add to save the backend pool configuration and return to the Backends tab.

  14. On the Backends tab, select Next: Configuration.

  15. On the Configuration tab, you’ll connect the frontend and backend pool you created using a routing rule.

  16. On the Routing rules column, select Add a routing rule.

  17. On the Add a routing rule blade, enter the following information:

    Setting Value
    Rule name RoutingRule
    Priority 100

  18. On the Listener tab, enter or select the following information:

    Setting Value
    Listener name Listener
    Frontend IP Select Public

  19. Accept the default values for the other settings on the Listener tab.

    Azure Portal add an Application Gateway routing rule

  20. Select the Backend targets tab to configure the rest of the routing rule.

  21. On the Backend targets tab, enter or select the following information:

    Setting Value
    Target type Backend pool
    Backend Target (drop down list) Select BackendPool
    Backend Settings Add new

  22. In Add Backend Setting, enter or select the following information:

    Setting Value
    Backend setting name HTTPSetting
    Backend port 80

  23. Accept the default values for the other settings in the Add a Backend Setting window, then select Add to return to Add a routing rule.

  24. Select Add to save the routing rule and return to the Configuration tab of the Create application gateway blade.

  25. Select Next: Tags and then Next: Review + create.

  26. Wait for validation to complete.

  27. Select Create to create the virtual network, the public IP address, and the application gateway.

It may take several minutes for Azure to create the application gateway. Wait until the deployment finishes successfully before moving on to the next section.

Task 2: Add an additional subnet to the ContosoVnet Virtual Network.

  1. On any Azure Portal page, in Search resources, services and docs (G+/), enter virtual networks, and then select Virtual networks from the results.

  2. In the Virtual networks blade: Select ContosoVnet

  3. In the ContosoVnet blade, in the menu under Settings: Select Subnets

  4. Select + Subnet

  5. On the Add subnet blade: enter the following information: Accept all other default settings.

    Setting Value
    Name BackendSubnet
    Subnet address range 10.0.1.0/24

  6. Click Save.

Wait for the deployment to complete before moving on to the next task.

Task 3: Create virtual machines

  1. On the Azure portal, open the PowerShell session within the Cloud Shell pane.

  2. On the toolbar of the Cloud Shell pane, select the Upload/Download files icon, in the drop-down menu, select Upload and upload the following files backend.json and backend.parameters.json into the Cloud Shell home directory one by one from the source folder F:\Allfiles\Exercises\M05.

  3. Deploy the following ARM templates to create the VMs needed for this exercise:

    $RGName = "ContosoResourceGroup"
   
New-AzResourceGroupDeployment -ResourceGroupName $RGName -TemplateFile backend.json -TemplateParameterFile backend.parameters.json

  4. When prompted for the adminpassword: enter Pa55w.rd1234?? where (??) means add your initials.

  5. When the deployment is complete, (Can take up to 10 mins to complete) close Cloud Shell

  6. Go to the Azure portal home page, and then select Virtual Machines.

  7. Verify that both virtual machines have been created.

Task 4: Add backend servers to backend pool

  1. On the Azure portal menu, select All resources or search for and select All resources. Then select ContosoAppGateway.

  2. Under Settings, select Backend pools.

  3. Select BackendPool.

  4. On the Edit backend pool page, under Backend targets, in Target type, select Virtual machine.

  5. Under Target, select BackendVM1.

  6. On Target type, select Virtual machine.

  7. Under Target, select BackendVM2.

    Azure Portal add target backends to backend pool

  8. Select Save.

Wait for the deployment to complete before proceeding to the next step.

Task 5: Test the application gateway

Although IIS isn’t required to create the application gateway, you installed it in this exercise to verify if Azure successfully created the application gateway.

Use IIS to test the application gateway:

  1. Find the public IP address for the application gateway on its Overview page.

    Azure Portal look up Frontend Public IP address

  2. Copy the public IP address, and then paste it into the address bar of your browser to browse that IP address.

  3. Check the response. A valid response verifies that the application gateway was successfully created and can successfully connect with the backend.

    Broswer - display BackendVM1 or BackendVM2 depending which backend server reponds to request.

  4. Refresh the browser multiple times and you should see connections to both BackendVM1 and BackendVM2.

Congratulations! You have configured and tested an Azure Application Gateway.