Azure Application Gateway
Azure Application Gateway is a cloud-based web traffic load balancer that operates at the application layer (OSI Layer 7) and routes traffic based on HTTP request attributes.
Key features of Azure Application Gateway include:
SSL/TLS termination: Traffic is encrypted/decrypted at the gateway. Internal server communication is unencrypted, which reduces the computational load and simplifies traffic inspection, logging, and manipulation.
Autoscaling: Can scale up or down based on the current traffic load.
Zone redundancy: Spanning across multiple availability zone.
Static VIP: Exclusively supports a static VIP, ensuring that it remains unchanged throughout the lifetime of the application gateway.
Web Application Firewall (WAF): Protects web applications from common exploits and vulnerabilities, such as XSS, SQL injection, and others.
Ingress Controller for AKS: Enables you to use Application Gateway as the ingress for an Azure Kubernetes Service (AKS) cluster.
URL-based routing: Allows you to direct traffic to different backend server pools based on the URL paths of requests.
Multiple-site hosting: Provides the capability to direct each site to its own backend pool based on host name or domain name. Supports adding over 100 websites to a single application gateway.
Redirection: This is a generic redirection mechanism that supports redirecting from and to any port you define using rules, as well as HTTP to HTTPS redirection and rerouting to external sites.
Session affinity: This is a cookie-based sticky session implementation that directs traffic to the same server using gateway-managed cookies.
Websocket and HTTP/2 traffic: Provides native support for WebSocket and HTTP/2 protocols to enable bidirectional communication between a server and a client over a long-running TCP connection.
Connection draining: Ensures the smooth withdrawal of backend pool members in cases of manual removal by the user, health issues, or scale-in operations, while allowing existing requests to complete within a configured time limit.
Custom error pages: Supports user-defined designs of error pages with personalized branding and layout.
Rewrite HTTP headers and URL: Rewrite HTTP headers and URLs: Allows you to modify HTTP headers and URLs on the fly during client-server communication. Additionally, it provides the ability to set conditions for rewriting based on request and response information.