| title | description | services | author | manager | ms.service | ms.topic | ms.workload | ms.date | ms.author | ms.custom |
|---|---|---|---|---|---|---|---|---|---|---|
Route web traffic based on the URL - Azure PowerShell |
Learn how to route web traffic based on the URL to specific scalable pools of servers using Azure PowerShell. |
application-gateway |
vhorne |
jpconnock |
application-gateway |
tutorial |
infrastructure-services |
10/25/2018 |
victorh |
mvc |
You can use Azure PowerShell to configure web traffic routing to specific scalable server pools based on the URL that is used to access your application. In this tutorial, you create an Azure Application Gateway with three backend pools using Virtual Machine Scale Sets. Each of the backend pools serves a specific purpose such as, common data, images, and video. Routing traffic to separate pools ensures that your customers get the information that they need when they need it.
To enable traffic routing, you create routing rules assigned to listeners that listen on specific ports to ensure web traffic arrives at the appropriate servers in the pools.
In this tutorial, you learn how to:
[!div class="checklist"]
- Set up the network
- Create listeners, URL path map, and rules
- Create scalable backend pools
If you prefer, you can complete this tutorial using Azure CLI or the Azure portal.
If you don't have an Azure subscription, create a free account before you begin.
[!INCLUDE cloud-shell-powershell.md]
If you choose to install and use the PowerShell locally, this tutorial requires the Azure PowerShell module version 3.6 or later. To find the version, run Get-Module -ListAvailable AzureRM . If you need to upgrade, see Install Azure PowerShell module. If you are running PowerShell locally, you also need to run Login-AzureRmAccount to create a connection with Azure.
Because of the time needed to create resources, it can take up to 90 minutes to complete this tutorial.
You need to create a resource group that contains all of the resources for your application.
Create an Azure resource group using New-AzureRmResourceGroup.
New-AzureRmResourceGroup -Name myResourceGroupAG -Location eastus
Whether you have an existing virtual network or create a new one, you need to make sure that it contains a subnet that is only used for application gateways. In this tutorial, you create a subnet for the application gateway and a subnet for the scale sets. You create a public IP address to enable access to the resources in the application gateway.
Create the subnet configurations myAGSubnet and myBackendSubnet using New-AzureRmVirtualNetworkSubnetConfig. Create the virtual network named myVNet using New-AzureRmVirtualNetwork with the subnet configurations. And finally, create the public IP address named myAGPublicIPAddress using New-AzureRmPublicIpAddress. These resources are used to provide network connectivity to the application gateway and its associated resources.
$backendSubnetConfig = New-AzureRmVirtualNetworkSubnetConfig `
-Name myBackendSubnet `
-AddressPrefix 10.0.1.0/24
$agSubnetConfig = New-AzureRmVirtualNetworkSubnetConfig `
-Name myAGSubnet `
-AddressPrefix 10.0.2.0/24
$vnet = New-AzureRmVirtualNetwork `
-ResourceGroupName myResourceGroupAG `
-Location eastus `
-Name myVNet `
-AddressPrefix 10.0.0.0/16 `
-Subnet $backendSubnetConfig, $agSubnetConfig
$pip = New-AzureRmPublicIpAddress `
-ResourceGroupName myResourceGroupAG `
-Location eastus `
-Name myAGPublicIPAddress `
-AllocationMethod Dynamic
In this section you create resources that support the application gateway, and then finally create it. The resources that you create include:
- IP configurations and frontend port - Associates the subnet that you previously created to the application gateway and assigns a port to use to access it.
- Default pool - All application gateways must have at least one backend pool of servers.
- Default listener and rule - The default listener listens for traffic on the port that was assigned and the default rule sends traffic to the default pool.
Associate myAGSubnet that you previously created to the application gateway using New-AzureRmApplicationGatewayIPConfiguration. Assign myAGPublicIPAddress to the application gateway using New-AzureRmApplicationGatewayFrontendIPConfig.
$vnet = Get-AzureRmVirtualNetwork `
-ResourceGroupName myResourceGroupAG `
-Name myVNet
$subnet=$vnet.Subnets[0]
$pip = Get-AzureRmPublicIpAddress `
-ResourceGroupName myResourceGroupAG `
-Name myAGPublicIPAddress
$gipconfig = New-AzureRmApplicationGatewayIPConfiguration `
-Name myAGIPConfig `
-Subnet $subnet
$fipconfig = New-AzureRmApplicationGatewayFrontendIPConfig `
-Name myAGFrontendIPConfig `
-PublicIPAddress $pip
$frontendport = New-AzureRmApplicationGatewayFrontendPort `
-Name myFrontendPort `
-Port 80
Create the default backend pool named appGatewayBackendPool for the application gateway using New-AzureRmApplicationGatewayBackendAddressPool. Configure the settings for the backend pool using New-AzureRmApplicationGatewayBackendHttpSettings.
$defaultPool = New-AzureRmApplicationGatewayBackendAddressPool `
-Name appGatewayBackendPool
$poolSettings = New-AzureRmApplicationGatewayBackendHttpSettings `
-Name myPoolSettings `
-Port 80 `
-Protocol Http `
-CookieBasedAffinity Enabled `
-RequestTimeout 120
A listener is required to enable the application gateway to route traffic appropriately to the backend pool. In this tutorial, you create two listeners. The first basic listener that you create listens for traffic at the root URL. The second listener that you create listens for traffic at specific URLs.
Create the default listener named myDefaultListener using New-AzureRmApplicationGatewayHttpListener with the frontend configuration and frontend port that you previously created.
A rule is required for the listener to know which backend pool to use for incoming traffic. Create a basic rule named rule1 using New-AzureRmApplicationGatewayRequestRoutingRule.
$defaultlistener = New-AzureRmApplicationGatewayHttpListener `
-Name myDefaultListener `
-Protocol Http `
-FrontendIPConfiguration $fipconfig `
-FrontendPort $frontendport
$frontendRule = New-AzureRmApplicationGatewayRequestRoutingRule `
-Name rule1 `
-RuleType Basic `
-HttpListener $defaultlistener `
-BackendAddressPool $defaultPool `
-BackendHttpSettings $poolSettings
Now that you created the necessary supporting resources, specify parameters for the application gateway named myAppGateway using New-AzureRmApplicationGatewaySku, and then create it using New-AzureRmApplicationGateway.
$sku = New-AzureRmApplicationGatewaySku `
-Name Standard_Medium `
-Tier Standard `
-Capacity 2
$appgw = New-AzureRmApplicationGateway `
-Name myAppGateway `
-ResourceGroupName myResourceGroupAG `
-Location eastus `
-BackendAddressPools $defaultPool `
-BackendHttpSettingsCollection $poolSettings `
-FrontendIpConfigurations $fipconfig `
-GatewayIpConfigurations $gipconfig `
-FrontendPorts $frontendport `
-HttpListeners $defaultlistener `
-RequestRoutingRules $frontendRule `
-Sku $sku
It may take up to 30 minutes for the application gateway to be created, wait until the deployment finishes successfully before moving on to the next section. At this point in the tutorial, you have an application gateway that is listening for traffic on port 80 and sends that traffic to a default pool of servers.
Add backend pools named imagesBackendPool and videoBackendPool to your application gatewayAdd-AzureRmApplicationGatewayBackendAddressPool. Add the frontend port for the pools using Add-AzureRmApplicationGatewayFrontendPort. Submit the changes to the application gateway using Set-AzureRmApplicationGateway.
$appgw = Get-AzureRmApplicationGateway `
-ResourceGroupName myResourceGroupAG `
-Name myAppGateway
Add-AzureRmApplicationGatewayBackendAddressPool `
-ApplicationGateway $appgw `
-Name imagesBackendPool
Add-AzureRmApplicationGatewayBackendAddressPool `
-ApplicationGateway $appgw `
-Name videoBackendPool
Add-AzureRmApplicationGatewayFrontendPort `
-ApplicationGateway $appgw `
-Name bport `
-Port 8080
Set-AzureRmApplicationGateway -ApplicationGateway $appgw
Updating the application gateway can also take up to 20 minutes to finish.
Add the backend listener named backendListener that's needed to route traffic using Add-AzureRmApplicationGatewayHttpListener.
$appgw = Get-AzureRmApplicationGateway `
-ResourceGroupName myResourceGroupAG `
-Name myAppGateway
$backendPort = Get-AzureRmApplicationGatewayFrontendPort `
-ApplicationGateway $appgw `
-Name bport
$fipconfig = Get-AzureRmApplicationGatewayFrontendIPConfig `
-ApplicationGateway $appgw
Add-AzureRmApplicationGatewayHttpListener `
-ApplicationGateway $appgw `
-Name backendListener `
-Protocol Http `
-FrontendIPConfiguration $fipconfig `
-FrontendPort $backendPort
Set-AzureRmApplicationGateway -ApplicationGateway $appgw
URL path maps make sure that the URLs sent to your application are routed to specific backend pools. Create URL path maps named imagePathRule and videoPathRule using New-AzureRmApplicationGatewayPathRuleConfig and Add-AzureRmApplicationGatewayUrlPathMapConfig.
$appgw = Get-AzureRmApplicationGateway `
-ResourceGroupName myResourceGroupAG `
-Name myAppGateway
$poolSettings = Get-AzureRmApplicationGatewayBackendHttpSettings `
-ApplicationGateway $appgw `
-Name myPoolSettings
$imagePool = Get-AzureRmApplicationGatewayBackendAddressPool `
-ApplicationGateway $appgw `
-Name imagesBackendPool
$videoPool = Get-AzureRmApplicationGatewayBackendAddressPool `
-ApplicationGateway $appgw `
-Name videoBackendPool
$defaultPool = Get-AzureRmApplicationGatewayBackendAddressPool `
-ApplicationGateway $appgw `
-Name appGatewayBackendPool
$imagePathRule = New-AzureRmApplicationGatewayPathRuleConfig `
-Name imagePathRule `
-Paths "/images/*" `
-BackendAddressPool $imagePool `
-BackendHttpSettings $poolSettings
$videoPathRule = New-AzureRmApplicationGatewayPathRuleConfig `
-Name videoPathRule `
-Paths "/video/*" `
-BackendAddressPool $videoPool `
-BackendHttpSettings $poolSettings
Add-AzureRmApplicationGatewayUrlPathMapConfig `
-ApplicationGateway $appgw `
-Name urlpathmap `
-PathRules $imagePathRule, $videoPathRule `
-DefaultBackendAddressPool $defaultPool `
-DefaultBackendHttpSettings $poolSettings
Set-AzureRmApplicationGateway -ApplicationGateway $appgw
The routing rule associates the URL map with the listener that you created. Add the rule named rule2 using Add-AzureRmApplicationGatewayRequestRoutingRule.
$appgw = Get-AzureRmApplicationGateway `
-ResourceGroupName myResourceGroupAG `
-Name myAppGateway
$backendlistener = Get-AzureRmApplicationGatewayHttpListener `
-ApplicationGateway $appgw `
-Name backendListener
$urlPathMap = Get-AzureRmApplicationGatewayUrlPathMapConfig `
-ApplicationGateway $appgw `
-Name urlpathmap
Add-AzureRmApplicationGatewayRequestRoutingRule `
-ApplicationGateway $appgw `
-Name rule2 `
-RuleType PathBasedRouting `
-HttpListener $backendlistener `
-UrlPathMap $urlPathMap
Set-AzureRmApplicationGateway -ApplicationGateway $appgw
In this example, you create three virtual machine scale sets that support the three backend pools that you created. The scale sets that you create are named myvmss1, myvmss2, and myvmss3. You assign the scale set to the backend pool when you configure the IP settings.
$vnet = Get-AzureRmVirtualNetwork `
-ResourceGroupName myResourceGroupAG `
-Name myVNet
$appgw = Get-AzureRmApplicationGateway `
-ResourceGroupName myResourceGroupAG `
-Name myAppGateway
$backendPool = Get-AzureRmApplicationGatewayBackendAddressPool `
-Name appGatewayBackendPool `
-ApplicationGateway $appgw
$imagesPool = Get-AzureRmApplicationGatewayBackendAddressPool `
-Name imagesBackendPool `
-ApplicationGateway $appgw
$videoPool = Get-AzureRmApplicationGatewayBackendAddressPool `
-Name videoBackendPool `
-ApplicationGateway $appgw
for ($i=1; $i -le 3; $i++)
{
if ($i -eq 1)
{
$poolId = $backendPool.Id
}
if ($i -eq 2)
{
$poolId = $imagesPool.Id
}
if ($i -eq 3)
{
$poolId = $videoPool.Id
}
$ipConfig = New-AzureRmVmssIpConfig `
-Name myVmssIPConfig$i `
-SubnetId $vnet.Subnets[1].Id `
-ApplicationGatewayBackendAddressPoolsId $poolId
$vmssConfig = New-AzureRmVmssConfig `
-Location eastus `
-SkuCapacity 2 `
-SkuName Standard_DS2 `
-UpgradePolicyMode Automatic
Set-AzureRmVmssStorageProfile $vmssConfig `
-ImageReferencePublisher MicrosoftWindowsServer `
-ImageReferenceOffer WindowsServer `
-ImageReferenceSku 2016-Datacenter `
-ImageReferenceVersion latest
-OsDiskCreateOption FromImage
Set-AzureRmVmssOsProfile $vmssConfig `
-AdminUsername azureuser `
-AdminPassword "Azure123456!" `
-ComputerNamePrefix myvmss$i
Add-AzureRmVmssNetworkInterfaceConfiguration `
-VirtualMachineScaleSet $vmssConfig `
-Name myVmssNetConfig$i `
-Primary $true `
-IPConfiguration $ipConfig
New-AzureRmVmss `
-ResourceGroupName myResourceGroupAG `
-Name myvmss$i `
-VirtualMachineScaleSet $vmssConfig
}
Each scale set contains two virtual machine instances on which you install IIS, which runs a sample page to test whether the application gateway is working.
$publicSettings = @{ "fileUris" = (,"https://raw.githubusercontent.com/Azure/azure-docs-powershell-samples/master/application-gateway/iis/appgatewayurl.ps1");
"commandToExecute" = "powershell -ExecutionPolicy Unrestricted -File appgatewayurl.ps1" }
for ($i=1; $i -le 3; $i++)
{
$vmss = Get-AzureRmVmss -ResourceGroupName myResourceGroupAG -VMScaleSetName myvmss$i
Add-AzureRmVmssExtension -VirtualMachineScaleSet $vmss `
-Name "customScript" `
-Publisher "Microsoft.Compute" `
-Type "CustomScriptExtension" `
-TypeHandlerVersion 1.8 `
-Setting $publicSettings
Update-AzureRmVmss `
-ResourceGroupName myResourceGroupAG `
-Name myvmss$i `
-VirtualMachineScaleSet $vmss
}
Use Get-AzureRmPublicIPAddress to get the public IP address of the application gateway. Copy the public IP address, and then paste it into the address bar of your browser. Such as, http://52.168.55.24, http://52.168.55.24:8080/images/test.htm, or http://52.168.55.24:8080/video/test.htm.
Get-AzureRmPublicIPAddress -ResourceGroupName myResourceGroupAG -Name myAGPublicIPAddress
Change the URL to http://<ip-address>:8080/images/test.htm, substituting your IP address for <ip-address>, and you should see something like the following example:
Change the URL to http://<ip-address>:8080/video/test.htm, substituting your IP address for <ip-address>, and you should see something like the following example:
When no longer needed, remove the resource group, application gateway, and all related resources using Remove-AzureRmResourceGroup.
Remove-AzureRmResourceGroup -Name myResourceGroupAG
In this tutorial, you learned how to:
[!div class="checklist"]
- Set up the network
- Create listeners, URL path map, and rules
- Create scalable backend pools
[!div class="nextstepaction"] Redirect web traffic based on the URL