Azure Load Balancer and Application Gateway

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
3 hours 51 minutes
Difficulty
Beginner
CEU/CPE
4
Video Transcription
00:00
>> Welcome back to Microsoft Azure Fundamentals.
00:00
This is module 8, Azure Networking Services.
00:00
In this module, we'll learn about what
00:00
Azure Virtual Networks are and how
00:00
you can use them in your application designs.
00:00
How to provide high availability and
00:00
resiliency using Azure Load Balancers and
00:00
Application Gateway and how to reduce latency
00:00
for your global customers using Azure Traffic Manager.
00:00
We will also discuss a few of
00:00
the networking concepts like sub-nets and
00:00
DNS and how you can use them in Azure. Let's get started.
00:00
In this video, we'll take
00:00
a look at two more network services in
00:00
Azure that allow you to
00:00
deploy highly available applications,
00:00
Load Balancer and Application Gateway.
00:00
We've talked about availability and resiliency before.
00:00
In our video about SLAs,
00:00
we discussed how you can increase the availability of
00:00
your application by adding
00:00
an additional VM to serve web requests.
00:00
How do you configure those two VMs to respond to
00:00
the user's requests without
00:00
the user knowing anything about them?
00:00
You use a device called a Load Balancer.
00:00
A Load Balancer is a device that distributes
00:00
the traffic between systems in a pool or cluster.
00:00
In our particular case,
00:00
we have two identical web servers and use
00:00
the Load Balancer to distribute the traffic between them.
00:00
This is very helpful
00:00
because if one of the machines fails,
00:00
the other one can continue to
00:00
serve the traffic to the users.
00:00
You can have as many machines
00:00
as you want behind a Load Balancer.
00:00
They don't even have to be identical.
00:00
Although having identical machines is
00:00
the most common approach as we
00:00
saw when we discussed the VM scale sets.
00:00
There are also different algorithms
00:00
to distribute the traffic.
00:00
But the one that you'll see most
00:00
often is called round robin,
00:00
where each new request is
00:00
sent to the next machine in the pool.
00:00
Then once all the machines are iterated,
00:00
the request is sent to the first one in
00:00
the pool and it starts all over again.
00:00
The Load Balancer is a very specialized device that
00:00
does one simple thing, switches traffic.
00:00
This allows it to handle high traffic load
00:00
and connect many servers behind it.
00:00
The Load Balancer can be exposed to
00:00
the Internet with a public IP address.
00:00
Then uses requests to get forwarded to it,
00:00
then the Load Balancer forwards the request to
00:00
the web server using their private IP address.
00:00
This is called the public Load Balancer.
00:00
You can replicate the same approach for
00:00
the other two tiers of your application.
00:00
The only difference is that
00:00
the Load Balancers for the application and
00:00
data tiers do not have
00:00
public IP addresses, but private only.
00:00
Those are called private Load Balancers.
00:00
One important thing to know about the Load Balancers is
00:00
that you can specify the port for
00:00
the traffic you want to balance.
00:00
For instance, for the public web tier Load Balancer,
00:00
you can configure port 80 for the application tier,
00:00
port 8080 and port 3306 for the data tier.
00:00
Then lastly, you can use another service called
00:00
Domain Name Service or
00:00
DNS to map friendly names to IP addresses.
00:00
Using a DNS, you can map
00:00
the IP address of the web tier
00:00
Load Balancer to a friendly name.
00:00
This way, the users don't need to
00:00
remember numeric IP addresses,
00:00
but use the friendly DNS name to access your application.
00:00
Azure has two services that
00:00
you can use for balancing traffic.
00:00
The first is Azure Load Balancer.
00:00
Azure Load Balancer is a fully managed service
00:00
that you can use to balance
00:00
Transmission Control Protocol,
00:00
TCP, or User Datagram Protocol, UDP traffic.
00:00
This means that you can balance not only web traffic,
00:00
but other traffic, like database traffic,
00:00
SSH traffic, and so on.
00:00
Azure Load Balancer supports
00:00
both inbound scenarios where you
00:00
balance traffic sent to your application,
00:00
as well as outbound scenarios where you balance traffic
00:00
sent from your application to external systems.
00:00
It also provides a low latency and
00:00
high throughput and scales with your needs.
00:00
You can support millions of
00:00
user requests with Azure Load Balancer.
00:00
The most important part is that you don't
00:00
need to maintain any infrastructure.
00:00
You just configure the service,
00:00
define the rules, and Azure manages the rest.
00:00
The other service that you can use to balance traffic in
00:00
Azure is called Application Gateway.
00:00
Azure Application Gateway is
00:00
designed for web applications only,
00:00
which means that you can load balance only
00:00
HTTP or HTTPS traffic.
00:00
However, the App Gateway provides
00:00
additional functionality that is
00:00
very useful for web applications.
00:00
This includes building web application
00:00
firewalls that monitor and log
00:00
traffic and protect your application from
00:00
malicious attacks like SQL injection,
00:00
cross encrypting, and denial of service attacks.
00:00
You can terminate SSL on
00:00
the application gateway level to reduce
00:00
encryption overhead or configure it to provide
00:00
end-to-end encryption for highly secure applications.
00:00
You could configure customer roots
00:00
based on URL paths and add,
00:00
remove, or rewrite the HTTP headers of the request.
00:00
You can also configure a session affinity and send
00:00
the request from the same client to
00:00
the same server and maintain a session.
00:00
Keep in mind though that this
00:00
may impact the performance of
00:00
your application and it is
00:00
typical for legacy applications,
00:00
but discouraged for the modern ones.
00:00
Now you know how you can scale
00:00
your application and provide availability
00:00
and resiliency using
00:00
the load balancing services from Azure.
Up Next