1

I have a setup of Azure VM scaleset, each Linux VM running java spring boot app on a specific port (8070). I need to use a domain with https on application gateway and use Linux VMSS with java app as backend pools.

I am aware this can be done with azure lb but I need to use SSL. If this is possible with a gateway, what would be configurations for 'listeners', 'rules' and 'HTTP settings'

I saw a question which is relevant to mine, but I need much more help.

azure_app_gateway

Dave M
  • 4,494
  • 21
  • 30
  • 30
anudeep
  • 111
  • 1

1 Answers1

1

this is not possible with lb unless your app listens on https (so it needs a certificate). its possible to do SSL offloading on the app go or do end-to-end SSL. this is the official article to configure SSL offloading, this one is for e2e SSL.

basically, you need to create SSL and create a listener that's using that SSL certificate. probe behaviour doesn't change (compared to lb probe) unless you are doing e2e SSL.

4c74356b41
  • 628
  • 5
  • 10
  • I will go with ssl offloading on appgw. My problem how do I manage the http listener and rules and http settings for my VM scalesets which all have Java app running on 8070 port. – anudeep Jan 19 '19 at 08:14
  • i dont see a question in your statement. read the official article. scale sets do not differ from vms in this regard – 4c74356b41 Jan 19 '19 at 08:30
  • Yeah I see that , probably I didn't phrase my question properly. What would be the 'http settings' , 'rules' and 'listeners' if vmss run the app on 8070 port. How do I forward requests from appgw to vmss in terms of settings on appgw to be configured – anudeep Jan 19 '19 at 08:59
  • follow the article and see for yourself? it tells you how to do that from scratch – 4c74356b41 Jan 19 '19 at 09:01
  • I am afraid i also went through the (https://docs.microsoft.com/en-us/azure/application-gateway/tutorial-create-vmss-cli) but there's an example on nginx on vmss which runs on port 80, but is is possible i hit appgw on https://.domain.com which hits backend pools on java app on port 8070. What would be listener and http settings? – anudeep Jan 19 '19 at 18:17
  • i dont understand, just change the port to 8070, how hard is that? create a sample appgw using those instructions and port 80 and just adjust them to port 8070. you'd need to change listener and probe – 4c74356b41 Jan 19 '19 at 18:20