Microsoft has announced the public preview of Azure Application Gateway for Containers, a new service designed to provide application-level routing for containerized applications. The service is designed to work with Azure Kubernetes Service (AKS) and other Kubernetes environments as a scalable and flexible solution.
A Load-Balancer for Container-Apps
Azure Application Gateway for Containers is a load balancing solution that provides application-level routing for containerized applications. The service is built on the Azure Application Gateway, a Layer 7 load balancer that provides application-level routing and load balancing services that can scale with your applications.
The purpose of load-balancing is to make the most efficient use of resources, increase throughput, reduce response time, and prevent any one resource from getting overloaded. It can also enhance availability by distributing the workload across multiple computing resources.
Key Features and Components
The service includes several key features and components. The control plane is responsible for orchestrating proxy configuration based on customer intent. The service also includes two child resources: associations and frontends. Associations define a connection point into a virtual network, while frontends define the entry point client traffic should be received by a given Application Gateway for Containers.
The Application Gateway for Containers ALB Controller is a Kubernetes deployment that orchestrates configuration and deployment of Application Gateway for Containers by watching Kubernetes both Custom Resources and Resource configurations. It uses both ARM / Application Gateway for Containers configuration APIs to propagate configuration to the Application Gateway for Containers Azure deployment.
How It Works
Each Application Gateway for Containers frontend provides a generated Fully Qualified Domain Name managed by Azure. The client resolves a CNAME that points to the frontend's FQDN or directly resolves the FQDN provided by Application Gateway for Containers using a DNS server. The DNS resolver translates the DNS record to an IP address. When the client initiates the request, the DNS name specified is passed as a host header to Application Gateway for Containers on the defined frontend. A set of routing rules evaluates how the request for that hostname should be initiated to a defined backend target.
Deployment and Installation
The ALB Controller can be installed by running specific commands in the Azure CLI. The controller is responsible for translating Gateway API and Ingress API configuration within Kubernetes to load balancing rules within Application Gateway for Containers. The installation process involves creating a user managed identity for ALB controller and federating the identity as Pod Identity to use in the AKS cluster. The ALB Controller can be installed by running specific commands in the Azure CLI.
Now that the public preview of Azure Application Gateway for Containers is available, users can provision the Application Gateway For Containers resources in Azure. The next step is to link the ALB controller to Application Gateway for Containers, which depends on the user's deployment strategy. There are two deployment strategies for the management of Application Gateway for Containers: Bring your own (BYO) deployment and Managed by ALB controller.