AppService Multi-tenant configuration using App Gateway

In Multi-tenant architecture, the same web instance runs multiple websites; in this mode, each website can have separate host headers on the same web instance.  Application Gateway provides options to override the HTTP host headers.  In this scenario, we will configure as not to override so that the header value is not changed.

In this article, let us consider the simple use case that includes Traffic Manager, Application Gateway, and app services, which has several custom domains added for multi-tenant support

Steps to configure multi-tenant configuration:

  1. create an App Service and complete all required custom domains.  In this case, I am going to use two custom domains agw1.udai.io and agw2.udai.io, complete SSL enable
  2. Create a virtual network with subnet
  3. Create a front-end IP it can be public, private or Both
  4. Create backend pools it can be IP address or FQDN, Virtual Machine, Virtual Machine Scale Set (VMSS) or AppServices
  5. Create routing rules, which includes Listeners and Backend targets

Microsoft App Gateway documentation page has step by step screenshots to configure the above steps, in this, We will go thru only the important configuration that specific to multi-tenant

From the HTTP Listener

Cookie affinity:  if the application requires state

Certificate: Self-signed certificate are valid for testing purposes, but for production, you should use well know CA Certificate

HostName Override:  Disable so that the application gateway does not change the header

Custom Probe:  if you have multiple DNS, you can dedicate one of the DNS for health probe

If you route the traffic thru traffic manager, then set the valid path and custom header in the configuration so that the monitoring status is online.  Otherwise, monitoring status will be degraded; however, your traffic may still correctly routed to the targeted endpoint.

To set custom header settings in configuration, follow the format of host: DNS example host:www.udai.io

To verify the lookup, you can use tools like https://mxtoolbox.com/supertool.aspx  

To learn more about app gateway visit

https://docs.microsoft.com/en-us/azure/application-gateway/overview

Leave a Reply

Your email address will not be published. Required fields are marked *