Taking advantage of the new Azure Application Gateway V2

Data di pubblicazione: 11 giugno, 2019

Principal Program Manager, Microsoft Azure

We recently released Azure Application Gateway V2 and Web Application Firewall (WAF) V2. These SKUs are named Standard_v2 and WAF_v2 respectively and are fully supported with a 99.95% SLA. The new SKUs offer significant improvements and additional capabilities to customers:

  • Autoscaling allows elasticity for your application by scaling the application gateway as needed based on your application’s traffic pattern. You no longer need to run application gateway at peak provisioned capacity, thus significantly saving on the cost.
  • Zone redundancy enables your application gateway to survive zonal failures, offering better resilience to your application
  • Static VIP feature ensures that your endpoint address will not change over its lifecycle
  • Header Rewrite allows you to add, remove or update HTTP request and response headers on your application gateway, thus enabling various scenarios such as HSTS support, securing cookies, changing cache controls etc. without the need to touch your application code.
  • Faster provisioning and configuration update time
  • Improved performance for your application gateway helps reduce overall cost

Diagram showing improved capabilities in V2

We highly recommend that customers use the V2 SKUs instead of the V1 SKU for new applications/workloads.

Customers who have existing applications behind the V1 SKUs of Application Gateway/WAF should also consider migrating to the V2 SKUs sooner rather than later. These are some of the reasons:

  • Features and improvements: You can take advantage of the improvements and capabilities mentioned above and continue to take advantage of new features in our roadmap as they are released. Going forward, most of the new features in our roadmap will only be released on the V2 SKU.
  • Cost: V2 SKU may work out to be overall cheaper for you relative to V1 SKU. See our pricing page for more information on V2 SKU costs.
  • Platform support in future: We will be disabling creation of new gateways on the V1 SKU at some point in the future, advance notification will be provided so customers have sufficient time to migrate. Migrating your gateways to the V2 SKU sooner rather than later will allow us to allocate more of our engineering and support resources to the V2 SKU sooner.  Help us help you!

Guided migration – Configuration replication to V2 SKU gateway

While customers can certainly do the migration on their own by manually configuring new V2 gateways with the same configuration as their V1 gateways, in reality, for many customers this could be quite complicated and error prone due to the number of configuration touchpoints that may be involved. To help with this, we have recently published a PowerShell script along with documentation that helps replicate the configuration on a V1 gateway to a new V2 gateway.

The PowerShell script requires a few inputs and will seamlessly copy over the configuration from a specified V1 gateway to a new V2 gateway, the V2 gateway will be automatically created for you). There are a few limitations, so please look at those before using the script and visit our mini FAQ for additional guidance.

Switching over traffic to new V2 endpoints

This will be completely up to the customer as the specifics of how the traffic flow through the application gateway is architected, vary from application to application and customer to customer. However, we have provided guidance for some scenarios of traffic flow. We will consider future tooling to help customers with this phase, especially for customers using Azure DNS or Azure Traffic Manager to direct traffic to application gateways.

Feedback

As always, we are interested in hearing your valuable feedback. For specific feedback on the migration to the V2 SKU, you are welcome to email us at appgwmigrationsup@microsoft.com. For general feedback on Application Gateways, please use our Azure Feedback page.