Deploying Azure Protected Geo-Redundant Solution having path based routing
(Azure AZ : 305 Level)
Business Scenario
The Tyrell Crop wants to build a highly secured Globally distributed application. This application serves two types of content: images and dynamically rendered webpages. As their user base comes from across the globe this must be geographically redundant. The design demands that it should serve its users from the closest (lowest latency) location to them. For distinction, Tyrell Crop has decided that any URLs that match the pattern /images/* are served from a dedicated pool of VMs that are different from the rest of the web farm.
The Load Balancing Architecture for Tyrell Crop needs to be designed.
My Solution
Step A1 = Creating A New Resource Group
- 1.1 = Login to Azure portal and click on “Create a resource / Resource Groups”
- 1.2 = Click on “Create” icon
- 1.3 = Naming the resource group as “New_Resource_Group” and selecting “EAST US” as Region
- 1.4 = Reviewing and creating the new resource group
Step A2 = Creating A New Virtual Network within “New_Resource_Group”
- 2.1 = Click on “Create a resource / Virtual Networks”
- 2.2 = Click on “Create” icon
- 2.3 = Under “Basics” section, naming the resource group as “New_Virtual_Network” and selecting “East US” as Region
- 2.4 = Under “IP Addresses” section, adding a new subnet called “New_Subnet_01” with IP “10.0.1.0/24”
- 2.5 = Under “IP Addresses” section, adding another subnet called “New_Subnet_02” with IP “10.0.2.0/24”
- 2.6 = Reviewing and creating the virtual network
Step A3 = Create Virtual Machines within “New_Virtual_Network”
- 3.1 = Click on “Create a resource / Virtual Machines”
- 3.2 = Click “Create” and select “Azure Virtual Machines” from the dropdown
- 3.3 = Under “Basics” section, creating virtual machine with the name “VM1” with “Windows Server 2016” OS
- 3.4 = Creating this virtual machine inside the subnet “New_Subnet_02”
- 3.5 = Reviewing and creating the virtual machine VM1
- 3.6 = Again, under “Basics” section, creating virtual machine with the name “VM2”
- 3.7 = Creating this virtual machine inside the subnet “New_Subnet_02”
- 3.8 = Reviewing and creating the virtual machine VM2
- 3.9 = Screen showing both the virtual machines VM1 and VM2
Step A4 = Adding new Inbound Rule for both the virtual machines
- 4.1 = Go to “Networking” section of VM1 and “Add new inbound port rule”
- 4.2 = Opening destination port 80 and naming it “VM1_Custom80Inbound”
- 4.3 = Go to “Networking” section of VM2 and “Add new inbound port rule”
- 4.4 = Opening destination port 80 and naming it “VM2_Custom80Inbound”
Step A5 = Downloading RDP files of both the virtual machines and connecting to both the virtual machines through RDP
- 5.1 = Downloading RDP file for VM1
- 5.2 = Downloading RDP file for VM2
- 5.3 = Input Windows user-id & password to login to the virtual machine VM1
- 5.4 = Input Windows user-id & password to login to the virtual machine VM2
Step A6 = Installing “Web Server (IIS)” from the Server Manager portal, in both the virtual machines
- 6.1 = Opening “Server Manager” application in windows, in VM1
- 6.2 = Navigating to “Manage/Add Roles and Features” in Server Manager (in VM1)
- 6.3 = Under “Server Roles”, selecting & installing “Web Server (IIS)” (in VM1)
- 6.4 = Opening “Server Manager” application in windows, in VM2
- 6.5 = Navigating to “Manage/Add Roles and Features” in Server Manager (in VM2)
- 6.6 = Under “Server Roles”, selecting & installing “Web Server (IIS)” (in VM2)
- 6.7 = Only in VM2, creating a new folder called “images” in “C:/inetpub/wwwroot”
- 6.8 = Within the “images” folder creating a simple HTML file which says “This is the images section”
Step A7 = Creating and Configuring an Application Gateway within “New_Resource_Group”
- 7.1 = Click on “Create” icon in the Azure Portal
- 7.2 = Navigate to “Networking” and select “Create Application Gateway”
- 7.3 = Naming the Application Gateway as “New_Application_Gateway” and creating it inside the subnet “New_Subnet_01”
- 7.4 = Under “Frontends” section, creating a new Public IP Address with the name “AppGateway_PublicIP”
- 7.5 = Under “Backends” section, creating a new Backend Pool with the name “New_Backend_Pool” and targeting both the virtual machines VM1 and VM2
- 7.6 = Once the Frontends and Backends are configures, then proceeding to configure “Routing Rules”
- 7.7 = Creating a Routing Rule called “Images_Path”. And also creating a Lister called “New_Listener” on Port “80” for this Routing Rule.
- 7.8 = Under the section “Backend Targets” , selecting the target as “New_Backend_Pool” and clicking on “Add new Backend Settings”
- 7.9 = Giving a new name for the backed settings called “New_BackendHTTP_Settings” and selecting “HTTP” and “Port 80” as the settings
- 7.10 = Under the section “Add a routing rule” and under “Backend Targets” , navigating to “Add multiple targets to create a path-based rule”
- 7.11 = And under “Add a path” adding the path as “Target = BackendPool” and “Path = /images/*” and “Target Name = VM2924” (Here, VM2924 = VM2)
- 7.12 = After creating the ‘new path based rule’ we proceed by clicking “Add” under “Add a routing rule”
- 7.13 = The last step is to review the settings and to click on create, to create the Application Gateway
Step A8 = A diagram of the Infrastructure the we have just built so far
- As shown in the diagram, we have created VM1 & VM2 inside New_Subnet_01
- And we have created the application gateway inside New_Subnet_01
- VM1 & VM2 together forms the BackendPool
- VM2 is the VM which is dedicated for “images”
Step A9 = Editing the “IIS Welcome Page” of both the VMs in MS-Paint (just for better understanding)
- 9.1 = In VM1, navigating to “C:/inetpub/wwwroot” and opening the file “iisstart” from “Ms-Paint”
- 9.2 = Adding the text “VM1” to the “Welcome Page”
- 9.3 = In VM2, navigating to “C:/inetpub/wwwroot” and opening the file “iisstart” from “Ms-Paint”
- 9.4 = Adding the text “VM2” to the “Welcome Page”
Step A10 = Accessing the Application Gateway through the Web Browser (checking/testing it to see if everything works fine)
- 10.1 = Copying the Frontend IP Address of the Application Gateway
- 10.2 = Opening the copied link (20.232.4.24) in a Web Browser
- 10.3 = Opening the link “20.232.4.24/images/text.html”
Step B1 = Creating A New Resource Group
- 1.1 = Creating a new resource group with the name “Resource_Group_Asia” in “East Asia” region
Step B2 = Creating a Virtual Network within the newly created resource group
- 2.1 = Naming the resource group as “Virtual_Network_Asia” and selecting “East Asia” as Region
- 2.2 = Creating 2 subnets “New_Subnet_03” and “New_Subnet_04” inside this virtual network
Step B3 = Creating 2 virtual machines within the newly created virtual network
- 3.1 = Creating a new virtual machine with the name “VM3” in East-Asia regio
- 3.2 = Creating the VM3 virtual machine inside the “New_Subnet_04” subnet3
- 3.3 = Creating a new virtual machine with the name “VM4” in East-Asia region
- 3.4 = Creating the VM3 virtual machine inside the “New_Subnet_04” subnet
Step B4 = Adding new Inbound Rule for both the virtual machines
- 4.1 = Under VirtualMachine/Networking, adding a new Inbound rule for VM3 for destination port “80” with the name “VM3Custom80Inbound”
- 4.2 = Under VirtualMachine/Networking, adding a new Inbound rule for VM4 for destination port “80” with the name “VM4Custom80Inbound”
Step B5 = Accessing the VMs through RDP and installing “Web Server (IIS)” in the Server Manager, and also creating new folder “images” in VM4 with demo HTML file
- 5.1 = Installing “Web Server (IIS)” in the Destination Server VM3
- 5.2 = Installing “Web Server (IIS)” in the Destination Server VM4
- 5.3 = Creating a new folder “images” in VM4 in “C:/inetpub/wwwroot/”. And creating a demo HTML file.
Step B6 = Creating and Configuring an Application Gateway within “New_Resource_Group”
- 6.1 = Navigate to “Networking” and select “Create Application Gateway”
- 6.2 = Naming the Application Gateway as “Application_Gateway_Asia” and selecting region “East Asia” creating it inside the subnet “New_Subnet_03”
- 6.3 = Under “Frontends” section, creating a new Public IP Address with the name “AppGatewayAsia_PublicIP”
- 6.4 = Under “Backends” section, creating a new Backend Pool with the name “Asia_Backend_Pool” and targeting both the virtual machines VM3 and VM4
- 6.5 = Once the Frontends and Backends are configures, then proceeding to configure “Routing Rules”
- 6.6 = Creating a Routing Rule called “Images_Path_Asia”. And also creating a Lister called “New_Listener_Asia” on Port “80” for this Routing Rule.
- 6.7 = Under the section “Backend Targets” , selecting the target as “Asia_Backend_Pool” and clicking on “Add new Backend Settings”
- 6.8 = Giving a new name for the backed settings called “New_BackendHTTP_Settings_Asia” and selecting “HTTP” and “Port 80” as the settings
- 6.9 = Under the section “Add a routing rule” and under “Backend Targets” , navigating to “Add multiple targets to create a path-based rule”
- 6.10 = And under “Add a path” adding the path as “Target = Asia_BackendPool” and “Path = /images/*” and “Target Name = VM4916” (Here, VM4916 = VM4)
- 6.11 = After creating the ‘new path based rule’ we proceed by clicking “Add” under “Add a routing rule”
- 6.12 = The last step is to review the settings and to click on create, to create the Application Gateway
Step B7 = Editing the “IIS Welcome Page” of both the VMs in MS-Paint (just for better understanding)
- 7.1 = In VM3, navigating to “C:/inetpub/wwwroot” and opening the file “iisstart” from “Ms-Paint”
- 7.2 = Adding the text “VM3” to the “Welcome Page”
- 7.3 = In VM4, navigating to “C:/inetpub/wwwroot” and opening the file “iisstart” from “Ms-Paint”
- 7.4 = Adding the text “VM4” to the “Welcome Page”
Step B8 = Accessing the Application Gateway through the Web Browser (checking/testing it to see if everything works fine)
- 8.1 = Copying the Frontend IP Address of the Application Gateway
- 8.2 = Opening the copied link (20.187.165.58) in a Web Browser
- 8.3 = Opening the link “20.187.165.58/images/text.html”
Step C1 = Creating a new Traffic Manager
- 1.1 = Search for “Traffic Manager” and select “Traffic Manager Profiles”
- 1.2 = Select “Create” to create new Traffic Manager
- 1.3 = Giving the name “test2468” for the Traffic Manager Profile (test2468.trafficmanager.net). And choosing the routing method as “Geographic”
Step C2 = Configuring DNS for both the Application Gateways
- 2.1 = Opening the “New_Application_Gateway” and navigating to “Configure PublicIP” and giving this Application Manager a new DNS name “app-us53719” (app-us53719.eastus.cloudapp.azure.com)
- 2.2 = Opening the “Application_Gateway_Asia” and navigating to “Configure PublicIP” and giving this Application Manager a new DNS name “app-asia53719” (app- asia53719.eastasia.cloudapp.azure.com)
Step C3 = Adding Application Gateways as the Endpoints for the Traffic Manager
- 3.1 = Adding New_Application_Gateway as the first endpoint in the Traffic Manager and selecting “All (World” for Geo-Mapping
- 3.2 = Adding Application_Gateway_Asia as the second endpoint in the Traffic Manager and selecting “Asia” for Geo-Mapping
- 3.3 = Checking for the “Monitor Status” to become “Online”
Step C4 = Testing the Infrastructure using the TrafficManager DNS link
- 4.1 = Copying the DNS name of the Traffic Manager (http://test2468.trafficmanager.net)
- 4.2 = Entering the copied link “http://test2468.trafficmanager.net” in a Web Browser and checking if everything works correctly
- 4.3 = Entering the link “http://test2468.trafficmanager.net/images/text.html” in a Web Browser and checking if everything works correctly