Application Gateway + Azure App Service Session Management

Question

My application is an Azure App Service behind an Application Gateway. As the session information is stored in-memory, I need to have the same session request being routed to the same instance in the App Service. I noted that in Application Gateway, there is this cookie-based-affinity setting and in Azure App Service, there is this ARRAffinity setting. Do I need to set both setting to true ?

Answer 1

Hi LCS thanks for the question

Lets map out an example quickly

I have a website for contoso partners called "https://partner.contoso.com", using public DNS I point "partner.contoso.com" to my Application Gateway running in Azure.

Lets assume I want the App Gateway for the WAF feature (It might also be I want to request route too)

Behind the App Gateway I have an App Service actually hosting the website for "partner.contoso.com" - it's default name is "partnercontoso.azurewebsites.net". Probably this is via a private endpoint (but it doesn't matter for this example)

My partner website is not stateless so i need to ensure that once the client lands on the site they always go back to the same instance.

In this scenario enabling session affinity at App Service is enough. Why?

Because App Service is a two tier architecture all requests to "partnercontoso.azurewebsites.net" are going to hit the app service "front end" - this will decide which instance (worker VM) to relay the client request and the session cookie is required here. And it's for this reason the session setting on App Gateway doesnt make sense. The "app service front end" abstracts the backend pool, app service backend configured in the App gateway is in effect another load balancer.

This question has been blogged here https://techcommunity.microsoft.com/t5/apps-on-azure-blog/configure-arraffinity-cookie-when-accessing-azure-app-service/ba-p/3842511