Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
I understand that you would like to use Azure Application gateway across multiple VNETs in different subscriptions.
This is perfectly possible and Application gateway will be able to communicate with resources in other VNETs outside it's subscription as long as the VNET in which the Application gateway is deployed and the backend VNETs are peered.
The choice to use a Single gateway or multiple gateways entirely depends on your requirement and architecture and the isolation/management you would require.
In any case, I can't think of any pros/cons with using either Multiple App gateway or Peered VNET VMs as backends in a single App gateway, only there are some considerations.
- Note that the backend type must be "Internal IP addresses".
- You must make sure the VNET Peering is properly configured and the App gateway is able to access the backend VMs
- Wrt NSGs and UDRs on the backend VMs' subnets.
- You can either use
- a single Wildcard listener to receive traffic for every backend
- or multiple listeners for multiple backends and tie them to appropriate backend
- a single Wildcard listener to receive traffic for every backend
- I would suggest using multiple listeners as allows for easy management
The only thing I can think of is Management overhead with using a single App gateway
- You must make sure the Listeners are properly tied to the appropriate backend (dev,qa,uat,prod) using the Routing Rules.
- Again, this would depend on your requirement.
Some docs that may come in handy are :
Wrt "is it possible to connect application gateway to send data to Azure data lake or other azure data services? Probably using another service as a mediator?"
- Primary use case of Azure App gateway is to provide a reverse proxy for sites.
- The backends will not be able to initiate a connection via App gateway
- i.e, App gateway is inbound only. The VMs cannot initiate an outbound traffic via App gateway.
- So, if your intention is to make use of App gateway to enable the backend VMs to upload files to Azure data lake or other azure data services - this won't be feasible.
- However, Azure application gateway is perfectly capable of acting as a reverse proxy for other PaaS services that are exposed via Public Internet (in your case, Azure data lake)
- So, if your intention is to enable Clients in Internet to upload data to Azure data lake via App gateway - this should be doable.
- But please make note of File upload limits if you use WAF
I would suggest you post a new query with exact use case for this file upload and appropriate tags, so the community experts on Data lake storage can add their comments as well.
Thanks,
Kapil
Please Accept an answer if correct.
Original posters help the community find answers faster by identifying the correct answer.