Need Infrastructure suggestion

Reshmi B 0 Reputation points
2025-01-07T16:03:31.6466667+00:00

The current architecture consists of the following components:

• Hub VNet: Includes a VPN Gateway and Firewall for secure connectivity.

• Public Load Balancer: Distributes traffic to the Public AKS (Azure Kubernetes Service) Cluster.

• AKS Cluster: Hosts containerized applications, with private endpoints configured for secure communication.

• Key Services: o Azure Storage Account o Azure Key Vault for secrets management o Azure Container Registry (ACR) for container images o Redis Cache for caching

Here our environment is shown as public, however I would need to secure our infrastructure. Do I need to configure Application gateway or the Frondoor or both need suggestion and guidlines on this. Thanks in advance!

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
1,111 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Sai Prasanna Sinde 3,330 Reputation points Microsoft Vendor
    2025-01-08T00:36:28.5766667+00:00

    Hi @Reshmi B

    Welcome to the Microsoft Q&A Platform. Thank you for posting your query here.

    Benefits of above architecture:

    1. Multiple layers of WAF protection, private AKS cluster, private endpoints for key services.
    2. Global load balancing, caching, and SSL offloading through Front Door.
    3. Front Door and Application Gateway can both scale to handle large amounts of traffic.
    4. Front Door provides global redundancy, and Application Gateway can be configured for high availability within a region.
    • If your application is strictly for internal use and not accessible from the public internet, then you might only need Application Gateway within your VNet.

    Kindly let us know if the above helps or you need further assistance on this issue.

    Thanks,

    Sai.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.