Efficient way to route multiple tenant apps with App Gateway

Evgeny 26 Reputation points
2022-06-03T07:30:51.173+00:00

Hi folks,

we are on the way to create an azure architecture for many customer tenants (500+) .

These are the requirements

Example URL structure

https://tenant1.contoso.com                       
      https://tenant1.contoso.com/app1
      https://tenant1.contoso.com/app2
      https://tenant1.contoso.com/app3
      https://tenant1.contoso.com/app4
      https://tenant1.contoso.com/app5

...

https://tenant102.contoso.com/                  
     https://tenant102.contoso.com/app1
     ...
     https://tenant102.contoso.com/app5
...

We want to use Application Gateway to meet our needs.

  • Is that possible with the given requirements?
  • Which App Gateway configuration or concept should we use considering the App Gateway limits and to get routing right?

Thanks

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
568 questions
{count} votes

Accepted answer
  1. ChaitanyaNaykodi-MSFT 10,041 Reputation points Microsoft Employee
    2022-06-07T20:58:42.067+00:00

    Hello @Evgeny , Welcome to the Microsoft Q&A forum,

    As per my understanding from the question above, you have over 500 tenants (80-90 tenants per region) and each tenant can have 5 applications associated to it with their own distinct IP's and you are planning on using one wild card certificate. Your understanding here is correct Application gateway is a regional load balancer, so you are planning to have 80-90 tenants per application gateway with at the most 450 (90*5) backends.

    Azure Application Gateway supports multiple site hosting as you can use wildcard characters like asterisk (*) and question mark (?) in the host name, and up to 5 host names per multi-site HTTP(S) listener. For example, *.contoso.com. You can go through this documentation for additional details on Multi Site hosting. Now as per the Application Gateway Limitations you can have 100 active listeners that are routing traffic which works in your scenario as you will have 80-90 tenants per application gateway but there is also a limit of 100 Back-end address pools which can be a blocker in your scenario. As each app has a distinct IP address in your case and depending on how you will add them as your backend pool you might go over the limit of 100. The work around in this case will be to have more than one application gateways per region.

    In addition to the links shared above you can also go through this Well-Architected Framework review - Azure Application Gateway v2 and also utilize Azure Advisor to get a recommendation on best practices to optimize your Azure deployments.

    Hope this helps! Please let me know if you have any additional questions. Thank you!


0 additional answers

Sort by: Most helpful