Azure Front Door — Let’s summarize

Maciej
3 min readDec 17, 2020

--

What is Azure Front Door?

Azure Front Door Service allows you to define, manage, and monitor global routing of web traffic by optimizing maximum performance and immediate global failover for high availability. Front Door transforms global (multi-region) consumer and enterprise applications into robust, high-performance, modern, personalized applications, APIs, and content that use Azure to reach users around the world. can

That is, Azure Front Door can:

  • Optimize maximum performance and immediate global fail over for high availability,
  • Define, manage, and monitor global routing of web traffic.

These two are the main features. Also, regarding the functions, it seems that there are the following functions.

  • Faster application performance: Use split TCP-based anycast protocol to ensure that end users are immediately connected to the nearest Front Door POP (point of presence).
  • Increase application availability with smart health probes: Use smart health probes to monitor both backend latency and availability for immediate automatic failover when the backend goes down, which is critical. Achieve high availability of applications
  • URL-based routing: URL path-based routing allows you to route traffic to the backend pool based on the URL path of the request. One scenario is to route requests for different types of content to different backend pools.
  • Session Affinity: Keep user sessions on the same application backend
  • SSL Termination: Application Allows you to set up an SSL connection with the Front Door environment instead of establishing it through a long-distance connection with the backend.
  • Custom domain and certificate management: Support HTTPS for custom domain names
  • You can create custom Web Application Firewall (WAF) rules for application layer security access control to protect HTTP / HTTPS workloads from unauthorized use based on client IP addresses, country codes, and http parameters. I can do it. In addition, Front Door allows you to create rate limiting rules to combat malicious bot traffic.
  • URL Redirects: Web applications are required to automatically redirect HTTP traffic to HTTPS due to the strong industry push to support only secure communications.
  • URL rewriting: Supports URL rewriting by allowing the configuration of an optional custom forwarding path to use when creating requests to forward to the backend.
  • Protocol support-IPv6 and HTTP / 2 traffic: End-to-end IPv6 connections and HTTP / 2 protocols are also natively supported.

Deploy Front Door

We can deploy Front Door from Azure Creating Resources, or if we use IaaC we can use ansible or terraform for deploy Front Door

Custom domain in Front Door

If we decide use custom domain with Front Door we can buy any custom domain name for example in Azure App Domain. After that, register your custom domain name from the Azure Front door!

Next our DNS Provider needs to register a Record Set to use the custom domain name with Front Door. The following Microsoft Documents were well organized for the setting method!

Rewrite URL’s

Azure Front Door Service supports URL rewriting by allowing you to configure an optional custom forwarding path to use when creating requests to forward to the backend. By default, if no custom forwarding path is specified, Front Door copies the incoming URL path to the URL used in the forwarded request. The host header used in the forwarded request is configured for the selected backend. See Backend Host Headers for information on its features and how to configure it.
The powerful part of URL rewriting with a custom forwarding path is to copy any part of the receiving path that matches the wildcard path to the forwarded path. Example below:

Front Door monitoring

Two things can be monitored with Azure Front Door

  • Metrics: Currently, Azure Front Door has seven metrics that display performance counters.
  • Log: activity and diagnostic logs allow you to store or use resource performance, access, and other data for monitoring purposes.

More info about metrics:

--

--

Maciej
Maciej

Written by Maciej

DevOps Consultant. I’m strongly focused on automation, security, and reliability.