4.3. Azure Application Gateway

Your web application has an API at /api/* and static content at /images/*. You want API requests to go to your app servers, images to go to a CDN-backed pool, and all traffic to pass through a WAF. How do you implement this? Application Gateway provides Layer 7 load balancing with intelligent routing based on HTTP content.

💡 First Principle: Application Gateway understands HTTP/HTTPS—it can read URLs, headers, and cookies. Think of it like a smart receptionist who reads your meeting request and directs you to the right conference room, rather than just checking your badge at the door. This enables intelligent routing, header manipulation, and application-layer security. The trade-off is higher latency compared to Layer 4 load balancing.

What breaks without proper configuration: SSL certificates expire causing outages. Backend health checks fail due to host header mismatches. Session affinity fails when backends expect sticky sessions. Path-based routing sends traffic to wrong backends.

Consider when you need Application Gateway vs. Load Balancer: if you need to route /mobile to one backend pool and /web to another, you need Application Gateway. If you just need to distribute TCP traffic across VMs, Load Balancer is simpler and faster.