Containerization, Kubernetes, AKS, Application Gateway basics
What Application Gateway Ingress Controller (AGIC) is, networking considerations, deployment methods
How to expose applications via custom domain name
AGIC routing and other AGIC-related annotations
How to create multiple types of TLS/SSL certificates and expose applications via HTTPS, using TLS/SSL termination or End-to-End TLS/SSL
AGIC-related security, including Web Application Firewall (WAF)
Other AGIC-related configurations like restricting it to specific namespaces or sharing the Application Gateway with other Azure services
How to monitor and troubleshoot the Application Gateway and its traffic
How to achieve reliability and high availability
This comprehensive course on Application Gateway Ingress Controller (AGIC) provides in-depth knowledge and hands-on experience to effectively deploy and manage web applications in Azure. You will learn the fundamentals of containers, Kubernetes, Azure Kubernetes Service (AKS), and the Azure Application Gateway, and then dive into the intricacies of AGIC setup, configuration, and advanced usage scenarios.
Starting with an introduction to containers and microservices architecture, you will explore Docker, Docker Hub, and container app deployment. You will gain understanding of the Azure Application Gateway and Azure Kubernetes Service (AKS), including basic Kubernetes objects and ingress controllers.
The course covers various installation methods for AGIC, networking considerations, and the deployment process using both the Greenfield and Brownfield methods, as well as the installation via AKS managed add-on or via Helm. You will learn how to configure AGIC for both public and private IPs, utilize VNET peering, scale application gateways, and manage annotations.
With a focus on routing and configuration, you will discover how to implement URL/path-based routing, host multiple sites and subdomains, customize health probes, utilize cookie-based affinity and more. The course also covers SSL certificate creation or importation, security considerations, and implementing Web Application Firewall (WAF) for enhanced application protection.
Get Instant Notification of New Courses on our
Telegram channel.
You will explore additional AGIC configurations and considerations, such as namespace restrictions, sharing AGIC-managed gateways with other Azure resources, and integrating multiple ingress controllers in the same AKS cluster. Monitoring and troubleshooting AGIC/Application Gateway, high availability, and using Azure Front Door for traffic routing are also covered in detail.
By the end of this course, you will have the knowledge and skills to confidently deploy and manage application gateways using AGIC, leverage advanced configuration options, ensure reliability and high availability, and effectively monitor and troubleshoot your deployments.
Join this course and unlock the power of Azure Application Gateway Ingress Controller (AGIC) to streamline your web application delivery!
Course introduction
Introduction about instructor and course
Good to know / Recommended background
Connect with me
Understanding containers
What is a container and how is it different from a VM?
Microservices architecture
Install Docker and Azure CLI on an Ubuntu VM and other considerations
What are Docker, Dockerfile and Docker Hub?
Create a container app (web app), pushing it to Docker Hub and running it
Starting with Application Gateway Ingress Controller (AGIC)
What is the Azure Application Gateway?
What is Azure Kubernetes Service (AKS)?
Understand basic Kubernetes objects and what an ingress controller is
Configure Application Gateway and AKS (without AGIC) to understand the downside
Kubectl and Visual Studio Code tips and tricks
What is the Application Gateway Ingress Controller (AGIC)?
Azure free account and AGIC pricing (Application Gateway and AKS pricings)
AGIC installation methods (Greenfield / Brownfield and Add-on / Helm)
Networking considerations, network plugins in AKS and their relevance in AGIC
Create AGIC with the Greenfield method and add-on (using Azure CNI)
Create AGIC with the Brownfield method and add-on (using kubenet)
Create AGIC with the Greenfield/Brownfield method and Helm (Workload Identity)
How and why to Stop/Start the AKS cluster and the Application Gateway
Deploy an application in AKS and see it exposed via the Application Gateway
Basic components-IP, backend pool, backend setting, listener, rule, health probe
Understand Application Gateway Backend Health
Create AGIC with both public and private IP
Create AGIC with private IP only
Understand and use VNET peering
Understand Application Gateway scaling
Understand annotations in AGIC
Starting with Application Gateway Ingress Controller (AGIC) quiz
AGIC routing and usage of other configuration annotations
Configure a custom domain with the help of an Azure Public DNS zone and use it
Host Multiple Sites
Host Multiple Subdomains
URL / Path Based Routing
Avoid this confusion when using URL / Path Based Routing
Expose using a different path than the one at app level (Backend Path Prefix)
Implement Rule Priority
Append additional hostnames (Hostname Extension)
Specify the hostname used while talking to the pods (Backend Hostname)
Override Frontend Port
Use a Rewrite Rule Set
Customize the Health Probe
Cookie Based Affinity
Connection Draining
Specify a Request Timeout after which the request will fail if not received
AGIC routing and usage of other configuration annotations – quiz
Certificates, Security and Web Application Firewall (WAF) in AGIC
Create a self-signed certificate
Setup a bought/paid trusted SSL certificate
Create a Let’s encrypt SSL certificate (manually)
Understand SSL Termination and End-to-End (E2E) SSL
Expose via HTTPS with a certificate in a Kubernetes TLS secret
Configure SSL redirection
Expose via HTTPS with a certificate uploaded in the Application Gateway
Expose via HTTPS with Cert-Manager and Let’s Encrypt certificate (autogenerated)
Setup End-to-End (E2E) SSL
Use a Network Security Group (NSG) to restrict traffic
Understand Web Application Firewall (WAF)
Deploy and test WAF
Create and use a WAF policy
Certificates, Security and Web Application Firewall (WAF) in AGIC – quiz
Other AGIC-related configurations and considerations
Restrict AGIC access to specific namespaces
Share an AGIC-managed Application Gateway with other Azure resources
Use AGIC and other ingress controller (like nginx) in the same AKS cluster
Disable the managed add-on and considerations
Other AGIC-related configurations and considerations – Quiz
Monitor and troubleshoot AGIC/Application Gateway
AGIC logging levels
Activity logs in Application Gateway
Metrics Explorer and Insights in Application Gateway
Enable Diagnostic Settings and explore logs
Understand Alerts in Azure
Create a metrics-based alert
Create a log-based alert
Monitor and troubleshoot AGIC/Application Gateway – quiz
Reliability and high availability (HA)
Understand AGIC-related reliability, including Availability Zones
How to specify Availability Zones during AKS and Application Gateway creation
Use Azure Front Door to route traffic between multiple AGICs
Use a custom domain and Azure Front Door certificate to expose apps in AGIC
Reliability and high availability (HA) – Quiz
Continue Your Learning Journey: Special Offer Inside
Continue Your Learning Journey: Special Offer Inside
