Connecting AKS with application gateway giving timeout error on accessing the applications

0
votes

I am looking to configure application gateway service provided by azure, to avail dynamicIP and basic WAF protection.

I don't want to do TLS termination here, as that I can do at level of Ingress (nginx load-balancer rules )

I have a DNS zone carrying DNS mapped to CNAME of the FrontendIP of the Application gateway and the backend pool has been mapped to IP of kubernetes Load Balancer.

Upon hitting the URL, I am getting time-out error and no traffic is being intercepted by nginx controller too, seems like traffic is getting lost at level of Application gateway only

1
azureazure-aksazure-application-gateway
Do you have any NSG at the Application Gateway subnet? Which port are you trying to access the AppGW? Did you try L4 connectivity test such as telnet on AppGW IP and port which you are trying to access?msrini-MSIT
application will run at https only, hence 443 should be the port, but if I look to configure listeners for that, then azure is asking to provide .pfx file for the ssl certificates, I don't want SSL termination at this levelTushar Mahajan
you can check this repo:github.com/Azure/application-gateway-kubernetes-ingress. it allows you to use app gateway as an ingress controller.Thomas

1 Answers

1
votes

Application Gateway is a reverse proxy. So the SSL termination happens at the listener and you can configure end to end SSL by uploading .cer in the HTTPSettings.

You can use this guide to configure end to end SSL.

Also note that without configuring HTTPS listener, all your request will be timed-out.