Should I use one or multiple Azure App Gateway with multiple environments (dev, test, prod)?

1
votes

I have App Service behind App Gateway and need to maintain couple different environments (dev, test, prod). I have also vnet with two subnets, frontent for App Gateway and backend for app service. Each env has own subdomain ie. dev.example.com, test.example.com and example.com (for prod). Deployments automated using terraform and Azure Pipelines.

Should I have single App Gateway which will handle this traffic (and reduce the cost) or should I use App Gateway per environment. Looking for good practice here.

1
azureterraformenvironmentazure-application-gateway
You definitely should use multiple App Gateways. Ask your self a question, what would you do if you are required different configurations for one of envs?Oleh Tarasenko
Plus think about that you will have a single-point-of-failure for prod and dev envs, it does not sound good.Oleh Tarasenko

1 Answers

2
votes

Good/best practise depends on what works well for your situation.

For this question I would say the following are the main factors to consider:

  1. Are you happy with segregation of dev/test/prod by subnet only? (I believe that would generally be considered sufficient.)
  2. Have you considered how difficult it would be to add separate app gateways at a later date if it became necessary? (If I understand correctly, adding additional app gateways for the same vnet would be no problem, and switching your dev/test services to another gateway[s] would pose minimal risk to the prod service if done carefully.)
  3. Are you happy managing the gateway outside of your existing Terraform states? (Assuming you already have separate dev/test/prod states as is highly recommended.)