0
0
Azurecloud~5 mins

Load Balancer vs Application Gateway decision in Azure - CLI Comparison

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Introduction
When you want to send internet traffic to your apps, you need a way to share the work across many servers. Azure offers two main tools for this: Load Balancer and Application Gateway. Choosing the right one helps your app run smoothly and safely.
When you want to spread simple network traffic evenly across servers to keep your app fast and available.
When you need to route web traffic based on the URL or need extra security features like a web firewall.
When your app uses non-web protocols like TCP or UDP and needs fast, basic load balancing.
When you want to manage SSL certificates and do web traffic inspection to block bad requests.
When you want to handle user sessions so that a user always talks to the same server.
Commands
This command creates a basic Azure Load Balancer with a public IP, frontend IP configuration, and backend pool to distribute traffic evenly across servers.
Terminal
az network lb create --resource-group example-rg --name example-lb --sku Standard --frontend-ip-name exampleFrontEnd --backend-pool-name exampleBackEndPool --public-ip-address examplePublicIP
Expected OutputExpected
{ "frontendIpConfigurations": [ { "name": "exampleFrontEnd", "privateIpAddress": null, "publicIpAddress": { "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/example-rg/providers/Microsoft.Network/publicIPAddresses/examplePublicIP" } } ], "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/example-rg/providers/Microsoft.Network/loadBalancers/example-lb", "location": "eastus", "name": "example-lb", "resourceGroup": "example-rg", "sku": { "name": "Standard" }, "type": "Microsoft.Network/loadBalancers" }
--sku - Defines the Load Balancer type; Standard supports more features and zones.
--frontend-ip-name - Names the frontend IP configuration for incoming traffic.
--backend-pool-name - Names the group of servers that will receive the traffic.
This command creates a health probe to check if backend servers are healthy by testing TCP port 80. It helps the Load Balancer send traffic only to healthy servers.
Terminal
az network lb probe create --resource-group example-rg --lb-name example-lb --name exampleProbe --protocol tcp --port 80
Expected OutputExpected
{ "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/example-rg/providers/Microsoft.Network/loadBalancers/example-lb/probes/exampleProbe", "name": "exampleProbe", "protocol": "Tcp", "port": 80 }
--protocol - Sets the protocol used for health checks.
--port - Sets the port number to check on backend servers.
This command creates an Azure Application Gateway with web traffic features like cookie-based session affinity to keep users connected to the same server.
Terminal
az network application-gateway create --name example-appgw --location eastus --resource-group example-rg --sku Standard_v2 --capacity 2 --frontend-port 80 --http-settings-cookie-based-affinity Enabled --routing-rule-type Basic
Expected OutputExpected
{ "name": "example-appgw", "location": "eastus", "sku": { "name": "Standard_v2" }, "capacity": 2, "frontendPorts": [ { "port": 80 } ], "httpSettings": [ { "cookieBasedAffinity": "Enabled" } ], "routingRules": [ { "ruleType": "Basic" } ] }
--sku - Specifies the Application Gateway SKU with advanced features.
--capacity - Sets the number of instances for scaling.
--http-settings-cookie-based-affinity - Enables session stickiness for user sessions.
This command shows the details of the Application Gateway to verify its configuration and status.
Terminal
az network application-gateway show --name example-appgw --resource-group example-rg
Expected OutputExpected
{ "name": "example-appgw", "location": "eastus", "sku": { "name": "Standard_v2" }, "provisioningState": "Succeeded", "capacity": 2 }
Key Concept

If you remember nothing else from this pattern, remember: Use Load Balancer for simple, fast network traffic distribution and Application Gateway for smart web traffic routing and security.

Common Mistakes
Using Load Balancer when you need URL-based routing or web application firewall features.
Load Balancer cannot inspect or route web traffic based on URLs or provide web security.
Choose Application Gateway when you need advanced web traffic management and security.
Not configuring health probes for Load Balancer backend pools.
Without health probes, Load Balancer may send traffic to unhealthy servers causing downtime.
Always create and attach health probes to monitor backend server health.
Forgetting to enable session affinity on Application Gateway when your app requires sticky sessions.
Users may be routed to different servers causing session loss or errors.
Enable cookie-based affinity in Application Gateway HTTP settings for session stickiness.
Summary
Create an Azure Load Balancer to distribute network traffic evenly across servers.
Add health probes to ensure traffic only goes to healthy backend servers.
Use Azure Application Gateway for web traffic routing, SSL management, and security features.
Enable session affinity on Application Gateway to keep user sessions consistent.