NashTech Blog

Get in touch

Monitoring Azure Application Gateway Using Azure Logic App

Picture of Gaurav Shukla
Gaurav Shukla
Table of Contents
Azure App gateway

Introduction

Hello Readers, Welcome to the blog!! Monitoring the backend health of an Azure Application Gateway is critical for ensuring high availability and optimal performance. Azure Logic Apps provide a simple yet powerful way to automate the monitoring process by integrating with Azure’s REST API, which allows you to fetch real-time health data and trigger automated responses such as email alerts or notifications when issues are detected.

In this detailed blog, I will guide you through the entire process, starting from setting up the Application Gateway to configuring the Logic App to monitor its health. Additionally, I will provide Terraform code for automating the setup.

Step-by-Step Guide:

1. Create the Azure Application Gateway

Before we can monitor the health of the Application Gateway, you need to have one set up. Here’s a brief overview of how you can create it:
1. Go to the Azure Portal.
2. Select “Create a Resource” and choose “Application Gateway.”
3. Fill in the required fields like resource group, instance name, region, and configuration options (e.g., frontend IP, backend pool, and HTTP listener).
4. Once configured, deploy the Application Gateway.

The backend health of the gateway will monitor all instances (VMs, App Services, etc.) that are part of the backend pool.

2. Create a Logic App for Monitoring

Logic Apps allow you to automate workflows, including REST API calls, email alerts, and more. Here’s how to use it for monitoring the backend health of your Application Gateway.

Step 1: Creating the Logic App

-> Go to the Azure Portal, search for “Logic Apps,” and click on “Create.”
-> Choose a blank template for full control over the workflow.
-> Select the correct resource group and region where you want to deploy the Logic App.

Step 2: Configure Recurrence Trigger

The first step in the Logic App flow is to decide how often the health of the backend should be checked. You can configure this using the Recurrence Trigger.

In the Logic App designer, search for “Recurrence” and select the trigger.Set it to check the backend every few minutes. For example, set it to trigger every 5 minutes.

  • Frequency: 5
  • Interval: Minutes

Step 3: Call the Application Gateway Backend Health API

Now, add an HTTP action that will call Azure’s REST API to get the backend health status of the Application Gateway.

  1. Click “Add an action” in the Logic App designer.
  2. Search for “HTTP” and select it.
  3. Configure the HTTP action with the following details:
    • Method: GET
    • URI:
https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/applicationGateways/{applicationGatewayName}/backendhealth?api-version=2020-11-01
  • subscriptionId: Your Azure subscription ID.
  • resourceGroupName: Name of the resource group where the Application Gateway is deployed.
  • applicationGatewayName: The name of your Application Gateway.

Authentication: You will need an OAuth 2.0 token for authentication. You can generate this using Azure Active Directory (Azure AD) by creating a Service Principal with appropriate permissions (e.g., Reader on the Application Gateway).

Step 4: Parse the API Response

Once the API response is received, it’s necessary to parse it to extract relevant data about the backend health. Logic Apps provide a built-in Parse JSON action for this:

  1. Add a “Parse JSON” action after the HTTP action.
  2. Use the response body from the HTTP request as the input.
  3. Define a schema for the JSON response to ensure that you can extract fields like backendPoolName, status, etc.

Step 5: Check for Unhealthy Instances

Next, we will set up a conditional action that checks if any backend pool instance has an Unhealthy status. If so, an alert will be triggered.

  1. Add a Condition action.
  2. In the condition, check if the status field of any backend pool is Unhealthy.
  3. If the condition is true, proceed to the next step of triggering alerts.

Step 6: Trigger Alerts Based on Health Status

You can configure the Logic App to send alerts via email or collaboration tools like Teams or Slack if any backend instance is found unhealthy.

  • Send Email: Add an email action to send alerts. You can use Office 365 Outlook, Gmail, or any email service supported by Logic Apps.
    • In the email body, include the details of the unhealthy backend instance.
  • Post to Teams or Slack: Similarly, you can integrate the Logic App with Microsoft Teams or Slack to send a message to a specific channel with details about the unhealthy instance.

Step 7: Test the Logic App

Once the Logic App is configured, you should manually test it to ensure that the workflow works as expected:

  1. Go to the Logic App overview.
  2. Click “Run Trigger” to manually invoke the Logic App and check its behavior.
  3. If any backend pool is unhealthy, you should receive an alert as configured.

3. Terraform Code for Automating Setup

You can automate the entire setup of the Application Gateway, Logic App, and other infrastructure using Terraform. Below is an example of Terraform code for setting up these resources:

Prerequisites:

  • An existing Application Gateway.
  • An already configured backend pool.

Terraform Code:

provider "azurerm" {
  features {}
}

# Variables for Application Gateway and Backend Pool
variable "subscription_id" {
  default = "your_subscription_id"
}

variable "resource_group_name" {
  default = "your_resource_group"
}

variable "application_gateway_name" {
  default = "your_app_gateway_name"
}

# Logic App
resource "azurerm_logic_app_workflow" "logic_app" {
  name                = "appgw-health-monitor"
  location            = azurerm_resource_group.rg.location
  resource_group_name = var.resource_group_name
}

# Logic App HTTP Trigger to check App Gateway Health
resource "azurerm_logic_app_action_http" "appgw_health_check" {
  logic_app_id = azurerm_logic_app_workflow.logic_app.id
  name         = "CheckAppGatewayBackendHealth"
  method       = "GET"
  url          = "https://management.azure.com/subscriptions/${var.subscription_id}/resourceGroups/${var.resource_group_name}/providers/Microsoft.Network/applicationGateways/${var.application_gateway_name}/backendhealth?api-version=2020-11-01"
  headers = {
    "Authorization" = "Bearer <insert_token_here>"
    "Content-Type"  = "application/json"
  }
}

# Parse JSON response from App Gateway
resource "azurerm_logic_app_action_parse_json" "parse_response" {
  logic_app_id = azurerm_logic_app_workflow.logic_app.id
  name         = "ParseBackendHealthResponse"
  content      = azurerm_logic_app_action_http.appgw_health_check.outputs
  schema       = <<JSON
{
  "type": "object",
  "properties": {
    "backendAddressPools": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "health": {
            "type": "string"
          }
        }
      }
    }
  }
}
JSON
}

# Condition: Check for Unhealthy Backends
resource "azurerm_logic_app_action_condition" "unhealthy_check" {
  logic_app_id = azurerm_logic_app_workflow.logic_app.id
  name         = "CheckUnhealthyStatus"
  expression   = "@contains(body('ParseBackendHealthResponse'), 'Unhealthy')"
}

# Action: Send Email Alert if Backend is Unhealthy
resource "azurerm_logic_app_action_email" "send_alert" {
  logic_app_id = azurerm_logic_app_workflow.logic_app.id
  name         = "SendEmailAlert"
  to           = "youremail@example.com"
  subject      = "Application Gateway Backend Unhealthy"
  body         = "One or more backend instances in the Application Gateway are unhealthy. Please check immediately."
}

Explanation:

  1. azurerm_logic_app_workflow: Creates the Logic App.
  2. azurerm_logic_app_action_http: Configures an HTTP action that calls the Azure Application Gateway REST API to fetch backend health.
  3. azurerm_logic_app_action_parse_json: Parses the response from the API to extract backend health information.
  4. azurerm_logic_app_action_condition: Checks if any backend pool has an unhealthy status.
  5. azurerm_logic_app_action_email: Sends an email alert if any backend is found unhealthy.

Once the Terraform script is applied, you can test it by running the Logic App manually or waiting for the recurrence trigger (if configured). You should receive an email alert if any backend instance is unhealthy.

Conclusion

Monitoring the health of your Application Gateway’s backend instances is crucial for maintaining a reliable system. By leveraging Azure Logic Apps, you can automate this process and receive real-time alerts whenever issues arise, ensuring you can address problems before they affect your users. With Terraform, this setup can be deployed efficiently and at scale, allowing you to automate not only the monitoring process but also the deployment of the infrastructure itself.

Picture of Gaurav Shukla

Gaurav Shukla

Gaurav Shukla is a Software Consultant specializing in DevOps at NashTech, with over 2 years of hands-on experience in the field. Passionate about streamlining development pipelines and optimizing cloud infrastructure, He has worked extensively on Azure migration projects, Kubernetes orchestration, and CI/CD implementations. His proficiency in tools like Jenkins, Azure DevOps, and Terraform ensures that he delivers efficient, reliable software development workflows, contributing to seamless operational efficiency.

Leave a Comment

Your email address will not be published. Required fields are marked *

Suggested Article

Scroll to Top