Skip to main content

Global Load Balancer Service Workload

Overview

A Global Load Balancer Service Workload represents a Platform-as-a-Service environment responsible for implementing the infrastructure required to provide a secure entry point for applications, as well as handling load balancing and routing to the applications. Configuring this workload scaffolds the required governance and infrastructure-as-code to deploy an Azure Front Door[1] along with the additional resources required for it to run in your environment.

Architecture

Global Load Balancer Service

Capabilities

Add-ons

Web Application Firewall

The Web Application Firewall ("WAF") Add-on enables a WAF to provide centralized protection for web applications[2].

Diagnostic Logging

The Diagnostic Logging Add-on is automatically configured upon adding an Logging Link. This add-on enables diagnostic logging for cloud resources included with the workload and transmitted to the linked Log Analytics[3] workspace.

A Logging Link collects the necessary information from the linked Log Analytics workspace and triggers the provisioning of the Diagnostic Logging Add-on.

Ports

Ingress Routing Port

A Ingress Routing Port enables the private connection of the Global Load Balancer to a Hosting Workload. Linking to this port associates the Global Load Balancer creates and configures an Azure Private Endpoint[4] to the Internal Load Balancer[5] for of the Hosting Workload.

Routing Port (Coming Soon!)

A Routing Port enables the connection of one or more Functional Workloads such as a Backend Service or Frontend Service. Linking to this port associates the Global Load Balancer with the linked application to route HTTP traffic matching the configured rule sets

Use Cases

  • Provide routing and load balance traffic across multiple backend services
  • Provide a WAF to secure web applications

References