Hey everyone! I've recently taken over a project that uses Azure Application Gateway alongside AGIC, but I've never worked with AGIC before. I'm struggling to locate any Terraform code pertaining to the gateway's setup. It seems like the gateway might have been created by AGIC, but I'm a bit unsure about it. I'm looking to add some security headers to the Application Gateway, so I'm currently investigating how to accomplish that. Any insight would be greatly appreciated!
2 Answers
Hey! As someone who worked with the Application Gateway at Microsoft, I can tell you that AGIC manages the gateway's lifecycle by default. So, any configuration updates come from what’s defined in your Kubernetes cluster. You’ll typically find AGIC's configuration in a YAML file that follows the Ingress API. A quick command you can run is `kubectl get ingress -A` to see all the ingresses in your cluster. Also, as you dive deeper, consider checking out Application Gateway for Containers. It’s the new solution with a lot of improvements over AGIC! If you have more questions, feel free to ask! [aka.ms/agc](http://aka.ms/agc)
Right, I’ve got some concerns too! Like, how many ingress or gateway instances can it manage now? I remember AGIC had a limit increase to 200, but it always felt too low. Plus, does it support automation for certificates and DNS through cert manager and external-dns?
You can add security headers by using rewrite rules on the Application Gateway. Just make sure to specify the rewrite rule in your chart annotations to apply it correctly. Good luck!
I hear you about AGIC, but pushing for Application Gateway for Containers is a bit much when it still lacks important features. WAF functionality isn’t available yet, and there are definitely concerns about missing support for certain request timeouts and ports. Any idea when they plan to add WAF? Also, any updates on supporting AKS clusters that use kubenet?