應用程式閘道多站台裝載Application Gateway multiple site hosting

多網站裝載可讓您在應用程式閘道的相同埠上設定一個以上的 web 應用程式。Multiple site hosting enables you to configure more than one web application on the same port of an application gateway. 此功能可讓您將 100 多個網站新增到一個應用程式閘道,為您的部署設定更有效率的拓撲。It allows you to configure a more efficient topology for your deployments by adding up to 100+ websites to one application gateway. 每個網站都可以導向到自己的後端集區。Each website can be directed to its own backend pool. 例如,contoso.com、fabrikam.com 和 adatum.com 三個網域都指向應用程式閘道的 IP 位址。For example, three domains, contoso.com, fabrikam.com, and adatum.com, point to the IP address of the application gateway. 您會建立三個多網站接聽程式,並針對個別的連接埠和通訊協定設定來設定每個接聽程式。You'd create three multi-site listeners and configure each listener for the respective port and protocol setting.

您也可以在多網站接聽程式中定義萬用字元主機名稱,並為每個接聽程式定義最多 5 個主機名稱。You can also define wildcard host names in a multi-site listener and up to 5 host names per listener. 若要深入瞭解,請參閱接聽程式 中的萬用字元主機名稱To learn more, see wildcard host names in listener.

多網站應用程式閘道

重要

規則會依其列于 v1 SKU 入口網站中的順序進行處理。Rules are processed in the order they are listed in the portal for the v1 SKU. 若為 v2 SKU,完全相符會具有較高的優先順序。For the v2 SKU, exact matches have higher precedence. 強烈建議纖設定多站台接聽程式,再設定基本接聽程式。It is highly recommended to configure multi-site listeners first prior to configuring a basic listener. 這可確保流量路由傳送到右邊後端。This will ensure that traffic gets routed to the right back end. 如果先列出了基本接聽程式,且該接聽程式符合傳入的要求,就會由該接聽程式處理。If a basic listener is listed first and matches an incoming request, it gets processed by that listener.

http://contoso.com 的要求會路由傳送至 ContosoServerPool,而對 http://fabrikam.com 的要求則會路由傳送至 FabrikamServerPool。Requests for http://contoso.com are routed to ContosoServerPool, and http://fabrikam.com are routed to FabrikamServerPool.

同樣地,您可以在相同的應用程式閘道部署上裝載相同父系網域的多個子域。Similarly, you can host multiple subdomains of the same parent domain on the same application gateway deployment. 例如,您可以 http://blog.contoso.com http://app.contoso.com 在單一應用程式閘道部署上裝載和。For example, you can host http://blog.contoso.com and http://app.contoso.com on a single application gateway deployment.

接聽項中的萬用字元主機名稱 (預覽) Wildcard host names in listener (Preview)

應用程式閘道可讓您使用多網站 HTTP (S) 接聽程式來進行主機型路由。Application Gateway allows host-based routing using multi-site HTTP(S) listener. 現在,您可以使用萬用字元,例如星號 ( * ) 和問號 (? ) 在主機名稱中,以及每個多網站 HTTP () 接聽程式最多5個主機名稱。Now, you have the ability to use wildcard characters like asterisk (*) and question mark (?) in the host name, and up to 5 host names per multi-site HTTP(S) listener. 例如: *.contoso.comFor example, *.contoso.com.

使用主機名稱中的萬用字元,您可以在單一接聽程式中比對多個主機名稱。Using a wildcard character in the host name, you can match multiple host names in a single listener. 例如,可以比對,以及等等 *.contoso.com ecom.contoso.com b2b.contoso.com customer1.b2b.contoso.comFor example, *.contoso.com can match with ecom.contoso.com, b2b.contoso.com as well as customer1.b2b.contoso.com and so on. 您可以使用主機名稱的陣列,為接聽程式設定一個以上的主機名稱,以將要求路由至後端集區。Using an array of host names, you can configure more than one host name for a listener, to route requests to a backend pool. 例如,接聽程式可以包含,以 contoso.com, fabrikam.com 接受兩個主機名稱的要求。For example, a listener can contain contoso.com, fabrikam.com which will accept requests for both the host names.

萬用字元接聽程式

注意

這項功能處於預覽狀態,僅適用于應用程式閘道的 Standard_v2 和 WAF_v2 SKU。This feature is in preview and is available only for Standard_v2 and WAF_v2 SKU of Application Gateway. 若要深入瞭解預覽,請參閱 這裡的使用規定。To learn more about previews, see terms of use here.

注意

這項功能目前僅可透過 Azure PowerShellAzure CLI取得。This feature is currently available only through Azure PowerShell and Azure CLI. 即將推出入口網站支援。Portal support is coming soon. 請注意,因為入口網站支援無法完全使用,所以如果您只使用 [主機名稱] 參數,接聽程式會在入口網站中顯示為基本接聽程式,而接聽程式清單視圖的 [主機名稱] 欄則不會顯示已設定的主機名稱。Please note that since portal support is not fully available, if you are using only the HostNames parameter, the listener will appear as a Basic listener in the portal and the Host name column of the listener list view will not show the host names that are configured. 對於萬用字元接聽程式的任何變更,請務必使用 Azure PowerShell 或 CLI,直到入口網站中支援為止。For any changes to a wildcard listener, make sure you use Azure PowerShell or CLI until it's supported in the portal.

Azure PowerShell中,您必須使用 -HostNames 而不是 -HostNameIn Azure PowerShell, you must use -HostNames instead of -HostName. 使用主機名稱,您最多可以將5個主機名稱視為逗點分隔值,並使用萬用字元。With HostNames, you can mention up to 5 host names as comma-separated values and use wildcard characters. 例如, -HostNames "*.contoso.com,*.fabrikam.com"For example, -HostNames "*.contoso.com,*.fabrikam.com"

Azure CLI中,您必須使用 --host-names 而不是 --host-nameIn Azure CLI, you must use --host-names instead of --host-name. 使用主機名稱,您最多可以將5個主機名稱視為逗點分隔值,並使用萬用字元。With host-names, you can mention up to 5 host names as comma-separated values and use wildcard characters. 例如, --host-names "*.contoso.com,*.fabrikam.com"For example, --host-names "*.contoso.com,*.fabrikam.com"

[主機名稱] 欄位中允許的字元:Allowed characters in the host names field:

  • (A-Z,a-z,0-9) -英數位元(A-Z,a-z,0-9) - alphanumeric characters
  • - -連字號或減號- - hyphen or minus
  • . -句號作為分隔符號. - period as a delimiter
  • * -可與允許範圍中的多個字元相符* - can match with multiple characters in the allowed range
  • ? -可與允許範圍中的單一字元相符? - can match with a single character in the allowed range

在接聽程式中使用萬用字元和多個主機名稱的條件:Conditions for using wildcard characters and multiple host names in a listener:

  • 單一接聽程式中最多隻能提及5個主機名稱You can only mention up to 5 host names in a single listener
  • * 只能在網域樣式名稱或主機名稱的元件中提及星號一次。Asterisk * can be mentioned only once in a component of a domain style name or host name. 例如,component1 . component2. component3。For example, component1 .component2.component3. (*.contoso-*.com) 有效。(*.contoso-*.com) is valid.
  • 主機名稱中最多隻能有兩個星號 *There can only be up to two asterisks * in a host name. 例如, *.contoso.* 有效且 *.contoso.*.*.com 無效。For example, *.contoso.* is valid and *.contoso.*.*.com is invalid.
  • 主機名稱中最多隻能有4個萬用字元。There can only be a maximum of 4 wildcard characters in a host name. 例如, ????.contoso.com w??.contoso*.edu.* 是有效的,但 ????.contoso.* 無效。For example, ????.contoso.com, w??.contoso*.edu.* are valid, but ????.contoso.* is invalid.
  • * ? 在主機名稱的元件中同時使用星號和問號 (*??***) 無效。Using asterisk * and question mark ? together in a component of a host name (*? or ?* or **) is invalid. 例如, *?.contoso.com**.contoso.com 無效。For example, *?.contoso.com and **.contoso.com are invalid.

在接聽程式中使用萬用字元或多個主機名稱的考慮和限制:Considerations and limitations of using wildcard or multiple host names in a listener:

  • Ssl 終止和端對端 ssl 會要求您將通訊協定設定為 HTTPS,並上傳要用於接聽程式設定的憑證。SSL termination and End-to-End SSL requires you to configure the protocol as HTTPS and upload a certificate to be used in the listener configuration. 如果是多網站接聽程式,您也可以輸入主機名稱,通常這是 SSL 憑證的 CN。If it is a multi-site listener, you can input the host name as well, usually this is the CN of the SSL certificate. 當您在接聽程式中指定多個主機名稱,或使用萬用字元時,您必須考慮下列事項:When you are specifying multiple host names in the listener or use wildcard characters, you must consider the following:
    • 如果它是萬用字元主機名稱,例如 *. contoso.com,您就必須上傳具有 CN 的萬用字元憑證,例如 *. contoso.comIf it is a wildcard hostname like *.contoso.com, you must upload a wildcard certificate with CN like *.contoso.com
    • 如果在相同的接聽程式中提及多個主機名稱,您必須上傳 SAN 憑證 (主體替代名稱,) 具有與所述主機名稱相符的 Cn。If multiple host names are mentioned in the same listener, you must upload a SAN certificate (Subject Alternative Names) with the CNs matching the host names mentioned.
  • 您無法使用正則運算式來提及主機名稱。You cannot use a regular expression to mention the host name. 您只能使用萬用字元,例如星號 ( * ) 和問號 (? ) 形成主機名稱模式。You can only use wildcard characters like asterisk (*) and question mark (?) to form the host name pattern.
  • 針對後端健康情況檢查,您無法為每個 HTTP 設定建立多個 自訂探查 的關聯。For backend health check, you cannot associate multiple custom probes per HTTP settings. 相反地,您可以探查後端的其中一個網站,或使用 "127.0.0.1" 來探查後端伺服器的 localhost。Instead, you can probe one of the websites at the backend or use “127.0.0.1” to probe the localhost of the backend server. 不過,當您在接聽程式中使用萬用字元或多個主機名稱時,會根據規則類型 (基本或路徑型) ,將所有指定網域模式的要求路由至後端集區。However, when you are using wildcard or multiple host names in a listener, the requests for all the specified domain patterns will be routed to the backend pool depending on the rule type (basic or path-based).
  • "Hostname" 屬性會接受一個字串做為輸入,您可以在其中只提及一個非萬用字元功能變數名稱和「主機名稱」接受字串陣列做為輸入,您可以在其中提及最多5個萬用字元功能變數名稱。The properties “hostname" takes one string as input, where you can mention only one non-wildcard domain name and “hostnames” takes an array of strings as input, where you can mention up to 5 wildcard domain names. 但是這兩個屬性不能同時使用。But both the properties cannot be used at once.
  • 您無法以使用萬用字元或多個主機名稱的目標接聽程式來建立重新導向規則。You cannot create a redirection rule with a target listener which uses wildcard or multiple host names.

請參閱 使用 Azure PowerShell 建立多網站使用 Azure CLI ,以取得如何在多網站接聽程式中設定萬用字元主機名稱的逐步指南。See create multi-site using Azure PowerShell or using Azure CLI for the step-by-step guide on how to configure wildcard host names in a multi-site listener.

主機標頭和伺服器名稱指示 (SNI)Host headers and Server Name Indication (SNI)

有三個常見的機制可允許在相同的基礎結構上進行多站台裝載。There are three common mechanisms for enabling multiple site hosting on the same infrastructure.

  1. 將多個 Web 應用程式分別裝載在一個唯一的 IP 位址上。Host multiple web applications each on a unique IP address.
  2. 使用主機名稱將多個 Web 應用程式裝載在相同的 IP 位址上。Use host name to host multiple web applications on the same IP address.
  3. 使用不同的連接埠將多個 Web 應用程式裝載在相同的 IP 位址上。Use different ports to host multiple web applications on the same IP address.

應用程式閘道目前支援用來接聽流量的單一公用 IP 位址。Currently Application Gateway supports a single public IP address where it listens for traffic. 因此,目前不支援多個應用程式,每個應用程式都有自己的 IP 位址。So multiple applications, each with its own IP address is currently not supported.

應用程式閘道支援在不同埠上接聽的多個應用程式,但此案例需要應用程式接受非標準埠上的流量。Application Gateway supports multiple applications each listening on different ports, but this scenario requires the applications to accept traffic on non-standard ports. 這通常不是您想要的設定。This is often not a configuration that you want.

「應用程式閘道」需依賴 HTTP 1.1 主機標頭,才能在相同的公用 IP 位址和連接埠上裝載多個網站。Application Gateway relies on HTTP 1.1 host headers to host more than one website on the same public IP address and port. 裝載在應用程式閘道上的網站也可以支援具有伺服器名稱指示 (SNI) TLS 擴充功能的 TLS 卸載。The sites hosted on application gateway can also support TLS offload with Server Name Indication (SNI) TLS extension. 此案例表示用戶端瀏覽器和後端 Web 伺服陣列必須支援 RFC 6066 中所定義的 HTTP/1.1 和 TLS 擴充功能。This scenario means that the client browser and backend web farm must support HTTP/1.1 and TLS extension as defined in RFC 6066.

下一步Next steps

瞭解如何在應用程式閘道中設定多個網站裝載Learn how to configure multiple site hosting in Application Gateway

您可以瀏覽使用多站台裝載的 Resource Manager 範本,以了解以範本為基礎的端對端部署。You can visit Resource Manager template using multiple site hosting for an end to end template-based deployment.