| title | Quickstart: Create an Azure Front Door using Azure PowerShell |
|---|---|
| description | Learn how to create an Azure Front Door using Azure PowerShell. Use Azure Front Door to deliver content to your global user base and protect your web apps against vulnerabilities. |
| author | halkazwini |
| ms.author | halkazwini |
| ms.service | azure-frontdoor |
| ms.topic | quickstart |
| ms.date | 11/18/2024 |
| ms.custom | devx-track-azurepowershell, mode-api |
Applies to: ✔️ Front Door Standard ✔️ Front Door Premium
In this quickstart, you learn how to create an Azure Front Door profile using Azure PowerShell. You use two Web Apps as your origin and verify connectivity through the Azure Front Door endpoint hostname.
:::image type="content" source="media/quickstart-create-front-door/environment-diagram.png" alt-text="Diagram of Azure Front Door deployment environment using the Azure PowerShell." border="false":::
[!INCLUDE ddos-waf-recommendation]
- An Azure account with an active subscription. Create an account for free.
- Azure PowerShell installed locally or Azure Cloud Shell.
[!INCLUDE updated-for-az] [!INCLUDE cloud-shell-try-it.md]
Create a resource group with New-AzResourceGroup:
New-AzResourceGroup -Name myRGFD -Location centralus
Create two web app instances in different Azure regions using New-AzWebApp:
# Create first web app in Central US region.
$webapp1 = New-AzWebApp `
-Name "WebAppContoso-01" `
-Location centralus `
-ResourceGroupName myRGFD `
-AppServicePlan myAppServicePlanCentralUS
# Create second web app in East US region.
$webapp2 = New-AzWebApp `
-Name "WebAppContoso-02" `
-Location EastUS `
-ResourceGroupName myRGFD `
-AppServicePlan myAppServicePlanEastUS
Run New-AzFrontDoorCdnProfile to create an Azure Front Door profile:
$fdprofile = New-AzFrontDoorCdnProfile `
-ResourceGroupName myRGFD `
-Name contosoAFD `
-SkuName Premium_AzureFrontDoor `
-Location Global
Run New-AzFrontDoorCdnEndpoint to create an endpoint in your profile:
$FDendpoint = New-AzFrontDoorCdnEndpoint `
-EndpointName contosofrontend `
-ProfileName contosoAFD `
-ResourceGroupName myRGFD `
-Location Global
Create health probe and load balancing settings, then create an origin group using New-AzFrontDoorCdnOriginGroup:
# Create health probe settings
$HealthProbeSetting = New-AzFrontDoorCdnOriginGroupHealthProbeSettingObject `
-ProbeIntervalInSecond 60 `
-ProbePath "/" `
-ProbeRequestType GET `
-ProbeProtocol Http
# Create load balancing settings
$LoadBalancingSetting = New-AzFrontDoorCdnOriginGroupLoadBalancingSettingObject `
-AdditionalLatencyInMillisecond 50 `
-SampleSize 4 `
-SuccessfulSamplesRequired 3
# Create origin group
$originpool = New-AzFrontDoorCdnOriginGroup `
-OriginGroupName og `
-ProfileName contosoAFD `
-ResourceGroupName myRGFD `
-HealthProbeSetting $HealthProbeSetting `
-LoadBalancingSetting $LoadBalancingSetting
Add your Web App origins to the origin group using New-AzFrontDoorCdnOrigin:
# Add first web app origin to origin group.
$origin1 = New-AzFrontDoorCdnOrigin `
-OriginGroupName og `
-OriginName contoso1 `
-ProfileName contosoAFD `
-ResourceGroupName myRGFD `
-HostName webappcontoso-01.azurewebsites.net `
-OriginHostHeader webappcontoso-01.azurewebsites.net `
-HttpPort 80 `
-HttpsPort 443 `
-Priority 1 `
-Weight 1000
# Add second web app origin to origin group.
$origin2 = New-AzFrontDoorCdnOrigin `
-OriginGroupName og `
-OriginName contoso2 `
-ProfileName contosoAFD `
-ResourceGroupName myRGFD `
-HostName webappcontoso-02.azurewebsites.net `
-OriginHostHeader webappcontoso-02.azurewebsites.net `
-HttpPort 80 `
-HttpsPort 443 `
-Priority 1 `
-Weight 1000
Map your endpoint to the origin group using New-AzFrontDoorCdnRoute:
$Route = New-AzFrontDoorCdnRoute `
-EndpointName contosofrontend `
-Name defaultroute `
-ProfileName contosoAFD `
-ResourceGroupName myRGFD `
-ForwardingProtocol MatchRequest `
-HttpsRedirect Enabled `
-LinkToDefaultDomain Enabled `
-OriginGroupId $originpool.Id `
-SupportedProtocol Http,Https
After you create the Azure Front Door profile, it takes a few minutes for the configuration to be deployed globally. Once completed, access the frontend host you created.
Run Get-AzFrontDoorCdnEndpoint to get the hostname of the Azure Front Door endpoint:
$fd = Get-AzFrontDoorCdnEndpoint `
-EndpointName contosofrontend `
-ProfileName contosoafd `
-ResourceGroupName myRGFD
$fd.hostname
In a browser, go to the endpoint hostname: contosofrontend-<hash>.z01.azurefd.net. Your request is routed to the web app with the lowest latency in the origin group.
:::image type="content" source="./media/create-front-door-portal/front-door-web-app-origin-success.png" alt-text="Screenshot of the message: Your web app is running and waiting for your content.":::
To test instant global failover:
-
Open a browser and go to the endpoint hostname:
contosofrontend-<hash>.z01.azurefd.net. -
Stop one of the Web Apps by running Stop-AzWebApp:
Stop-AzWebApp -ResourceGroupName myRGFD -Name "WebAppContoso-01" -
Refresh your browser. You should see the same information page.
-
Stop the other web app:
Stop-AzWebApp -ResourceGroupName myRGFD -Name "WebAppContoso-02" -
Refresh your browser. This time, you should see an error message.
:::image type="content" source="./media/create-front-door-portal/web-app-stopped-message.png" alt-text="Screenshot of the message: Both instances of the web app stopped.":::
-
Restart one of the Web Apps by running Start-AzWebApp. Refresh your browser and the page go back to normal:
Start-AzWebApp -ResourceGroupName myRGFD -Name "WebAppContoso-01"
When you no longer need the resources created with the Azure Front Door, delete the resource group. This action deletes the Azure Front Door and all its related resources. Run Remove-AzResourceGroup:
Remove-AzResourceGroup -Name myRGFD
To learn how to add a custom domain to your Azure Front Door, continue to the Azure Front Door tutorials.
[!div class="nextstepaction"] Add a custom domain