new vmss tutorial

Author: davidmu1

articles/application-gateway/TOC.md

@@ -19,6 +19,10 @@
 ### [Resource Manager template](application-gateway-create-gateway-arm-template.md)
 ### [Azure CLI](application-gateway-create-gateway-cli.md)
 # How to
+## Create application gateway with VMSS
+### [Azure portal](tutorial-create-vmss-portal.md)
+### [Azure PowerShell](tutorial-create-vmss-powershell.md)
+### [Azure CLI](tutorial-create-vmss-cli.md)
 ## Configure web application firewall
 ### [Azure portal](application-gateway-web-application-firewall-portal.md)
 ### [Azure PowerShell](application-gateway-web-application-firewall-powershell.md)

articles/application-gateway/media/tutorial-create-vmss-cli/tutorial-nginxtest.PNG

@@ -0,0 +1,172 @@
+---
+title: Create an application gateway with a virtual machine scale set - Azure CLI | Microsoft Docs
+description: Learn how to create an application gateway with a virtual machine scale set using the Azure CLI.
+services: application-gateway
+author: davidmu1
+manager: timlt
+editor: tysonn
+
+ms.service: application-gateway
+ms.topic: article
+ms.workload: infrastructure-services
+ms.date: 11/15/2017
+ms.author: davidmu
+
+---
+# Create an application gateway with a virtual machine scale set using the Azure CLI
+
+You can use the Azure CLI to create an [application gateway](application-gateway-introduction.md) that uses a [virtual machine scale set](../virtual-machine-scale-sets/virtual-machine-scale-sets-overview.md) for backend servers. In this example, the scale set contains two virtual machine instances that are added to the default backend pool of the application gateway.
+
+In this article, you learn how to
+
+> [!div class="checklist"]
+> * Create a virtual machine scale set
+> * Create an application gateway
+> * Add servers to the default backend pool
+
+If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.
+
+[!INCLUDE [cloud-shell-try-it.md](../../includes/cloud-shell-try-it.md)]
+
+If you choose to install and use the CLI locally, this quickstart requires that you are running the Azure CLI version 2.0.4 or later. To find the version, run `az --version`. If you need to install or upgrade, see [Install Azure CLI 2.0](/cli/azure/install-azure-cli).
+
+## Create a resource group
+
+Create a resource group using [az group create](/cli/azure/group#create). An Azure resource group is a logical container into which Azure resources are deployed and managed. 
+
+The following example creates a resource group named *myResourceGroupAG* in the *eastus* location.
+
+```azurecli-interactive 
+az group create --name myResourceGroupAG --location eastus
+```
+
+## Create a virtual network, subnets, and public IP address 
+
+You can create the virtual network and the backend subnet by using [az network vnet create](/cli/azure/network/vnet#az_net). You can add the subnet named *myAGSubnet* that's needed by the application gateway by using [az network vnet subnet create](/cli/azure/network/vnet/subnet#az_network_vnet_subnet_create). Create the public IP address named *myAGPublicIPAddress* by using [az network public-ip create](/cli/azure/public-ip#az_network_public_ip_create).
+
+```azurecli-interactive
+az network vnet create \
+  --name myVNet \
+  --resource-group myResourceGroupAG \
+  --location eastus \
+  --address-prefix 10.0.0.0/16 \
+  --subnet-name myBackendSubnet \
+  --subnet-prefix 10.0.1.0/24
+az network vnet subnet create \
+  --name myAGSubnet \
+  --resource-group myResourceGroupAG \
+  --vnet-name myVNet \
+  --address-prefix 10.0.2.0/24
+az network public-ip create \
+  --resource-group myResourceGroupAG \
+  --name myAGPublicIPAddress
+```
+
+## Create a virtual machine scale set
+
+In this example, you create a virtual machine scale set that provides servers for the default backend pool in the application gateway. The virtual machines in the scale set are associated with the *myBackendSubnet* subnet. You can use [az vmss create](/cli/azure/vmss#az_vmss_create) to create the scale set.
+
+```azurecli-interactive
+az vmss create \
+  --name myvmss \
+  --resource-group myResourceGroupAG \
+  --image UbuntuLTS \
+  --admin-username azureuser \
+  --admin-password Azure123456! \
+  --instance-count 2 \
+  --vnet-name myVNet \
+  --subnet myBackendSubnet \
+  --vm-sku Standard_DS2 \
+  --upgrade-policy-mode Automatic
+```
+
+### Install NGINX
+
+In your current shell, create a file named customConfig.json and paste the following configuration. You can use any editor you wish to create the file in the Cloud Shell.  Enter `sensible-editor cloudConfig.json` to see a list of available editors to create the file.
+
+```json
+{
+  "fileUris": ["https://raw.githubusercontent.com/davidmu1/samplescripts/master/install_nginx.sh"],
+  "commandToExecute": "./install_nginx.sh"
+}
+```
+
+Run this command in the shell window:
+
+```azurecli-interactive
+az vmss extension set \
+  --publisher Microsoft.Azure.Extensions \
+  --version 2.0 \
+  --name CustomScript \
+  --resource-group myResourceGroupAG \
+  --vmss-name myvmss \
+  --settings @cloudConfig.json
+```
+
+## Create an application gateway
+
+### Get the IP addresses of the instances
+
+Use [az vmss nic list](/cli/azure/vmss/nic#az_vmss_nic_list) to get the private IP address of each virtual machine in the scale set. After running the command, record the private IP addresses for each virtual machine.
+
+```azurecli-interactive
+az vmss nic list \
+  --vmss-name myvmss \
+  --resource-group myResourceGroupAG | grep "privateIpAddress"
+```
+
+### Create the application gateway
+
+Now that you created the necessary supporting resources, use [az network application-gateway create](/cli/azure/application-gateway#create) to create the application gateway. When you create an application gateway using the Azure CLI, you specify configuration information, such as capacity, sku, and HTTP settings. Use the two IP addresses that you recorded for the value of the `--servers` parameter.
+
+```azurecli-interactive
+az network application-gateway create \
+  --name myAppGateway \
+  --location eastus \
+  --resource-group myResourceGroupAG \
+  --vnet-name myVNet \
+  --subnet myAGsubnet \
+  --capacity 2 \
+  --sku Standard_Medium \
+  --http-settings-cookie-based-affinity Disabled \
+  --frontend-port 80 \
+  --http-settings-port 80 \
+  --http-settings-protocol Http \
+  --servers 10.0.1.5 10.0.1.7 \
+  --public-ip-address myAGPublicIPAddress
+```
+
+ It may take several minutes for the application gateway to be created. After the application gateway is created, you can see these new features of it:
+
+- *appGatewayBackendPool* - An application gateway must have at least one backend address pool.
+- *appGatewayBackendHttpSettings* - Specifies that port 80 and an HTTP protocol is used for communication.
+- *appGatewayHttpListener* - The default listener associated with *appGatewayBackendPool*.
+- *appGatewayFrontendIP* - Assigns *myAGPublicIPAddress* to *appGatewayHttpListener*.
+- *rule1* - The default routing rule that is associated with *appGatewayHttpListener*.
+
+## Test the application gateway
+
+1. Use [az network public-ip show](/cli/azure/network/public-ip#az_network_public_ip_show) to get the public IP address of the application gateway.
+
+    ```azurepowershell-interactive
+    az network public-ip show \
+    --resource-group myResourceGroupAG \
+    --name myAGPublicIPAddress \
+    --query [ipAddress] \
+    --output tsv
+    ```
+
+2. Copy the public IP address, and then paste it into the address bar of your browser.
+
+    ![Test base URL in application gateway](./media/tutorial-create-vmss-cli/tutorial-nginxtest.png)
+
+## Next steps
+
+In this tutorial, you learned how to:
+
+> [!div class="checklist"]
+> * Create a virtual machine scale set
+> * Create an application gateway
+> * Add servers to the default backend pool
+
+

articles/application-gateway/media/tutorial-create-vmss-portal/tutorial-ag-address.png

@@ -0,0 +1,148 @@
+---
+title: Create an application gateway with a virtual machine scale set - Azure portal | Microsoft Docs
+description: Learn how to create an application gateway with a virtual machine scale set using the Azure portal.
+services: application-gateway
+author: davidmu1
+manager: timlt
+editor: tysonn
+tags: azure-resource-manager
+
+ms.service: application-gateway
+ms.topic: article
+ms.workload: infrastructure-services
+ms.date: 11/07/2017
+ms.author: davidmu
+
+---
+# Create an application gateway and virtual machine scale set using the Azure portal
+
+You can use the Azure portal to create an [application gateway](application-gateway-introduction.md) that uses a [virtual machine scale set](../virtual-machine-scale-sets/virtual-machine-scale-sets-overview.md) for backend servers. In this example, the scale set contains two virtual machine instances that are added to the default backend pool of the application gateway.
+
+In this article, you learn how to
+
+> [!div class="checklist"]
+> * Create a virtual machine scale set
+> * Create an application gateway
+> * Add servers to the default backend pool
+
+If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.
+
+## Log in to Azure
+
+Log in to the Azure portal at [http://portal.azure.com](http://portal.azure.com)
+
+## Create a virtual machine scale set
+
+When you create a virtual machine scale set, a virtual network is automatically created for you. In this example, the scale set and the application gateway are in the same virtual network, so you create the scale set first.
+
+1. Click **Create a resource** found on the upper left-hand corner of the Azure portal.
+2. Click **Compute** and then select **Virtual machine scale set** in the Featured list.
+3. Enter these values for the virtual machine scale set:
+
+    - *myvmss* - for the name of the scale set. The name must be lowercase letters.
+    - *myResourceGroupAG* - for the name of new the resource group.
+    - *azureuser* - for the user name.
+    - *Azure123456!* - for the password.
+    - *2* - for the instance count.
+    - *myVMSSPublicIPAddress* - for the name of the public IP address associated with the scale set. This resource is required to create the scale set, but is not used in the example.
+    - *myvmss* - for the domain name label.
+
+    ![Create new virtual machine scale set](./media/tutorial-create-vmss-portal/tutorial-vmss.png)
+
+4. Accept all other default values and then click **Create**.
+
+### Install IIS
+
+1. Open the interactive shell and make sure that it is set to **PowerShell**.
+
+    ![Install custom extension](./media/tutorial-create-vmss-portal/tutorial-cloudshell.png)
+
+2. Run the following commands to install IIS on the virtual machine instances in the scale set: 
+
+    ```azurepowershell-interactive
+    $publicSettings = @{ "fileUris" = (,"https://raw.githubusercontent.com/davidmu1/samplescripts/master/appgatewayurl.ps1"); 
+  "commandToExecute" = "powershell -ExecutionPolicy Unrestricted -File appgatewayurl.ps1" }
+
+    $vmss = Get-AzureRmVmss -ResourceGroupName myResourceGroupAG -VMScaleSetName myvmss
+    Add-AzureRmVmssExtension -VirtualMachineScaleSet $vmss `
+      -Name "customScript" `
+      -Publisher "Microsoft.Compute" `
+      -Type "CustomScriptExtension" `
+      -TypeHandlerVersion 1.8 `
+      -Setting $publicSettings
+
+    Update-AzureRmVmss `
+      -ResourceGroupName myResourceGroupAG `
+      -Name myvmss `
+      -VirtualMachineScaleSet $vmss
+    ```
+
+3. The previous PowerShell commands only update the model of the scale set. To update the instances, click **All resources**, click **myvmss**, and then click **Instances**.
+
+4. Select all instances and then click **Upgrade**.
+
+    ![Upgrade instances with IIS](./media/tutorial-create-vmss-portal/tutorial-upgrade.png)
+
+## Create a subnet
+
+1. Click **All resources** in the left-hand menu, and then click **myvmssVnet** from the resources list.
+2. Click **Subnets** and then click **Subnet**.
+
+    ![Create subnet](./media/tutorial-create-vmss-portal/tutorial-subnet.png)
+
+3. Enter *myAGSubnet* for the name of the subnet and then click **OK**.
+
+## Create an application gateway
+
+1. Click **Create a resource**.
+2. Click **Networking** and then select **Application Gateway** in the Featured list.
+3. Enter these values for the application gateway:
+
+    - *myAppGateway* - for the name of the application gateway.
+    - Select **Use existing** and then select *myResourceGroupAG*.
+
+    ![Create new application gateway](./media/tutorial-create-vmss-portal/tutorial-create.png)
+
+4. Accept the default values for the other settings and then click **OK**.
+5. Click **Choose a virtual network**, and then click **mymssVnet**.
+6. Make sure that the subnet to is set to *myAGSubnet*, click **Choose a public IP address**, and then click **Create new**.
+7. Enter the name of the public IP address. In this example, the public IP address is named *myAGPublicIPAddress*. Accept the default values for the other settings and then click **OK**.
+
+    ![Choose public IP address](./media/tutorial-create-vmss-portal/tutorial-public-ip.png)
+
+8. Accept the default values for the Listener configuration, leave the Web application firewall disabled, and then click **OK**.
+9. Review the settings on the summary page, and then click **OK** to create the public IP address and application gateway. It may take several minutes for the application gateway to be created, wait until the deployment finishes successfully before moving on to the next section.
+
+## Add servers to the default backend pool
+
+1. Find the IP addresses of the virtual machines in the scale set. Click **All resources**, select **myvmssVnet** in the resources list, and then click **Overview**.
+2. Record the IP addresses to use later when you add the scale set instances to the backend pools. In this example, the IP addresses are *10.0.0.4* and *10.0.0.5*.
+
+    ![Record IP address](./media/tutorial-create-vmss-portal/tutorial-ip-addresses.png)
+
+3. Click **All resources** and then click **myAppGateway**.
+4. Click **Backend pools**. A default pool was automatically created with the application gateway. Click **appGatewayBackendPool**.
+5. Click **Add target** to add the two IP addresses that you recorded to appGatewayBackendPool.
+
+    ![Add backend servers](./media/tutorial-create-vmss-portal/tutorial-backend-pool.png)
+
+6. Click **Save**.
+
+## Test the application gateway
+
+1. Click **All resources**, and then click **myAGPublicIPAddress**.
+
+    ![Record application gateway public IP address](./media/tutorial-create-vmss-portal/tutorial-ag-address.png)
+
+2. Copy the public IP address, and then paste it into the address bar of your browser.
+
+    ![Test base URL in application gateway](./media/tutorial-create-vmss-portal/tutorial-iistest.png)
+
+## Next steps
+
+In this tutorial, you learned how to:
+
+> [!div class="checklist"]
+> * Create a virtual machine scale set
+> * Create an application gateway
+> * Add servers to the default backend pool

articles/application-gateway/media/tutorial-create-vmss-portal/tutorial-backend-pool.PNG

@@ -0,0 +1,232 @@
+---
+title: Create an application gateway with a virtual machine scale set - Azure PowerShell | Microsoft Docs
+description: Learn how to create an application gateway with a virtual machine scale set using Azure PowerShell.
+services: application-gateway
+author: davidmu1
+manager: timlt
+editor: tysonn
+
+ms.service: application-gateway
+ms.topic: article
+ms.workload: infrastructure-services
+ms.date: 11/14/2017
+ms.author: davidmu
+
+---
+# Create an application gateway and virtual machine scale set using Azure PowerShell
+
+You can use Azure PowerShell to create an [application gateway](application-gateway-introduction.md) that uses a [virtual machine scale set](../virtual-machine-scale-sets/virtual-machine-scale-sets-overview.md) for backend servers. In this example, the scale set contains two virtual machine instances that are added to the default backend pool of the application gateway.
+
+In this article, you learn how to
+
+> [!div class="checklist"]
+> * Create a virtual machine scale set
+> * Create an application gateway
+> * Add servers to the default backend pool
+
+If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.
+
+[!INCLUDE [cloud-shell-powershell.md](../../includes/cloud-shell-powershell.md)]
+
+If you choose to install and use the PowerShell locally, this tutorial requires the Azure PowerShell module version 3.6 or later. To find the version, run `Get-Module -ListAvailable AzureRM`. If you need to upgrade, see [Install Azure PowerShell module](/powershell/azure/install-azurerm-ps). If you are running PowerShell locally, you also need to run `Login-AzureRmAccount` to create a connection with Azure.
+
+## Create a resource group
+
+Create an Azure resource group using [New-AzureRmResourceGroup](/powershell/module/azurerm.resources/new-azurermresourcegroup). A resource group is a logical container into which Azure resources are deployed and managed. 
+
+```azurepowershell-interactive
+New-AzureRmResourceGroup -Name myResourceGroupAG -Location eastus
+```
+
+## Create a virtual network, subnets, and public IP address 
+
+Create the subnet configurations using [New-AzureRmVirtualNetworkSubnetConfig](/powershell/module/azurerm.network/new-azurermvirtualnetworksubnetconfig). Create the virtual network using [New-AzureRmVirtualNetwork](/powershell/module/azurerm.network/new-azurermvirtualnetwork) with the subnet configurations. And finally, create the public IP address using [New-AzureRmPublicIpAddress](/powershell/module/azurerm.network/new-azurermpublicipaddress). These resources are used to provide network connectivity to the application gateway and its associated resources.
+
+```azurepowershell-interactive
+$backendSubnetConfig = New-AzureRmVirtualNetworkSubnetConfig `
+  -Name myBackendSubnet `
+  -AddressPrefix 10.0.1.0/24
+$agSubnetConfig = New-AzureRmVirtualNetworkSubnetConfig `
+  -Name myAGSubnet `
+  -AddressPrefix 10.0.2.0/24
+$vnet = New-AzureRmVirtualNetwork `
+  -ResourceGroupName myResourceGroupAG `
+  -Location eastus `
+  -Name myVNet `
+  -AddressPrefix 10.0.0.0/16 `
+  -Subnet $backendSubnetConfig, $agSubnetConfig
+$pip = New-AzureRmPublicIpAddress `
+  -ResourceGroupName myResourceGroupAG `
+  -Location eastus `
+  -Name myAGPublicIPAddress `
+  -AllocationMethod Dynamic
+```
+
+## Create a virtual machine scale set
+
+In this example, you create a virtual machine scale set to provide servers for the backend pool in the application gateway. You can use [New-AzureRmVmssIpConfig](/powershell/module/azurerm.compute/new-azurermvmssipconfig) and [New-AzureRmVmssConfig](/powershell/module/azurerm.compute/new-azurermvmssconfig) to configure the scale set to use the *myBackendSubnet* subnet and to specify that the scale set should contain two virtual machine instances. 
+
+You use [Set-AzureRmVmssStorageProfile](/powershell/module/azurerm.compute/set-azurermvmssstorageprofile) and [Set-AzureRmVmssOsProfile](/powershell/module/azurerm.compute/set-azurermvmssosprofile) to specify and configure the operating system on the virtual machines. To configure the network interface for the virtual machines, you can use [Add-AzureRmVmssNetworkInterfaceConfiguration](/powershell/module/azurerm.compute/add-azurermvmssnetworkinterfaceconfiguration). And finally, you can use [New-AzureRmVmss](/powershell/module/azurerm.compute/new-azurermvmss) to create the scale set.
+
+```azurepowershell-interactive
+$ipConfig = New-AzureRmVmssIpConfig `
+  -Name myVmssIPConfig `
+  -SubnetId $vnet.Subnets[0].Id
+$vmssConfig = New-AzureRmVmssConfig `
+  -Location eastus `
+  -SkuCapacity 2 `
+  -SkuName Standard_DS2 `
+  -UpgradePolicyMode Automatic
+Set-AzureRmVmssStorageProfile $vmssConfig `
+  -ImageReferencePublisher MicrosoftWindowsServer `
+  -ImageReferenceOffer WindowsServer `
+  -ImageReferenceSku 2016-Datacenter `
+  -ImageReferenceVersion latest
+Set-AzureRmVmssOsProfile $vmssConfig `
+  -AdminUsername azureuser `
+  -AdminPassword "Azure123456!" `
+  -ComputerNamePrefix myvmss
+Add-AzureRmVmssNetworkInterfaceConfiguration `
+  -VirtualMachineScaleSet $vmssConfig `
+  -Name myVmssNetConfig `
+  -Primary $true `
+  -IPConfiguration $ipConfig
+New-AzureRmVmss `
+  -ResourceGroupName myResourceGroupAG `
+  -Name myvmss `
+  -VirtualMachineScaleSet $vmssConfig
+```
+
+### Install IIS
+
+```azurepowershell-interactive
+$publicSettings = @{ "fileUris" = (,"https://raw.githubusercontent.com/davidmu1/samplescripts/master/appgatewayurl.ps1"); 
+  "commandToExecute" = "powershell -ExecutionPolicy Unrestricted -File appgatewayurl.ps1" }
+
+$vmss = Get-AzureRmVmss -ResourceGroupName myResourceGroupAG -VMScaleSetName myvmss
+Add-AzureRmVmssExtension -VirtualMachineScaleSet $vmss `
+  -Name "customScript" `
+  -Publisher "Microsoft.Compute" `
+  -Type "CustomScriptExtension" `
+  -TypeHandlerVersion 1.8 `
+  -Setting $publicSettings
+
+Update-AzureRmVmss `
+  -ResourceGroupName myResourceGroupAG `
+  -Name myvmss `
+  -VirtualMachineScaleSet $vmss
+```
+
+## Create an application gateway
+
+### Create the IP configurations
+
+Use [New-AzureRmApplicationGatewayIPConfiguration](/powershell/module/azurerm.network/new-azurermapplicationgatewayipconfiguration) to create the configuration that associates the subnet that you previously created with the application gateway. Use [New-AzureRmApplicationGatewayFrontendIPConfig](/powershell/module/azurerm.network/new-azurermapplicationgatewayfrontendipconfig) to create the configuration that assigns the public IP address that you also previously created to the application gateway.
+
+```azurepowershell-interactive
+$subnet=$vnet.Subnets[1]
+$gipconfig = New-AzureRmApplicationGatewayIPConfiguration `
+  -Name myAGIPConfig `
+  -Subnet $subnet
+$fipconfig = New-AzureRmApplicationGatewayFrontendIPConfig `
+  -Name myAGFrontendIPConfig `
+  -PublicIPAddress $pip
+```
+
+### Create the frontend port
+
+Use [New-AzureRmApplicationGatewayFrontendPort](/powershell/module/azurerm.network/new-azurermapplicationgatewayfrontendport) to assign port 80 to be used to access the application gateway.
+
+```azurepowershell-interactive
+$frontendport = New-AzureRmApplicationGatewayFrontendPort `
+  -Name myFrontendPort `
+  -Port 80
+```
+
+### Create the default backend pool
+
+1. Use [Get-AzureRmNetworkInterface](/powershell/module/azurerm.network/get-azurermnetworkinterface) to get the private IP address of each virtual machine in the scale set. After running the command, record the private IP addresses for each virtual machine.
+
+    ```azurepowershell-interactive
+    Get-AzureRmNetworkInterface -ResourceGroupName myResourceGroupAG -VirtualMachineScaleSetName myvmss | ForEach-Object {$_.ipConfigurations[0].PrivateIPAddress}
+    ```
+
+2. Use [New-AzureRmApplicationGatewayBackendAddressPool](/powershell/module/azurerm.network/new-azurermapplicationgatewaybackendaddresspool) to create the backend address pool for the application gateway. Configure the settings for the backend address pools using [New-AzureRmApplicationGatewayBackendHttpSettings](/powershell/module/azurerm.network/new-azurermapplicationgatewaybackendhttpsettings). Change the server IP addresses to the two that you previously recorded.
+
+    ```azurepowershell-interactive
+    $defaultPool = New-AzureRmApplicationGatewayBackendAddressPool `
+      -Name appGatewayBackendPool `
+      -BackendIPAddresses 10.0.0.4, 10.0.0.5
+    $poolSettings = New-AzureRmApplicationGatewayBackendHttpSettings `
+      -Name myPoolSettings `
+      -Port 80 `
+      -Protocol Http `
+      -CookieBasedAffinity Enabled `
+      -RequestTimeout 120
+    ```
+
+### Create the default listener and rule
+
+Listeners are required to enable the application gateway to route traffic appropriately to the backend address pools. In this example, you create a basic listener that listens for traffic at the root URL.
+
+Create a listener using [New-AzureRmApplicationGatewayHttpListener](/powershell/module/azurerm.network/new-azurermapplicationgatewayhttplistener) with the frontend configuration and frontend port that you previously created. A rule is required for the listener to know which backend pool to use for incoming traffic. Use [New-AzureRmApplicationGatewayRequestRoutingRule](/powershell/module/azurerm.network/new-azurermapplicationgatewayrequestroutingrule) to create a basic rule named *rule1*.
+
+```azurepowershell-interactive
+$defaultlistener = New-AzureRmApplicationGatewayHttpListener `
+  -Name mydefaultListener `
+  -Protocol Http `
+  -FrontendIPConfiguration $fipconfig `
+  -FrontendPort $frontendport
+$frontendRule = New-AzureRmApplicationGatewayRequestRoutingRule `
+  -Name rule1 `
+  -RuleType Basic `
+  -HttpListener $defaultlistener `
+  -BackendAddressPool $defaultPool `
+  -BackendHttpSettings $poolSettings
+```
+
+### Create the application gateway
+
+Now that you created the necessary supporting resources, use [New-AzureRmApplicationGatewaySku](/powershell/module/azurerm.network/new-azurermapplicationgatewaysku) to specify parameters for the application gateway, and then use [New-AzureRmApplicationGateway](/powershell/module/azurerm.network/new-azurermapplicationgateway) to create it.
+
+```azurepowershell-interactive
+$sku = New-AzureRmApplicationGatewaySku `
+  -Name Standard_Medium `
+  -Tier Standard `
+  -Capacity 2
+$appgw = New-AzureRmApplicationGateway `
+  -Name myAppGateway `
+  -ResourceGroupName myResourceGroupAG `
+  -Location eastus `
+  -BackendAddressPools $defaultPool `
+  -BackendHttpSettingsCollection $poolSettings `
+  -FrontendIpConfigurations $fipconfig `
+  -GatewayIpConfigurations $gipconfig `
+  -FrontendPorts $frontendport `
+  -HttpListeners $defaultlistener `
+  -RequestRoutingRules $frontendRule `
+  -Sku $sku
+```
+
+## Test the application gateway
+
+1. Use [Get-AzureRmPublicIPAddress](/powershell/module/azurerm.network/get-azurermpublicipaddress) to get the public IP address of the application gateway.
+
+    ```azurepowershell-interactive
+    Get-AzureRmPublicIPAddress -ResourceGroupName myResourceGroupAG -Name myAGPublicIPAddress
+    ```
+
+2. Copy the public IP address, and then paste it into the address bar of your browser.
+
+    ![Test base URL in application gateway](./media/tutorial-create-vmss-powershell/tutorial-iistest.png)
+
+## Next steps
+
+In this tutorial, you learned how to:
+
+> [!div class="checklist"]
+> * Create a virtual machine scale set
+> * Create an application gateway
+> * Add servers to the default backend pool
+
+