Introduction to Azure Web Apps
The Pandemic has accelerated our cloud transformation. Cloud-readiness benefited many companies. A McKinsey Global Survey says that the Pandemic has sped the digitization by 3-4 years. In this blog, let us understand what Azure is and how Azure Web Apps help us.
Web Apps have fast become a favorite of many enterprise applications. Azure Web Apps are Microsoft's offering to the cloud to host the web apps. Now developers could focus on their core business activity, wasting their time on server updates and OS patches. Also, Azure has many features like auto-scaling, multiple deployment slots, detailed diagnostics, enhanced security, and load balancing with traffic managers.
What is Azure?
It is a public cloud computing platform that offers many solutions, including Platform-as-a-Service (PaaS), Software-as-a-Service (SaaS), Infrastructure-as-a-Service. It offers services such as analytics, networking, storage, virtual computing, etc.
Azure Web App comes under Platform-as-a-Service. It provides a platform that helps to host web applications by building, deploying, and running applications. We can develop applications using any language, be it · .NET, .NET Core, ·Java, · Ruby, · Node.js, · PHP, · Python.
Traditional Webhosting Vs. Hosting with Web Apps
Getting started with Azure Static Web Apps
Applications deployed on Azure can run and scale with ease on both Windows and Linux-based environments. Using App Service, we pay for the Azure computer resources we use. The App Service Plan that we are running our apps on determines all the computer resources we use. We will have to migrate our application to the cloud and relax. "Azure App Service" will take care of everything and help in running the procedure. The advantage of hosting the application on the web is that we don't need to pay much attention to the infrastructure.
We don't need to worry about resource scaling like Operating System updates and Server capabilities and keep an eye on IIS (Internet Information Services running). Apps install Azure Service Fabric which will be responsible for performing all the operations. Installed Service Fabric will make sure that the Web App has all the required resources and allocation.
Benefits of Using Azure App Service
1. Multiple programming languages and frameworks are supported
Azure App Service supports multiple programming languages and frameworks:
- .NET Core
2. Scalability and High Availability
It responds to the demands of our application by scaling the resources, providing 99.9% availability. We can scale it either manually or automatically based on metrics like CPU utilization, for example.
We can authenticate users with Azure Active Directory (AAD) or external authentication providers like Google, Facebook, Twitter, or Microsoft.
4. Docker and Container
We can host a custom Windows or Linux container in App Service. So, if we want to, we can dockerize our app and host it in App Service.
5. DevOps optimization
We are setting up continuous integration and deployment (CI/CD) with Azure DevOps, BitBucket, Docker Hub, Azure Container Registry, GitHub.
6. Access on-premises data
Using Hybrid Connections and Azure Virtual Networks, we can use App Service and access data on our on-premises servers.
7. Visual Code and Visual Studio Code Integration
We can use IDE (Visual Studio, VS Code, etc.) to deploy a web application to the Azure app platform. Developers can acquire the full knowledge of application development workflow and efficiently conduct a debugging and integration process.
8. Serverless Code
"Azure Functions" is a technique that helps in building infrastructure updates and provides serverless computation.
Azure policies are tools that help to enforce governance and controls. IT organizations can enforce controls around provisioning Azure resources to ensure adherence to security and compliance standards with the help of azure policies. Though Azure provides built-in policies, users can create custom policies as well. Users can customize built-in policies as per the requirements. App service has built-in policies using which we can secure applications and promote best practices.
Table lists all added built-in policies categorized by the area of control:
|PremiumV2, PremiumV3, Functions Premium||Routing||AuditIfNotExists, Disabled||Service must use private link|
|PremiumV2, PremiumV3, Functions Premium||Routing||AuditIfNotExists, Deny, Disabled||apps must use a SKU that uses private link|
|PremiumV2, PremiumV3, Functions Premium||Routing||DeployIfNotExists, Disabled||Use private DNS zones to configure App Service to|
|All except IsolatedV1 & IsolatedV2||Routing||AuditIfNotExists, Disabled||apps must enable outbound non-RFC 1918 traffic to Virtual Network|
|IsolatedV1, IsolatedV2||Security||Audit, Disabled||App Service Environment must enable internal encryption|
|IsolatedV1, IsolatedV2||Security||Audit, Disabled||App Service Environment must disable TLS 1.0 and 1.1|
|IsolatedV1, IsolatedV2||Security||Audit, Disabled||App Service Environment configured with strongest TLS Cipher Suites|
|IsolatedV1, IsolatedV2||Service Governance||Audit, Disabled||App Service Environment provisioned with latest versions|
|All except IsolatedV1 & IsolatedV2||Security||AuditIfNotExists, Disabled||App Service must disable public network access|
|All except IsolatedV1 & IsolatedV2||Security||DeployIfNotExists, Disabled||To disable public network access, configure App Service|
|IsolatedV1, IsolatedV2||Security||AuditIfNotExists, Disabled||Apps should not be reachable over public internet|
Deployment features: Continuous Deployment for Azure Web Apps
Swap Instances on Deployed App Services
The Azure Web App is quite successful because of the deployment slot. We can run many versions of the application simultaneously in the deployment slot. Deployed App Services will always run on the default slot known as "Production slot" and it will contain deployment slots to check the application’s version.
We can create as many instances as we want but one instance will always point to the default slot, and we can swap different instances with just one click. Ensuring zero downtime, we can swap an instance with the default production slot once it is verified.
If an application is not functioning as expected, we can swap it with a different instance that is working well.
Deployment Slots – testing in production
If we have one or more deployment slots, we can use them to test in production. We can configure how much traffic we want to allow to each deployment slot. We can route 20% to our staging slot and the rest (80%) to our production Web App. 20% of users will be sent to the deployment slots and those users get to test our new features.
Using deployment center feature one can connect to a code repository of Web App, built code, and deployed whenever it is updated. Deployment center enables implementation of Continuous Integration (build every time code is checked in) and Continuous Deployment (deploy every time the code was built successfully).
It allows us to configure everything from the .NET Framework version that the App Service runs, to which HTTP version it runs. We can add application settings as key-value pairs and connection strings to other services.
Authentication / Authorization
It provides a feature using which we can authenticate users before they can use our application. We can select which identity provider you want to use like Google, Facebook, Twitter, Microsoft, Azure Active Directory, or a custom provider.
Azure Monitor Application Insights
One can configure Azure Monitor Application Insights as an extension that runs in the App Service. This collects performance and diagnostics information from the App Service and sends that to the Application Insights instance that you use to monitor and analyze your App.
This feature allows us to select a Managed Service Identity to the App Service. It is an identity that resides in Azure Active Directory and can be used to authenticate to other services, like Azure Key Vault. Using this, we don’t need to store any credentials in our code or in the configuration of our App Service to authenticate to services like Azure Key Vault.
We can have backups of everything in our App Service daily. It stores the information, so the application and the settings of our App Service. It can also store connected services, like an Azure SQL Database which is connected to the App Service with a connection string. It is useful when we want to revert to a previously working version of our App Service.
When we create an App Service, it has a URL that we can access from the internet. Initially, this is something like xxxxx.azurewebsites.net. we can add our custom domain names to the App service, so that we can reach it through our URL. We can buy a domain and add it to our App Service, straight form the Azure portal. The domain that we buy there, is bought from godaddy.com
Adding SSL certificates and attaching it to domains that are allocated to App Service will secure the traffic to App Service. xxxxx.azurewebsites.net (default app service URL), is secured with an SSL certificate. For custom domains, we can use SSL certificates that we have bought.
Using IP restriction, we can protect our app. Creating hybrid connections to App Service which will connect services and data stores that run somewhere else than Azure, for instance in own datacenter will secure the app. Using virtual networks will securely connect services to our App Service.
Scale up (App Service plan)
Scaling up is the process where you increase the amount of compute resources that run your App Service. Scaling up will be done by choosing a higher pricing tier for the App Service Plan. This provides App Service with more CPU, memory, and disk space. We can scale down as well to save costs.
Scale out (App Service plan)
Increase the number of instances you run, this is called as scale out. Scale out can be done with the help of manual slider, to increase the amount of App Service instances that you run. Scale out can be done automatically as well based on schedule or on metrics like when the CPU utilization hits 70%. We can create automatic scaling method that uses both a schedule and metrics.
Primary and an interesting feature of App Service is WebJobs. It is a type of service that used to run background jobs. And it can be triggered by a scheduler or by an external event, like when a new message arrives on a queue. Write the code that does something whenever the WebJob executes. WebJobs are like Azure Functions, which run in Function Apps. Azure Functions are developed on the same technology as WebJobs.
Using this feature, we can create an App Service that is the same as the original. This allows us to copy an App Service App and save time. It doesn’t copy custom domains and copy only the content of the App Service, hence the name of application.
App Service Editor
This is a new feature. By the time that one reads this, the App Service Editor may have a different name or may not exist. If it is there, we should go through that. It allows us to navigate around the files in our App Service and edit and save them in an online code editor. One shouldn’t use this for production purposes, as we want our code changes to come from a code repository, like GitHub or Azure DevOps.
We can monitor performance tests, using App Service. This feature uses Azure DevOps in the background to check resources for a performance test and runs it. Performance tests that run with this feature only support simple test scenarios, like hitting a specific URL of our application. We can use Azure DevOps to create and execute more complex performance tests.
Creating Web Apps in Azure portal
Step1: Login to portal.azure.com and click on create a resource link:
Step2: After clicking on create a resource button you will be redirected to following page. Click on Web => Web Apps
Step 3: Now you will be redirected to Create Web App page. Enter mandatory fields and click on review and create
|Runtime stack||Select runtime stack(.Net 5)|
|Region||Same as other resources|
Step 4: will create and deploy a web app. Once deployment is done, click on go to resource
Step 5: When we go to created resource, we can see app is created and deployed. Refer following image
Step 6: Click on URL, you will be redirected to your deployed app
We have covered all the points about Azure Web App Services that would help readers.