Azure App Services
Azure App Services
The most fundamental building block of Azure App Service is the App Service plan or App
Service environment.
There are two types of hosting environments within App Service. App Service plan and App
Service environment. App Service Environment is a more sophisticated version of the App
Service plan and comes with a lot more features when compared to the App Service plan.
Within these, we can host several Apps like - web applications, web jobs, batches, APIs, and
mobile backend services that can be consumed from our mobile Front-End.
Other related services are closely related to these apps within the App service plan. Those
related services are a notification hub that we can use to push notifications into mobile
devices. We can use Mobile engagement to carry out Mobile analytics.
Apart from these related services, there is one more service, which is very important when
it comes to APIs, which is API management. API management can act as a wrapper around
our API apps when we're exposing those APIs to the outside world. It comes with a lot of
features such as throttling, security, and it will be beneficial if we want to commoditize our
APIs and sell it to the outside world.
To enable communication between apps in the App Service plan and apps installed on
virtual machines within the virtual network. There are two ways we can do it. One way is to
establish Point-to-site VPN between apps in the App Service plan and virtual network via
which the apps can communicate with each other. And the second way is if we have the App
service environment. Because it will get deployed into a virtual machine by itself, the Apps
within that App Service environment can seamlessly communicate with the apps installed on
virtual machines within the virtual network.
And finally, there are two important things. The first one is security, and the second one is
monitoring to secure and control the App services environment.
Environment features
o Development frameworks: App Service supports a variety of development
frameworks, including ASP.NET, classic ASP, node.js, PHP, and Python- all of which
run as extensions within IIS.
o File access
o Local drives - Operating system drive (D:\drive), an application drive and
user drive (the C:\ drive)
o Network drives - Each customer's subscription has a reserved directory
structure on a specific UNC share within a data center.
o Network access: The application code can use TCP/IP and UDP based protocols to
make outbound network connections to access Internet endpoints that expose
external services.
Step 2: Fill-in all the required details and select the SKU size, as shown in the figure below.
Then click on create.
Step 3: Your app service plan will be created. You can now explore and modify it as per
your requirement.
Azure Web App
Azure Web App service lets us quickly build, deploy, and scale enterprise-grade web,
mobile, and API apps running on any platform. It helps us to meet rigorous performance,
scalability, security, and compliance requirements while using a fully managed platform to
perform infrastructure maintenance.
Creating a Web App and deploying an application into Azure web App from visual
studio
Step 1: Click on create a resource and type in the web app. After that, click on the web app
and then click on Create.
Step 2: You are now on the Web App creation page. Fill-in, all the required details, then
click on review+create.
Step 3: Click on create, then you will be redirected to the following page.
Step 4: Open Visual Studio, then click on Create a new project.
Step 7: Now select the Web application (Model View Controller) option from available
templates. Then Click on create.
Step 8: Your project will be created, Now click on publish to configure it with the Azure
portal.
Step 9: Here, either you can create a new service plan, or you can use an existing one.
Step 10: Let's see how to create a new one, click on Create new. Fill all the details and click
on create a profile.
Step 11: As we have already created an App service previously, so we are using that one
here. Go back and click on Select existing.
Step 12: Now, click on the file name and then click on, Ok.
Step 13: Now go to the Azure portal and click on the storage account.
Step 14: Click on the app section, here you can view the web app that you have created.
Step 15: Click on the browse button above to see that your Web app is working or not.
Azure Mobile App
We can deploy our mobile backend services on Azure using Azure Mobile apps. By
implementing our mobile backend service on Azure, our mobile backend will be able to
communicate with different Azure services. We can able to take advantage of various
features that are provided by Azure Mobile Apps.
Firstly we need to do is to retrieve the PNS handle from the platform notification service so
that our mobile client will retrieve the PNS handle and pass on that handle to Azure
Notification Hub via our Azure mobile app backend service. It can be anything. And from
that point onwards, our mobile backend service can interact with Azure notification hub to
send notifications.
Mobile Engagement
Azure Mobile Engagement is a software as a service user Engagement platform that
provides data-driven insights into app usage, real-time user segmentation. And the key
thing is it enables contextually-aware push notifications and in-app messaging.
For example, ? We have an e-commerce website, and some of the users are showing more
interest in sports-related equipment. In that case, using Mobile engagement, we can
identify those users that are visiting the sports product more frequently. And whether we
want to offer discounts or any new sports product that came into the market, then we can
send a notification to only those users that are showing interest in sports products.
Another thing that we can do using Azure Mobile Engagement is data-driven insights into
app usage. You can see which screen of your app get more engagement from the users
using which we can improve our app. We can do all real-time user segmentation based on
the user data and also based on the pages they visit, the type of data they search, etc.
The Azure Mobile Engagement can be used with Azure mobile apps, which makes in total a
compelling platform for the development of your mobile apps.
At a very high level, firstly, when http or https request comes. It will come to API
management and the API management based on the location of the API. Then it will forward
that request to either Azure API apps or on-premises apps. But when it is forwarding that
request it can throttle, it can also monitor and manipulate the inputs and outputs.
API Management portals
o The API management portal is where developers can learn about APIs, view and call
operations, and subscribe to products.
o Content within the developer portal is modified via the publisher portal, which is
accessible from the Azure portal. To reach there, click on the Publisher portal from
the service toolbar of our API Management instance.
o The dashboard of the developer portal can be customized by adding custom content,
customizing styles, and adding our branding.
API management concepts
The API management concept is the crucial thing that we need to remember.
o APIs and operations: Each API represents a set of actions available (might be
CRUD operation) to developers.
o Products: This is how APIs are surfaced to developers. Each product can contain
multiple APIs.
o Groups: It is used to manage the visibility of APIs so we can have three types of
groups.
o An administrator group member can manage API management service
instances, creating the APIs, operations, and products that are used by
developers.
o Developers? group members are authenticated customers that build
applications using APIs.
o Guests are the unauthenticated developer portal users. Guests are our
prospective customers who will come and consume/trail. They will view the
APIs and see whether it fits into their requirements or not.
o Policies: It is a very powerful capability of API management that allows the
publisher to change the behavior of the API through configuration, such as
throughput.
Step 2: Now, assign a name to your API app and select the resource group. After that,
select the service architecture according to your requirements.
Step 3: Finally, click on create.
Scaling
There are two ways we can scale the app services.
Scale-up: It means we can get more CPU, memory, disc space, and also an extra feature
like dedicated virtual machines, custom domains, certificates, staging slots, auto-scaling,
and many other features based on the pricing tier we select when we are scaling up our app
service plan.
Scale-out: It means we will increase the number of VM instances that run our app so we
can scale out to any number of instances based on the pricing tier. But, if we go for app
service environments in an isolated tier, then we can scale out to a hundred instances.
Apart from this, another important thing that we need to remember about scaling is Auto
Scaling. There are many ways that we can scale our app services.
o Automatically
o Manually
o Pre-set Matric
o Scheduled
Step 4: It is successfully deployed, and similarly, you can scale out and set up it for auto-
scaling based on some predefined conditions.
Azure App Service Security
Authentication and Authorization: Every App service comes with an Authentication and
Authorization module that handles several things for our app.
o It will authenticate the user with a specified provider such as Facebook, Google,
Twitter, Azure Active Directory, etc.
o It will store, validate, and refreshes tokens.
o It also manages the authenticated session.
o It injects identity formation into request headers.
Example - if we want to Access a secret from Azure key vault. By submitting that token and
having a proper access policy defined within Azure key vault, our application code will be
able to retrieve the secret at run time and use that secret to access an on-premises
resource.
Step 2: Click on the toggle button showing switch on/off. Switch it on.
Step 3: Now select the Action to take when the request is not authenticated as "Login with
Azure Active Directory."
Step 4: Now, configure the Azure Active Directory with the express mode. After that, click
on create and then click on save.
Azure App Service Monitoring
Microsoft provides different features to monitor our App service.
Quotas
Application hosted in App Service is subject to certain limits on the resources they can use.
The boundaries are defined by the App Service plan associated with the app. When we
create an app service plan, we generally select a pricing tier and also size. Based on the size
and pricing tier, we'll be allocated with a certain amount of CPU and a certain amount of
memory. Quotas for Free or Shared apps are as follows.
o CPU(Short)
o CPU(Day)
o Memory
o Bandwidth
o Filesystem- Applicable for Basic, Standard, and Premium plans
The only quota applicable to apps hosted on Basic, Standard, and Premium plans is
Filesystem, based on the number of App service plans that we have created in our
subscription.
Metrics
Metrics provide information about the app or App Service plan's behaviour. So Metrics are
provided at two levels.
o One is at the App service plan level, which will include CPU and Memory percentage,
Data in and out, Disc queue length, and HTTP queue length.
o The second level of metrics provided at an application level, which includes average
response time, average memory working set, CPU time, Data in and out, etc. All of
these metrics are essential. There are a lot more metrics available when we go for
application insight, which is an advanced monitoring tool using which we can monitor
web apps.
Granularity and retention
o Minute granularity: These metrics are retained for 30 hours.
o Hour granularity: These metrics are retained for 30 days.
o Day granularity: These metrics are retained for 30 days.
However, if we use the application insights, then this retention will increase drastically.
Diagnostics
App service web apps provide diagnostic functionality for logging information from both the
web server and the web application. These are logically separated into web server
diagnostics and application diagnostics.
Web server Diagnostics: In this, we can have a detailed error logging, which is any Http
400, and the above error will get logged. We can also view the logs. And the second thing is
failed request tracking, which basically contains the trace of IIS components that are used
to process our request. And the third one is web server logging. These are the overall
metrics on how many Http requests we received, and from a particular IP address.
Application Diagnostics: It allows us to capture the information produced by the web
application. So if we're using system diagnostic trace, all the information will be provided by
application diagnostics.
Diagnostic information can be stored in file system or Azure storage.
Stream logs
During the development of an application, it is often useful to see logging information in
near-real-time. We can steam logging information to our development environment using
either Azure PowerShell or the azure Command-line interface.
These are the basic commands that we need to use to stream the log files.
o Streaming with Azure PowerShell
o Get-AzureWebSiteLog - Name webappname -Tail
o Get-AzureWebSitelog - Name webappname -Tail -Message Error
o Streaming with Azure Command-Line Interface
o az webapp log tail - name webappname -resource-group myResourceGroup
o az webapp log tail -name webappname -resource-group myResourceGroup
-filter Error
CDN products
There are several types of products that are available by Azure, and there are two other
third party providers that provide CDN products in partnership with Microsoft.
o Azure CDN Standard from Microsoft (Preview)
o Azure CDN Standard from Akamai
o Azure CDN Standard from Verizon
o Azure CDN Premium from Verizon