Chapter 3. Create and deploy apps

Azure App Service is a managed platform used to quickly build, deploy, and scale web apps in the cloud. App Service supports applications built using common frameworks such as .NET, .NET Core, Node.js, Java, PHP, Ruby, or Python. One of the biggest advantages to using App Service is the ability to instantly achieve enterprise-grade performance, security, and compliance without having to worry about routine maintenance and operational tasks.

In this chapter, you learn how to create and deploy web applications that run in the Azure App Service environment, and you’ll gain an understanding of modern patterns and practices used to build and deploy containerized applications.

Skills covered in this chapter:

  • Skill 3.1: Create web apps by using PaaS
  • Skill 3.2: Design and develop apps that run in containers

Skill 3.1: Create web apps by using PaaS

Azure App Service gives you the ability to build and host web apps, mobile back ends, and RESTful APIs without getting bogged down in the depths of managing traditional infrastructure. Offloading the heavy lifting of server maintenance, patching, and backups gives you the freedom to concentrate on your application. App Service includes Microsoft’s best practices for high availability and load balancing as part of this managed service offering. You can easily enable and configure autoscaling and deploy Windows or Linuxbased applications from common deployment sources such as GitHub, Azure DevOps, or any local Git repo.

This skill covers how to:

  • Create an Azure App Service web app
  • Create an App Service web app for containers
  • Create documentation for an API
  • Create an App Service background task by using WebJobs
  • Enable diagnostics logging for web apps

Create an Azure App Service web app

Microsoft offers a variety of methods for deploying web apps in Azure App Service. The term web app simply refers to a managed application running in App Service. You can use the Azure portal to create a web app, and you also can use the Azure CLI, PowerShell, and other IDE-based tools such as Visual Studio that provide integration with the Azure platform.

To create an Azure App Service web app, start by signing in to the Azure portal and use the following procedure:

  1. Navigate to the App Services bookmark on the left side of the Azureportal.
  2. Click on Add to create a new web app.
  3. On the Web App screen (see Figure 3-1), configure the following options and then click Review and Create:

Subscription Select the appropriate subscription for the web app resource. You may have different subscriptions in your enterprise that are dedicated to development or production environments or are dedicated to use by specific teams in your organization.

Resource Group Select an existing or new resource group where the web app will reside. Remember that you can deploy multiple resources into a group and delegate access control at the resource group level if needed.

Name Enter a globally unique host name for your web app under azurewebsites.net. This may take several attempts as many host names are already in use. Enter the name for your web app in all lowercase letters. It should have between 3 and 24 characters.

Publish Select Code as the publish option unless you’re deploying a web app that has been packaged into a Docker container image.

Runtime stack Select the appropriate runtime stack for your application. Multiple runtimes are supported in App Service, including .NET Core, ASP.NET, Java, Node, and Python.

Region Choose the appropriate region to host your web app. Keep in mind that proximity between users and application infrastructure may be very sensitive depending on the type of web application you’re deploying. It’s a common practice to host cloud resources in regions closest to end users.

App Service Plan Select a new or existing App Service Plan, which is the managed infrastructure hosting your web apps. Various pricing tiers are available that provide everything from basic capability all the way to very advanced capabilities. The Standard S1 plan is the recommended minimum pricing tier for production web apps.

Figure 3-1 Creating an App Service web app
Screenshot_88

Exam Tip

You can also use the command line to deploy your web apps. For example, use the az webapp create command with the Azure CLI to perform this task from your local terminal or Azure Cloud Shell instance.

Create an App Service web app for containers

The ease of Azure App Service makes deploying Windows or Linux container-based web apps a simple process. You can pull Docker container images hosted in the Docker Hub or use your own private Azure Container Registry. One of the greatest benefits to this approach is that you can include all the dependencies you need for your application inside your container images. Microsoft will take care of the patching, high availability, and load balancing that powers the underlying infrastructure.

Creating a web app for containers is a similar process to building a standard web app. Use the following procedure in the Azure portal to create a containerized web app in App Service:

Exam Tip

Azure PowerShell is a common command-line alternative used to deploy web apps. You can use the New-AzWebApp cmdlet to script the deployment of standard or containerized web apps in App Service.

  1. Navigate to the App Services bookmark on the left side of the AzurePortal.
  2. Click Add to create a new web app.
  3. Provide all of the required details for your web app and make sure toset the Publish option to Docker Image; then click Next.
  4. Enter the details for your Docker container image, as shown in Figure 3-2, and then click Review and Create:

Options Selecting a Single Container is the most common option. Multicontainer support using Docker Compose is currently planned for future release.

Image Source The Docker Hub is the default container registry for public images. You also can select your own private registry or an Azure Container Registry resource.

Access Type Public images are the default access type for Docker

Hub; however, private images are also supported with App Service web apps. If you select private for your access type, you’re prompted to enter your registry credentials.

Image and Tag Enter the name of your container image and corresponding tag (optional).

Startup Command Optional startup scripts or commands are supported. This is often unnecessary because container images can be built to use a specific startup command by default.

Figure 3-2 Configuring the Docker image settings
Screenshot_89

Need More Review?

App Service Overview

To review further details about Azure App Service, refer to the Microsoft Azure documentation at https://docs.microsoft.com/en-us/azure/app-service/overview

Create documentation for an API

It’s quite common for development teams to host RESTful APIs as web apps in Azure, and the App Service environment provides support for documenting those APIs through metadata. The OpenAPI Specification (formerly Swagger Specification) is an API description format for REST APIs. An OpenAPI file allows you to describe your entire API, and this file can be used to generate documentation automatically.

Self-documenting APIs open up some interesting capabilities for your web apps running in Azure. In addition to helping with documentation, RESTful APIs that offer a Swagger definition file also can be used by Azure Logic Apps and the built-in HTTP + Swagger connector. This provides a seamless experience when you use the Logic Apps Designer with your custom-built APIs.

The process for creating documentation for an API requires the following procedure:

  1. Application developers need to add support for generating Swaggerdocuments into the codebase for the API. For example, .NET developers can use the Swashbuckle or NSwag open source packages to add Swagger support to the project.
  2. You need to add a Swagger definition file to the project. This definitionfile is simply a JSON document that describes the API methods that are available when consuming the API. This file is typically generated by the Swagger tool chain or through third-party implementations.
  3. After development of the API is complete, it should be deployed to anexisting Azure web app resource. This can be done in a variety of deployment sources such as GitHub, Azure DevOps, or any local Git repo.
  4. Once the application is up and running in App Service, navigate to theproperties of the web app resource in the Azure portal.
  5. Navigate to the API Definition screen and configure the API definitionlocation, as shown in Figure 3-3.
  6. Figure 3-3 Setting the API definition location
    Screenshot_90

    Exam Tip

    The terms “web app” and “API app” can be used interchangeably when it comes to working with Azure App Service applications. An API app is the same resource as a web app in App Service. The only difference is it has an API definition configured.

  7. After the API definition location has been set, teams can use tools likethe open source Swagger UI to generate documentation for their API.

Note

Cross-Origin Requests (CORS)

You may need to enable support for CORS depending on how the API and tools are used with your API definition. For more details, see http://docs.microsoft.com/en-us/azure/app-service/app-serviceweb-tutorial-rest-api in the Azure documentation.

Create an App Service background task by using WebJobs

App Service Plans host the infrastructure that runs your web app resources. Although App Service is a managed offering, there are still virtual machines handling all of the work behind the scenes. This means that if you have an App Service Plan, you likely have idle compute infrastructure and resources available for running background tasks.

This is where WebJobs come into play. If you want to run a program or script on your Windows-based App Service infrastructure, you can do so ondemand, or on a schedule.

Use the following procedure to create a WebJob that can run as a background task:

  1. Navigate to the properties of an existing web app in the Azure portal.
  2. Scroll down on the left-hand side and select WebJobs.
  3. Click the Add button to create a new WebJob, as shown in Figure 3-4, and then click OK. The form fields you’ll need to provide values for are described here:

Name Provide a meaningful name for your WebJob.

File Upload Upload your code. Note that the supported file types are Windows (.cmd, .bat, .exe), PowerShell (.ps1), Bash (.sh), PHP (.php), Python (.py), Node.js (.js), Java (.jar).

Type Continuous WebJobs are always running, which is useful for background jobs executing on an endless loop. WebJobs also can be configured with Triggered as the type, meaning it can be invoked manually or through a schedule that you define.

Scale App Service supports the concept of autoscaling, so it’s possible that your web app might be powered by multiple virtual machines. If so, you can leave the Scale setting configured as Multi Instance, meaning your background jobs will run on every virtual machine hosting your web app.

Figure 3-4 Creating a WebJob in the Azure portal
Screenshot_91

Exam Tip

Make sure you remember the supported file types that can be used as scripts for your WebJobs in App Service.

Enable diagnostics logging for web apps

One of the biggest challenges with supporting managed services is the tradeoff of convenience versus control. When another company is managing your infrastructure, you gain a lot of efficiency but lose the ability to see everything that is happening under the hood. Fortunately, Microsoft understands how important debugging is for developers and operations staff. App Service provides built-in diagnostics to assist with debugging your web apps, and you can retrieve both web server and application diagnostic logs to aid in your troubleshooting processes.

Complete the following steps to enable diagnostic logging for web apps running in App Service:

  1. Navigate to the properties of your web app in the Azure portal.
  2. Scroll down and select App Service Logs in the left-hand pane.
  3. Click the On button for each desired logging feature, as shown in Figure 3-5, and then click Save. The settings on this screen are described here:

Application logging (Filesystem) Enable this setting to collect diagnostic traces from your web application code. Keep in mind this setting is used for interactive troubleshooting and when using

real-time log streaming. This setting turns itself off after 12 hours.

Application logging (Blob) To persist diagnostic log data for long periods of time, you can configure logging to Blob storage. Enabling this setting requires that you associate the configuration with your Azure Blog storage account.

Web Server logging You can enable web server logging to gather diagnostic information specific to the web server hosting your application. These logs can be stored on the file system or in Azure Blob storage.

Detailed error messages Enable this setting when you need more detailed error messages from the platform.

Failed request tracing Enable this setting when you need in-depth diagnostic information about failed requests and other errors being thrown by your web applications.

Figure 3-5 Configuring diagnostic logs for a web app resource
Screenshot_92

Note

Streaming Logs

It’s often useful to get near real-time logging information during the development process of an application. See the Azure docs for more details at http://docs.microsoft.com/en-us/azure/appservice/troubleshoot-diagnostic-logs.

Skill 3.2: Design and develop apps that run in containers

Containerization has completely disrupted the IT industry over the past several years, and there’s no sign of the trend slowing down. The Azure team understands this and has gone to great lengths to make it incredibly simple to deploy containerized applications in App Service.

This skill covers how to:

  • Create a container image by using a Dockerfile
  • Publish an image to the Azure Container Registry
  • Implement an application that runson an Azure Container Instance
  • Manage container settings by using code
  • Create an Azure Container Service (ACS/AKS)

Create a container image by using a Dockerfile

Container images are the artifacts that make it possible to deploy modern applications at speeds never seen before. Applications run inside containers, which are launched from container images. Think of container images as templates that can be used to start up containers. We use container images to package up our code and application dependencies, and then we can invoke running instances of these images to create containers. The Docker toolset has become the gold standard for managing this entire process.

You need to be familiar with the following procedure for creating Docker container images:

  1. Create a new text file called Dockerfile (make sure you do not add afile extension).
  2. Add commands, like those shown in Figure 3-6, to automate the build process for a Node.js application packaged into a container image. Each instruction in the Dockerfile adds a read-only layer to the container image.
  3. FROM Create a layer using the official Node.js container image based on Alpine Linux.

    WORKDIR Set the working directory for the application.

    COPY Add files from the developer machine into the Docker image.

    RUN Install all of the required npm packages that the application will need.

    CMD Use to specify the command to run when the container is started.

    Figure 3-6 Writing a Dockerfile
    Screenshot_93
  4. The final step is to use the Docker client to build your container image.Docker Desktop, which runs on Mac and Windows, is used by millions of developers to develop apps locally with Docker. You can use the Docker Build command after you’ve installed Docker Desktop to create a container image using your Dockerfile, as shown in Figure 3-7.
Figure 3-7 Running a Docker Build
Screenshot_94

Note

Dockerfile Reference

The Docker image build process is incredibly versatile. To learn more about writing your own Dockerfile, visit the official Docker reference at http://docs.docker.com/engine/reference/builder

Publish an image to the Azure Container Registry

Container registry services are used as a central location for storing container images. The Azure Container Registry (ACR) is a fully managed Docker registry service based on the open-source Docker Registry. You can build an ACR resource and integrate a variety of Azure services with your container registry. This is useful for keep images in close proximity to application infrastructure, and you can use native security controls in Azure to permit or deny access to ACR.

After you’ve built your own container images, you can push them to an ACR instance. Complete the steps in the following procedure to build an ACR resource to store your container images:

  1. Log into the Azure portal and click Create A New Resource.
  2. Select Containers from the Azure Marketplace and click ContainerRegistry.
  3. Enter the registry details, as shown in Figure 3-8, and click Create.
  4. Registry Name Enter a globally unique hostname under azurecr.io. Follow standard DNS naming rules and use alphanumeric characters only.

    Admin User Enable to use an ACR-specific username and password to log into the registry using tools like the Docker CLI.

    SKU Select the pricing tier. The tier you select dictates the performance and scalability of your ACR resource.

    Figure 3-8 Creating an ACR resource
    Screenshot_95
  5. Navigate to the properties of your ACR resource after provisioning hascompleted. Click Access Keys under Settings to retrieve the login server details and password for your ACR admin user account.
  6. Log in to your ACR instance using the Docker client (for example,docker login <your ACR name>.azurecr.io).
  7. After logging into ACR, you can publish images using the Docker CLI,as shown in Figure 3-9.

docker tag Use the docker tag command to tag your image with the ACR name in the format of <ACR hostname>/<your image name>. Note that this can also be done during build time when creating the image with docker build.

docker push Publish the image to ACR using the registry hostname included as part of the image name.

Figure 3-9 Tagging and pushing a container image to ACR
Screenshot_96

Exam Tip

You can use an Azure AD service principal to delegate access to your ACR resource in addition to an admin user.

Implement an application that runs on an Azure Container Instance

The ability to quickly spin up applications inside containers opens numerous possibilities. In addition to running containers in App Service, you also can take advantage of a model that provides containers as a service. Azure Container Instances (ACI) are a service offering that allows you to spin up containers on demand, without any existing infrastructure such as virtual machines or even App Service Plans. ACI enables you to design and deploy your applications instead of managing the infrastructure that runs them.

Use the following procedure to create an Azure Container Instance:

  1. Log into the Azure portal and click Create A New Resource.
  2. Select Containers from the Azure Marketplace and click ContainerInstances.
  3. Enter the ACI details, as shown in Figure 3-10, and click Create.

Container name Enter a meaningful name for your container.

Image type Select Public if your image is hosted in a public registry. Otherwise, choose private to enable the options to include your registry login details.

Image name Enter the exact name of your container image.

Image registry login server Provide your login server fully qualified domain name. If you’re using ACR, this will be your ACR login server name.

Image registry user name Enter the username for your registry.

Image registry password Provide your registry password.

OS type ACI supports both Linux and Windows-based containers. Select the appropriate OS type from the list.

Size ACI requires that you set resource limits for each instance of your application. This also controls the pricing for the ACI resource, and you can change the size at any time after the ACI resource has been provisioned.

Figure 3-10 Creating an Azure Container Instance
Screenshot_97

Exam Tip

ACI is a great solution for basic applications and task automation. For production scenarios that require full orchestration, Microsoft recommends running containers on Azure Kubernetes Service (AKS).

Manage container settings by using code

The Azure platform provides access to numerous language-specific SDKs and tools that you can use to programmatically manage your infrastructure. Developers can use .NET, Java, Node.js, PHP, Python, and Go to build applications that interact with your Azure resources.

In addition to the SDKs, Microsoft offers support for PowerShell and the Azure CLI for authoring operational scripts and for running ad-hoc administration commands locally or in the interactive Cloud Shell.

Azure solution architects are expected to understand how to tap into these automation capabilities to manage container settings using code. This is true whether the code is part of a robust application built by developers or used in provisioning scripts created by the DevOps team. Since the SDKs and command-line tools are all leveraging the Azure RESTful APIs behind the scenes, Azure solution architects can leverage any tool of their choice to get the job done.

Use the following procedure with Azure CLI to discover the commands you can use to manage container settings using code:

  1. Navigate to shell.azure.com in your web browser and start a new Cloud Shell instance.
  2. Run the following command to review all of the subcommandsavailable to manage your Azure Container Registry (ACR) instances:
  3. 		
    az acr --help
    		
    	
  4. Run the following command to review all of the subcommands available to manage your Azure Container Instances (ACIs):
  5. 		
    az container --help
    		
    	
  6. To create a resource, such as an Azure Container Instance (ACI), usethe az container create command:
  7. 		
    az container create 
    --resource-group Core-Infrastructure 
    --name mynodeapp 
    --image mynodeapp:latest 
    --cpu 1 
    --memory 1
    		
    	
  8. Once you have an ACI instance running, you can manage the settingsand life cycle of the instance using code, as shown in the following command that restarts the instance:
  9. 		
    az container restart --name mynodeapp
    		
    	

Exam Tip

Microsoft may test your knowledge using performance-based hands-on tasks that need to be completed in the Azure portal. Be prepared to use the Cloud Shell to gain access to Azure CLI or PowerShell, and make sure you understand how to use the help system to discover commands and the appropriate syntax to complete the task.

Create an Azure Container Service (ACS/AKS)

For production-grade applications, Microsoft recommends running containers using the fully managed Azure Kubernetes Service (AKS), making it quick and easy to deploy and manage containerized applications. AKS eliminates the burden of ongoing operations and maintenance required by managing your own Kubernetes deployment. As a hosted service, Azure handles critical Kubernetes tasks like health monitoring and maintenance, and the AKS is free to use. You pay only for the agent nodes within your clusters, not for master nodes controlling your clusters.

Use the following procedure to create an Azure Kubernetes Service (AKS) cluster using the Azure CLI:

  1. Navigate to shell.azure.com in your web browser and start a new Cloud Shell instance.
  2. Create a new resource group using the following Azure CLI command:
  3. 		
    az group create 
    --name AKS 
    --location eastus
    		
    	
  4. Create a new AKS cluster using the following Azure CLI command:
  5. 		
    az aks create 
    --resource-group AKS 
    --name AKSCluster01 
    --node-count 1 
    --enable-addons monitoring 
    --generate-ssh-keys
    		
    	
  6. After the AKS cluster has been created, you can connect and managethe cluster from the command line. First, install the AKS CLI inside your cloud shell instance using the following command:
  7. 		
    az aks install-cli
    		
    	
  8. Download your AKS credentials and configure the AKS CLI to usethem within your shell session:
  9. 		
    az aks get-credentials 
    --resource-group AKS 
    --name AKSCluster01
    		
    	
  10. Verify that your connection to the AKS cluster is working properly byusing the kubectl command to retrieve a list of cluster nodes.
  11. 		
    kubectl get nodes
    		
    	

Note

Azure Container Service (ACS)

Prior to releasing the Azure Kubernetes Service (AKS), Microsoft offered the Azure Container Service (ACS) as a managed solution that provided multiple orchestration systems as a service, including Kubernetes, Docker Swarm, and DC/OS. ACS has been deprecated, and existing ACS customers will need to migrate to AKS.

Chapter summary

Azure App Service gives you the ability to build and host web apps, mobile back ends, and RESTful APIs without having to manage

server, network, and storage infrastructure.

App Service supports applications built using common frameworks such as .NET, .NET Core, Node.js, Java, PHP, Ruby, or Python.

You can deploy web apps using the Azure portal, CLI, PowerShell, or any of the available SDKs provided by Microsoft.

App Service supports both Windows and Linux applications, including Docker containers.

Azure web apps are instances of an App Service that run within an App Service Plan.

Azure Container Instances have no dependencies on an App Service Plan.

Azure provides rich support for Docker containers and images can be built and stored in the Azure Container Registry (ACR).

The Azure Kubernetes Service (AKS) is a fully managed container orchestration system that makes it easier for teams to run containers in production.

Thought experiment

In this thought experiment, demonstrate your skills and knowledge of the topics covered in this chapter. You can find answers to this thought experiment in the next section.

You’re an Azure architect for Contoso Ltd. You’ve been asked to design and implement a solution to run a collection of line-of-business applications in the Azure cloud. Answer the following questions about leveraging Azure App Service to deploy your solution for Contoso.

  1. You need to move a web application to Azure that the HumanResources department uses to train corporate employees in the Los Angeles branch office. The web app implements an embedded video player that serves video training content to each user. All videos are produced in the highest possible quality. How should you architect the solution to reduce the latency between the end-users and the application infrastructure?
  2. You’ve been tasked with refactoring an on-premises web application torun inside a Docker container in Azure App Service. You need to ensure that container images can be accessed only by certain members of the IT staff. How can you accomplish this with the least amount of administrative effort?
  3. You currently have a nightly task that runs a PowerShell script on anon-premises Windows server. The process generates a report and sends the output to the IT support staff at Contoso headquarters. You need to move this process as part of Contoso’s migration to Azure, but you need to do so using the least amount of administrative effort. You already have plans to deploy several websites in Azure App Service. What should you do to run the nightly process in Azure?

Thought experiment answers

This section contains the solution to the thought experiment. Each answer explains why the answer choice is correct.

  1. Deploy the App Service infrastructure in a west coast-based Azureregion. This will put the infrastructure in close proximity to the users in the Los Angeles branch office. For global applications, consider using the Azure CDN service to distribute static content to edge locations available across the Azure global infrastructure.
  2. Deploy an Azure Container Registry (ACR) resource inside your Azuresubscription. Disable admin access and delegate control to the ACR resource using Role-Based Access Control (RBAC).
  3. Create an Azure WebJob within one of the existing web app resourcesrunning in your Azure subscription. Upload the PowerShell script and configure a triggered WebJob that runs on a daily schedule.
UP

LIMITED OFFER: GET 30% Discount

This is ONE TIME OFFER

ExamSnap Discount Offer
Enter Your Email Address to Receive Your 30% Discount Code

A confirmation link will be sent to this email address to verify your login. *We value your privacy. We will not rent or sell your email address.

Download Free Demo of VCE Exam Simulator

Experience Avanset VCE Exam Simulator for yourself.

Simply submit your e-mail address below to get started with our interactive software demo of your free trial.

Free Demo Limits: In the demo version you will be able to access only first 5 questions from exam.