In AWS we can define a Serverless App within a VPC. Need not be the case but is considered obviously a good practise.
Can the same be done for an AZURE App Service? I.e. can an AZURE App Service be defined as part of a VNET?
There are a couple of segments to answer your question. Here goes ...
VNet integration
Yes, you can Integrate your app with an Azure virtual network.
With Azure Virtual Network (VNets), you can place many of your Azure resources in a non-internet-routable network. The VNet Integration feature enables your apps to access resources in or through a VNet. VNet Integration doesn't enable your apps to be accessed privately.
Azure App Service has two variations:
The multitenant systems that support the full range of pricing plans except Isolated.
The App Service Environment, which deploys into your VNet and supports Isolated pricing plan apps.
If you're looking for restricting access to the App Services, the article linked in silent's comment is a good read. Especially the Access restrictions chapter.
Access restrictions let you filter inbound requests. The filtering action takes place on the front-end roles that are upstream from the worker roles where your apps are running. Because the front-end roles are upstream from the workers, you can think of access restrictions as network-level protection for your apps.
Infrastructure as Code
The blueprint (or 'cloud template') you're talking about in the comments feels like you need Infrastructure as Code to build/maintain resources for customers that all have the same structure. And while Azure has a service that's called Azure Blueprints, I think that would be overkill for the requirements you're giving.
Azure Blueprints enables cloud architects and central information technology groups to define a repeatable set of Azure resources that implements and adheres to an organization's standards, patterns, and requirements. Azure Blueprints makes it possible for development teams to rapidly build and stand up new environments with trust they're building within organizational compliance with a set of built-in components, such as networking, to speed up development and delivery.
I think you could implement what you're looking for by creating a (parameterizable) Bicep file to enable you to create/update the resources in a repeatable way as needed.
Bicep is a domain-specific language (DSL) that uses declarative syntax to deploy Azure resources. It provides concise syntax, reliable type safety, and support for code reuse. We believe Bicep offers the best authoring experience for your infrastructure-as-code solutions in Azure.
Related
I can see in Azure portal there is a nice UI to scale instances automatically.
Is there a way to change an app plan automatically?
For example, I may want to move from P1V2 to S1 during out of business hours, then scale back up again in the morning.
If there is no way to do it via the portal, I'm open to using APIs to change the app plans via a schedule functions or logic app if anyone can provide an example.
Any other suggestions are also welcome.
Thanks.
Is there a way to change an app plan automatically?
Not like there is a way to do so horizontally by using auto-scale. You can, however, accomplish this using Azure Automation.
Azure Automation delivers a cloud-based automation, operating system updates, and configuration service that supports consistent management across your Azure and non-Azure environments. It includes process automation, configuration management, update management, shared capabilities, and heterogeneous features.
Your scenario is explicitly mentioned under Common scenarios.
Azure resource lifecycle management - for IaaS and PaaS services.
Resource provisioning and deprovisioning.
Add correct tags, locks, NSGs, UDRs per business rules.
Resource group creation, deletion & update.
Start container group.
Register DNS record.
Encrypt Virtual machines.
Configure disk (disk snapshot, delete old snapshots).
Subscription management.
Start-stop resources to save cost.
Dev/test automation scenarios - Start and stop resources, scale resources, etc.
To set the App Service Plan, use Set-AzAppServicePlan from the Az.Websites module.
Team,
I have a complete running cloud service application upgraded to latest Azure SDK version and unfortunately need to dump this into a CSP subscription. But I came to know that Azure CSP supports only the Azure Resource Manager model, the cloud service is a classic deployment model. So we cannot create a cloud service within a CSP subscription.
Is there any other alternative within Azure CSP to using "cloud service" so that we can migrate with minimal changes. Please help
Firstly, here are some good reads on Microsoft Docs to help comparing the options available and make decisions based on your requirements:
(I mean requirements like Hosting features, Service Limits, 3rd party software installation and RDP access is required or not, Network isolation to a separate VNET is required or not, Cost considerations, minimum SLA, Regions available, instant deployment and auto-scaling, state management etc.):
Azure App Service, Virtual Machines, Service Fabric, and Cloud Services comparison
Decision tree for Azure compute services (This one covers a big spectrum.. simple virtual machines, Batch, Functions, Containers, AKS, ServiceFabric)
Criteria for choosing an Azure Compute Service
Also know that when looking for alternatives, it's not uncommon to make use of multiple compute or other Azure service options by breaking up an older solution into parts at the time of such migration (for e.g. A serverless compute option like Azure Function + Service Fabric + something else if needed).
Generally speaking (and without knowing much about your application from your question currently), Azure App Service and Service Fabric could be considerations IMHO when migrating from an existing Cloud Service, but this is exactly where detailed requirements help you in decision making.
On a side note, here is a list of Azure Services available in CSP - Available Azure services in Azure CSP
I published a web api in Azure via Visual Studio. I would like to know if it is PaaS or IaaS.
When I search for the answer, I find lot of definitions about the PaaS and IaaS.
But I did not find where it is clearly defined which services found in Azure portal are PaaS and Which are IaaS?
Thanks.
With best regards,
SR
IaaS (Infrastructure as a Service):
Cloud infrastructure services, known as Infrastructure as a Service (IaaS), are made of highly scalable and automated compute resources. IaaS is fully self-service for accessing and monitoring things like compute, networking, storage, and other services, and it allows businesses to purchase resources on-demand and as-needed instead of having to buy hardware outright.
PaaS (Platform as a Service):
Cloud platform services, or Platform as a Service (PaaS), provide cloud components to certain software while being used mainly for applications. PaaS provides a framework for developers that they can build upon and use to create customized applications. All servers, storage, and networking can be managed by the enterprise or a third-party provider while the developers can maintain management of the applications.
Source: SaaS vs PaaS vs IaaS: What’s The Difference and How To Choose
In short: with IaaS you use infrastructure (mostly VMs, networking, ...) from your cloud provider that you manage yourself. With PaaS you use an abstraction layer on top of some infrastructure where you do not manage the underlying infrastructure itself. You only manage the application and its data.
If you've deployed to an App Service, you're using PaaS. If you've deployed to a VM that you manage and runs IIS, you're using IaaS.
Another interesting read: What is PaaS?
My understanding so far on PaaS deployment using WebRoles or Worker Roles-
Spinning Web roles or Worker roles will create Cloud service to manage it.
However, in ARM resource group, their is no concept of Cloud service, then how are web & worker roles managed in ARM resource group?
Also I tried adding the webroles via JSON Outline in VS 2015, but no option to add webroles. So not sure if you can deploy webroles via JSON template?
Any information will be of great help.
Cloud Services have been around since the beginning of Azure.
To the deploy or manage them, you have to use the old APIs (Azure Service Management).
As far as I know, they won't be migrated to the new APIs (Azure Resource Manager), but you could use Virtual Machine Scale Sets instead.
Azure Resource Manager Web apps rely on the concept of App Service Plans, rather than cloud services. Basically this is the underlying VM(s) that the service runs on. You can specify the size and number of servers that make up the App Service plan, and then deploy on to those as a single unit.
You create an App service plan, then run web / worker roles inside that (as well as Logic, API, Functions)
As far as Web / Worker roles are concerned, App Service Plans do not draw a distinction between the two. You simply deploy code to it and it will run it however it is packaged. See here
The concept of cloud services simply don't exist within the Azure Resource Management model.
You can find a template for deploying a Web App here
To several developers on my team, they describe Azure Logic Apps as an evolution of Workflow Foundation.
In addition, WCF services hosted in IIS are more evolved on Service Fabric.
Are these analogies correct? Are better ones available?
Azure Logic Apps is a Platform as a Service offering to give you simple integration with a number of connectors (from SaaS to on-premises databases like DB2) out of the box. Optimized for cloud scale, simple deployments, and platform capabilities like retry policies and alerting.
It's a little challenging when drawing the comparison between Workflow Foundation and Azure Logic Apps. From a basic workflow perspective they both have similar capabilities that have control flow, scopes and call outs to actions/activities. WF is a framework so it gives you certain control over the host and storage configuration for persistence, and allows for interacting with MSDTC for local ACID transactional resources and closely coupled to WCF -- where Logic Apps is cloud hosted so you don’t need to be concerned with how to host or scale the Logic App.
Also it’s a cloud based service which relies on communication via REST for describing APIs and, as a cloud based service, relies on eventual consistency and idempotent calls instead of distributed transactions.
I guess in short I'd summarize in that yes, many scenarios that people would have historically used workflow foundation for could now use Logic Apps (and those scenarios get many advantages from the platform), but it's a different level of control and approach -- similar almost to an Azure Web Site vs. VM with IIS.