Skill 4.1: Design Azure App Service Web Apps Part 3
Posted by Superadmin on November 13 2018 11:00:48

Skill 4.1: Design Azure App Service Web Apps Part 3

 

 

Mapping custom domain names

Web Apps support mapping to a custom domain that you purchase from a third-party registrar either by mapping the custom domain name to the virtual IP address of your website or by mapping it to the <yourwebappname>.azurewebsites.net address of your website. This mapping is captured in domain name system (DNS) records that are maintained by your domain registrar. Two types of DNS records effectively express this purpose:

 A records (or, address records) map your domain name to the IP address of your website.

 CNAME records (or, alias records) map a subdomain of your custom domain name to the canonical name of your website, expressed as <yourwebappname>.azurewebsites.net.

Table 4-1 shows some common scenarios along with the type of record, the typical record name, and an example value based on the requirements of the mapping.

TABLE 4-1 Mapping domain name requirements to DNS record types, names, and values

Requirement

Type of Record

Record Name

Record Value

contoso.com should map to my web app IP address

A

@

138.91.240.81

IP address

contoso.com and all subdomains demo.contoso.com and www.contoso.com should map to my web app IP address

A

*

138.91.240.81

IP address

www.contoso.com should map to my web app IP address

A

www

138.91.240.81

IP address

www.contoso.com should map to my web app canonical name in Azure

CNAME

www

contoso.azurewebsites.net

Canonical name in Azure

Note that whereas A records enable you to map the root of the domain (like contoso.com) and provide a wildcard mapping for all subdomains below the root (like www.contoso.com and demo.contoso.com), CNAME records enable you to map only subdomains (like the www in www.contoso.com).

Configuring a custom domain

To configure a custom domain, you need access to your domain name registrar setup for the domain while also editing configuration for your web app in the Azure portal.

 



Exam Tip

Use of a custom domain name is not supported by the Free App Service plan pricing tier. All other pricing tiers including Shared, Basic, Standard, and Premium support custom domains.

 

These are the high-level steps for creating a custom domain name for your web app:

  1. Navigate to the blade of your web app in the portal accessed via https://portal.azure.com.

  2. Ensure your web app uses an App Service plan that supports custom domains.

  3. Click Custom Domains from the left navigation pane.

  4. On the Custom Domains blade (Figure 4-16) note the external IP address of your web app.

FIGURE 4-16 Part of the custom domain blade for the web app

  1. Select Add Hostname to open the Add Hostname blade. Enter the hostname and click Validate for the portal to validate the state of the registrar setup with respect to your web app. You can then choose to set up an A record or CNAME record (Figure 4-17).

FIGURE 4-17 Part of the Add hostname blade

  1. To set up an A record, select A Record and follow the instructions provided in the blade. It guides you through the following steps for an A record setup:

    1. You first add a TXT record at your domain name registrar, pointing to the default Azure domain for your web app, to verify you own the domain name. The new TXT record should point to <yourwebappname>.azurewebsites.net.

    2. In addition, you add an A record pointing to the IP address shown in the blade, for your web app.

  2. To set up a CNAME record, select CNAME record, and follow the instructions provided in the blade.

    1. If using a CNAME record, following the instructions provided by your domain name registrar, add a new CNAME record with the name of the subdomain, and for the value, specify your web app’s default Azure domain with <yourwebappname>.azurewebsites.net.

  3. Save your DNS changes. Note that it may take some time for the changes to propagate across DNS. In most cases, your changes are visible within minutes, but in some cases, it may take up to 48 hours. You can check the status of your DNS changes by doing a DNS lookup using third-party websites like http://mxtoolbox.com/DNSLookup.aspx.

  4. After completing the domain name registrar setup, from the Custom Domains blade, click Add Hostname again to configure your custom domain. Enter the domain name and select Validate again. If validation has passed, select Add Hostname to complete the assignment.

 

Important: Ip Address Changes

The IP address that you get by following the preceding steps will change if you move your web app to a Free web hosting plan, if you delete and recreate it, or potentially if you subsequently enable SSL with the IP Based type. This can also happen unintentionally if you reach your spending limit and the web app is changed to the Free web hosting plan mode. If the IP address changes and you are using an A record to map your custom domain to your web app, you will need to update the value of the A record to use the new IP address.

 

Configuring SSL certificates

To configure SSL certificates for your custom domain, you first need to have access to an SSL certificate that includes your custom domain name, including the CNAME if it is not a wildcard certificate.

To assign an SSL certificate to your web app, follow these steps:

  1. Navigate to the blade of your web app in the portal accessed via https://portal.azure.com.

  2. Click SSL certificates from the left navigation pane.

  3. From the SSL certificates (Figure 4-18) blade you may choose to import an existing app service certificate, or upload a new certificate.

FIGURE 4-18 SSL certificates blade

  1. You can then select Add Binding to set up the correct binding. You can set up bindings that point at your naked domain (contoso.com), or to a particular CNAME (www.contoso.comdemo.contoso.com), so long as the certificate supports it.

  2. You can choose between Server Name Indication (SNI) or IP based SSL when you create the binding for your custom domain (Figure 4-19).

FIGURE 4-19 Part of the Add Binding blade

 

More Info: SSL Certificates and Bindings

For more information on purchasing SSL certificates and setting up Web App certificates see https://docs.microsoft.com/en-us/azure/app-service/web-sites-purchase-ssl-web-site.

 

Manage Web Apps by using the API, Azure PowerShell, and Xplat-CLI

In addition to configuring and managing Web Apps via the Azure portal, programmatic or script-based access is available for much of this functionality and can satisfy many development requirements.

The options for this include the following:

 Azure Resource Manager (ARM) Azure Resource Manager provides a consistent management layer for the management tasks you can perform using Azure PowerShell, Azure CLI, Azure portal, REST API, and other development tools. For more information on this see https://docs.microsoft.com/en-us/azure/azure-resource-manager/.

 REST API The REST API enables you to deploy and manage Azure infrastructure resources using HTTP request and JSON payloads. For more details on this see https://docs.microsoft.com/en-us/rest/api/resources/.

 Azure PowerShell Azure PowerShell provides cmdlets for interacting with Azure Resource Manager to manage infrastructure resources. The PowerShell modules can be installed to Windows, macOS, or Linux. For additional details seehttps://docs.microsoft.com/en-us/powershell/azure/overview.

 Azure CLI Azure CLI (also known as XplatCLI) is a command line experience for managing Azure resources. This is an open source SDK that works on Windows, macOS, and Linux platforms to create, manage, and monitor web apps. For details seehttps://docs.microsoft.com/en-us/cli/azure/overview.

 

More Info: Managing App Services

See the following links that provide samples for managing App Services using Azure and Azure CLI at: https://docs.microsoft.com/en-us/azure/app-service/app-service-powershell-samples and https://docs.microsoft.com/en-us/azure/app-service/app-service-cli-samples.

 

Implement diagnostics, monitoring, and analytics

Without diagnostics, monitoring, and analytics, you cannot effectively investigate the cause of a failure, nor can you proactively prevent potential problems before your users experience them. Web Apps provide multiple forms of logs, features for monitoring availability and automatically sending email alerts when the availability crosses a threshold, features for monitoring your web app resource usage, and integration with Azure Analytics via Application Insights.

 



Exam Tip

App Services are also governed by quotas depending on the App Service plan you have chosen. Free and Shared apps have CPU, memory, bandwidth, and filesystem quotas; when reached the web app no longer runs until the next cycle, or the App Service plan is changed. Basic, Standard, and Premium App Services are only limited by filesystem quotas based on the SKU size selected for the host.

 

 

More Info: QUOTAS

For the latest listing of specific quotas, limits, and features, visit https://docs.microsoft.com/azure/azure-subscription-service-limits#app-service-limits.

 

Configure diagnostics logs

A web app can produce many different types of logs, each focused on presenting a particular source and format of diagnostic data. The following list describes each of these logs:

 Event Log The equivalent of the logs typically found in the Windows Event Log on a Windows Server machine, this is a single XML file on the local file system of the web application. In the context of web apps, the Event Log is particularly useful for capturing unhandled exceptions that may have escaped the application’s exception handling logic and surfaced to the web server. Only one XML file is created per web app.

 Web server logs Web server logs are textual files that create a text entry for each HTTP request to the web app.

 Detailed error message logs These HTML files are generated by the web server and log the error messages for failed requests that result in an HTTP status code of 400 or higher. One error message is captured per HTML file.

 Failed request tracing logs In addition to the error message (captured by detailed error message logs), the stack trace that led to a failed HTTP request is captured in these XML documents that are presented with an XSL style sheet for in-browser consumption. One failed request trace is captured per XML file.

 Application diagnostic logs These text-based trace logs are created by web application code in a manner specific to the platform the application is built in using logging or tracing utilities.

To enable these diagnostic settings from the Azure portal, follow these steps:

  1. Navigate to the blade of your web app in the portal accessed via https://portal.azure.com.

  2. Select the Diagnostics Logs tab from the left navigation pane. The Diagnostics Logs blade (Figure 4-20) will appear to the right. From this blade you can choose to configure the following:

    1. Enable application logging to the file system for easy access through the portal.

    2. Enable storing application logs to blob storage for longer term access.

    3. Enable Web Server logging to the file system or to blob storage for longer term access.

    4. Enable logging detailed error messages.

    5. Enable logging failed request messages.

FIGURE 4-20 The diagnostics logs blade

  1. If you enable files system logs for application and Web Server logs, you can view those from the Log Streaming tab (Figure 4-21).

FIGURE 4-21 The log streaming blade

  1. You can access more advanced debugging and diagnostics tools from the Advanced Tools tab (Figure 4-22).

FIGURE 4-22 The Kudu web site

Table 4-2 describes where to find each type of log when retrieving diagnostic data stored in the web app’s local file system. The Log Files folder is physically located at D:\home\LogFiles.

TABLE 4-2 Locations of the various logs on the web app’s local file system

Log Type

Location

Event Log

\LogFiles\eventlog.xml

Web server logs

\LogFiles\http\RawLogs\*.log

Detailed error message logs

\LogFiles\DetailedErrors\ErrorPage######.htm

Failed request tracing logs

\LogFiles\W3SVC*\*.xml

Application diagnostic logs (.NET)

\LogFiles\Application\*.txt

Deployment logs

\LogFiles\Git. This folder contains logs generated by the internal deployment processes used by Azure web apps, as well as logs for Git deployments

 



Exam Tip

You can retrieve diagnostics logs data by using Visual Studio Server Explorer, the Site Control Management (SCM) website (also known as Kudu), the command line in Windows PowerShell or the xplat-cli, or direct download via FTP to query Table or Blob storage.

 

Configure endpoint monitoring

App Services provide features for monitoring your applications directly from the Azure portal. There are many metrics available for monitoring, as listed in Table 4-3.

TABLE 4-3 List of available metrics that are monitored for your web apps

METRIC

DESCRIPTION

Average Response Time

The average time taken for the app to serve requests in ms.

Average memory working set

The average amount of memory in MiBs used by the app.

CPU Time

The amount of CPU in seconds consumed by the app.

Data In

The amount of incoming bandwidth consumed by the app in MiBs.

Data Out

The amount of outgoing bandwidth consumed by the app in MiBs.

Http 2xx

Count of requests resulting in a http status code >= 200 but < 300.

Http 3xx

Count of requests resulting in a http status code >= 300 but < 400.

Http 401

Count of requests resulting in HTTP 401 status code.

Http 403

Count of requests resulting in HTTP 403 status code.

Http 404

Count of requests resulting in HTTP 404 status code.

Http 406

Count of requests resulting in HTTP 406 status code.

Http 4xx

Count of requests resulting in a http status code >= 400 but < 500.

Http Server Errors

Count of requests resulting in a http status code >= 500 but < 600.

Memory working set

Current amount of memory used by the app in MiBs.

Requests

Total number of requests regardless of their resulting HTTP status code.

You can monitor metrics from the portal and customize which metrics should be shown by following these steps:

  1. Navigate to the blade of your web app in the portal accessed via https://portal.azure.com.

  2. Select the Overview tab from the left navigation pane. This pane shows a few default charts for metrics including server errors, data in and out, requests, and average response time (Figure 4-23 and 4-24).

FIGURE 4-23 Metrics showing http server errors, data in, and data out

FIGURE 4-24 Metrics showing requests and average response time

  1. You can customize the metrics (Figure 4-25) shown by creating new graphs and pinning those to your dashboard.

    1. Click one of the graphs. You’ll be taken to edit the metrics blade for the graph, limited to compatible metrics for the selection.

    2. Select the metrics to add or remove from the graph.

FIGURE 4-25 Selecting metrics to show on the graph

  1.  
    1. Save the graph to the dashboard. You can now navigate to your portal dashboard to view the selected metrics without having to navigate to the web app directly. From here you can also edit the graph by selecting it, editing metrics, and saving back to the same pinned graph.

  2. You can also add alerts for metrics. From the Metrics blade click Add Metric alert from the command bar at the top of the blade. This takes you to the Add Rule blade (Figure 4-26) where you can configure the alert. To configure an alert for slow requests, as an example, do the following:

    1. Provide a name for the rule.

    2. Optionally change the subscription, resource group, and resource but it will default to the current web app.

    3. Choose Metrics for the alert type.

FIGURE 4-26 Part of the Add rule blade

  1.  
    1. Choose the metric from the drop-down list (Figure 4-27), in this case Average Response Time with a condition greater than a threshold of 2 seconds over a 15 minute period.

FIGURE 4-27 Part of the Add rule blade where you can set the metric values

  1.  
    1. From the same blade you can also indicate who to notify, configure a web hook, or even configure a Logic App to produce a workflow based on the alert.

  2. Click OK to complete the alert configuration.

  3. You can view the alerts from the Alerts tab of the navigation pane.

 

Note: MONITORING QUOTAS

You can also monitor quotas by selecting the Quotas tab from the left navigation pane. This gives you an indication of where you stand with your quotas based on the App Service plan.

 

Design and configure Web Apps for scale and resilience

App Services provide various mechanisms to scale your web apps up and down by adjusting the number of instances serving requests and by adjusting the instance size. You can, for example, increase the number of instances (scale out) to support the load you experience during business hours, but then decrease (scale in) the number of instances during less busy hours to save costs. Web Apps enable you to scale the instance count manually, automatically via a schedule, or automatically according to key performance metrics. Within a datacenter, Azure load balances traffic between all of your Web Apps instances using a round-robin approach.

You can also scale a web app by deploying to multiple regions around the world and then utilizing Microsoft Azure Traffic Manager to direct web app traffic to the appropriate region based on a round robin strategy or according to performance (approximating the latency perceived by clients of your application). Alternately, you can configure Traffic Manager to use the alternate regions as targets for failover if the primary region becomes unavailable.

In addition to scaling instance counts, you can manually adjust your instance size (scale up or down). For example, you can scale up your web app to utilize more powerful VMs that have more RAM memory and more CPU cores to serve applications that are more demanding of memory consumption or CPU utilization, or scale down your VMs if you later discover your requirements are not as great.

 



Exam Tip

Web Apps provide a high availability SLA of 99.9 percent using only a single standard instance. You do not need to provision more than one instance to benefit from this SLA.

 

To scale your web app, follow these steps:

  1. Navigate to the blade of your web app in the portal accessed via https://portal.azure.com.

  2. Select the App Service plan tab from the left navigation pane. This takes you to the App Service Plan blade.

  3. Select the Scale Up tab from the left navigation pane and you’ll be taken to a blade to select the new pricing tier for your web app VMs.

  4. Select the Scale Out tab and you’ll be taken to the Scale Out blade to choose the number of instances to scale out or into (Figure 4-28).

FIGURE 4-28 The scale out blade.

  1. If you select Enable autoscale, you can create conditions based on metrics and rules in order for the site to automatically adjust instance count.

 

More Info: MONITORING, ANALYTICS, AND AUTOSCALING

For more information on monitoring web apps, analytics, and setting up autoscale, see:

https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-azure-web-apps-analyticshttps://docs.microsoft.com/en-us/azure/application-insights/app-insights-analyticshttps://docs.microsoft.com/en-us/Azure/monitoring-and-diagnostics/insights-autoscale-best-practices, and https://docs.microsoft.com/en-us/Azure/monitoring-and-diagnostics/insights-how-to-scale.