© Copyright Microsoft Corporation. All rights reserved.

FOR USE ONLY AS PART OF MICROSOFT VIRTUAL TRAINING DAYS PROGRAM. THESE MATERIALS ARE NOT AUTHORIZED
FOR DISTRIBUTION, REPRODUCTION OR OTHER USE BY NON-MICROSOFT PARTIES.
Microsoft Azure Virtual
Training Day: Azure for
Developers
Course Agenda Module 1 Module 4
Overview of Azure and App Deploying Apps in Azure App
Related Services Service

Module 2 Module 5
Overview of Various Database Overview of Integration options
Options in Azure in Azure for your web apps

Module 3 Module 6
Manage your Data with Azure Optimize and Monitor your
Cosmos DB Apps
Overview of Azure
and App related services
In this module…

Hosting options

Developer tools

Demo: Visual Studio Code and extensions

Hosting options
Cloud application hosting continuum

Infrastructure as a Service Platform as a Service Serverless Platform

What you get

Curated VM Hosting Curated Execution Scale to ‘zero’

Environment

Challenges
Patching, Management, Limitation of execution Cold starts, long running
Deployment environment, not event- processes
driven

More Control of execution environment Less Control of execution environment

Less Agile development & deployment More Agile development & deployment
Shared Responsibility Model
Responsibility On- IaaS PaaS SaaS
Balance of control and responsibility depends on the Prem
category of the service
Applications
MOVE-IN READY
Data

Runtime
SOME ASSEMBLY REQUIRED
Middleware

BUILD FROM THE GROUND UP O/S

Virtualization

Servers

Storage

Customer Microsoft Networking

Hosting options

Azure App Service Azure Kubernetes Service

Static Web Apps Azure Functions

Azure Container Apps Azure Spring Apps

Azure App Service

High-productivity Fully-managed Enterprise-grade

for developers

Any Language Built-in Backup

Secure and compliant
Blue/Green Deployment Always Available
Integrate with backend
Rich Ecosystem Scale on demand MS Identity

Containers Built-in infrastructure CI/CD Integration

management

99.9% SLA
Azure Static Web Apps

Static web content

Global Hosting HTML, JavaScript,

images, CSS

End-to-end development
experience
Azure Functions
Streamlined build and
deployment Azure Static Web
Apps managed
service
Azure Container Apps
Serverless containers for microservices
Public API endpoints

Microservices

Event-driven processing

Background processing

Web Apps
Azure Kubernetes Service
Simplify the deployment, management and operations of your containers.

Deploy and Manage Scale and run applications Secure your Kubernetes
Kubernetes with ease with confidence environment

Accelerate Containerized Open-source tools & APIs DevOps CI/CD practices

app development
Azure Functions

Optimized for Event Driven Functions

Event-driven programming model.
Elastic scale
Support for C#, JavaScript, TypeScript, Java, Python
and more
Open source and can run anywhere
Industry leading tools from GitHub, VS ode and
more.
Azure Functions

Events Functions Outputs

React to timers, HTTP, Functions in C#, Send results to ever-

or events from your Node.JS, Java, and growing collection of
favorite Azure Services more services
Azure Spring Apps
Build and deploy Spring Boot applications with a fully managed service, jointly built and
operated with VMware.

More choices and full integration into Azure’s ecosystem and services

Fully managed Built-in app Ease of

infrastructure lifecycle monitoring
management

Enterprise ready
Developer tools
What is Git? and Why do we Need it?

A form of version control

Uses concept of code repositories

Tracks changes made within repositories

Allows for cross-team collaboration

GitHub
What is GitHub?

GitHub is the leader in Git repository

hosting. Some key features of GitHub

Expertise sharing
Cross-team collaboration
Improved code reuse
Codespaces on GitHub
GitHub Actions (CI/CD)
Increased velocity Learn about GitHub
Benefits of GitHub

Largest open-source community

Features of GitHub:
• Automate from code to cloud
• Securing software, together
• Seamless code review
• Code and documentation in one place
• Coordinate
• Manage teams
Developer tools: Visual Studio Code
• Most popular development
environment.

• Developed in an open ecosystem:

32,000+ extensions, community
built-in

• Built in Git commands.

• Built-in IntelliSense to provide

smart completions based on
variable types, function
definitions, and imported
modules.
Demo: Visual Studio Code
and extensions
Overview of Various
Database Options in Azure
In this module…

Azure database options

Azure database options
Azure database services offer the best of the cloud

Azure Database Azure Database Azure Azure Cache

Azure SQL Azure Database for for MySQL for MariaDB Cosmos DB for Redis
PostgreSQL

Fully managed Limitless scale Open and flexible Intelligent security

Focus on your applications,
not your infrastructure with
fully managed and
intelligent database
services
Build for future growth with
near-limitless, dynamic
scaling plus guaranteed high
availability around the world.
Choose the engine, Develop secure apps in the
deployment, resources cloud with policy-based
languages and offers security and compliance
that from the world’s most trusted
fit your needs. cloud.
Azure SQL

Protect your data with Serverless SKUs available

The family of SQL cloud databases Use your
built-in, real-time for on-demand
existing SQL
providing flexible options for experience in intelligent security workloads
application migration, the cloud

modernization, and development

Fully-managed and Save with the lowest

always up to date total cost of ownership
Popular use cases
• Seamlessly migrate your HIPAA–compliant SQL Server apps to Azure Virtual Machines
• Modernize existing SQL Server workloads in a PaaS environment with Azure SQL Managed Instance
• Simplify .NET app integration with native support in Azure SQL Database and App Service
 Azure SQL Server on Virtual Machines

Save money and simplify Lower total cost Simple, familiar, and
of ownership powerful SQL Server
management of security and (TCO)
high availability at no
additional cost

Robust and Built-in and free

simple HA/DR security
and management

Popular use cases

• Seamlessly migrate your HIPAA–compliant SQL Server apps to Azure Virtual Machines
• Automatically backup data and make it available across multiple regions running SQL Server on Azure Virtual Machines
 Azure Databases for MySQL and MariaDB

Fully managed flexible Highly Available with Simplified developer

Innovate faster with a fully MySQL database up to 99.99 SLA experience through
tight integration with
managed community database Azure services

Intelligent performance Industry-leading security

and scale and compliance
Popular use cases
• Migrate apps to Azure Database for MySQL or MariaDB for help with PCI DSS compliance
• Modernize factory dashboards by adding Java applications built using Azure App Service on Azure Database for MySQL
• Build web apps that use Azure Database for MySQL and a popular CMS (WordPress or Drupal) or enterprise packaged application like
Alfresa
 Azure Database for PostgreSQL

Highly available and Open-source Seamless developer

Build scalable applications flexible PostgreSQL community experience
innovation
with a fully managed
community database

Advanced data security Intelligent

and compliance performance and
scale

Popular use cases

• Move financial core systems running Oracle on-premises to Azure Database for PostgreSQL
• Modernize factory dashboards with Java applications built with Azure App Service on Azure Database for PostgreSQL
• Spin up cloud-native containers for ecommerce applications using Azure Database for PostgreSQL and Azure Kubernetes Service
(AKS)
 Azure Cosmos DB

Simplified app Mission-critical ready

development
Build or modernize scalable,
high-performance apps
with a NoSQL database

Guaranteed speed Fully managed and

at any scale cost-effective

Popular use cases

• Migrate product catalogs stored in MongoDB or Cassandra on-premises to a fully managed cloud
• Combine historical transactional data with global market and social sentiment data for risk analysis and advanced analytics
• Build cloud native ecommerce apps that provide real-time personalization and product recommendations while handling
unpredictable traffic patterns
 Azure Cache for Redis

Spend time on Easily integrate into the

development, not enterprise-grade Azure
operations cloud
 Speed up
applications with a
fully managed
distributed cache
Build responsive Enjoy active global
and scalable distribution and
applications leading availability

Popular use cases

• Boost the speed of your .NET or Java web apps by caching frequently accessed data like pricing or inventory information
• Quickly and efficiently store session information like access tokens or user metadata with built-in global distribution
• Move the on-premises caches that support your relational databases to Azure Cache for Redis when you migrate corresponding
workloads to Azure
Azure Storage
Manage your data with Azure
Cosmos DB
In this module…

Azure Cosmos DB overview

Azure Cosmos DB resource hierarchy

Demo: Provisioning an Azure Cosmos DB instance

Azure Cosmos DB overview
Azure Cosmos DB benefits

Global replication: Automatic and synchronous multi-region replication, supports

automatic and manual failover

Varied consistency levels: Offers five consistency models. Provides control over
performance-consistency tradeoffs, backed by comprehensive SLAs

Low latency: Serve <10 ms read and <10 ms write requests at the 99th percentile

Elastic scale-out: Elastically scale throughput from 10 to 100s of millions of

requests/sec across multiple regions
Consistency levels
Azure Cosmos DB approaches data consistency as a spectrum of
choices instead of two extremes.
Azure Cosmos DB APIs

 Azure Cosmos DB for NoSQL Open-

source
Evolving
Data Model
 Azure Cosmos DB for MongoDB
 Azure Cosmos DB for PostgreSQL
 Azure Cosmos DB for Apache Cassandra
 Azure Cosmos DB for Table High Flexible
Performance Data Model
 Azure Cosmos DB for Apache Gremlin

Elastic
Scalability
Azure Cosmos DB resource
hierarchy
Azure Cosmos DB structure
Elements in an Azure
Cosmos account
An Azure Cosmos container is
the fundamental unit of
scalability.
Azure Cosmos DB
transparently partitions your
container using the logical
partition key that you specify
in order to elastically scale
your provisioned throughput
and storage.
Azure Cosmos databases
You can create one or multiple
Azure Cosmos databases
under your account. A
database is analogous to a
namespace.
A database is the unit of
management for a set of
Azure Cosmos containers.
Azure Cosmos containers
An Azure Cosmos container is
the unit of scalability both for
provisioned throughput and
storage.
A container is horizontally
partitioned and then
replicated across multiple
regions.
Azure Cosmos items
Depending on which API you
use, an Azure Cosmos item
can represent either a
document in a collection, a
row in a table, or a node or
edge in a graph.
Azure Cosmos DB example
Demo: Provisioning an
Azure Cosmos DB instance
Deploying Apps in Azure App Service
In this module…

Azure App Service overview

Configure web app settings

Scale apps in Azure App Service

Deployment slots in Azure App Service

Demo: Deploying the customer feedback app

Azure App Service overview
Azure App Service benefits
Azure App Service is an HTTP-based service for hosting web applications, REST APIs, and mobile back ends.

Built-in auto scale Continuous Deployment slots App Service on

support integration/ You can easily add Linux
Supports scale deployment deployment slots to Hosts web apps
up/down or scale support an App Service web natively on Linux for
out/in. Azure DevOps, app. supported
GitHub, Bitbucket, application stacks.
Depending on the
usage of the web FTP, or a local Git Run custom Linux
app, you can scale repository on your containers (also
your app up/down development known as Web App
the resources of the machine. for Containers).
underlying machine
that is hosting your
web app.
Service plans

Introduction The pricing tier of an How does my app run What if my app needs
An App Service plan App Service plan and scale? more capabilities or
defines a set of compute • Shared compute  In the Free and Shared features?
resources for a web app to • Dedicated compute tiers, an app receives • Your App Service plan
run. CPU minutes on a can be scaled up and
• Isolated
One or more apps can be shared VM instance and down at any time.
• Consumption can't scale out.
configured to run on the
same computing resources  In other tiers, an app
(or in the same App runs on all the VM
Service plan). instances configured in
the App Service plan.
Service plans support multiple apps

App Service plan

Deploy to App Service
Every development team has unique requirements that can make implementing an efficient
deployment pipeline difficult on any cloud service. App Service supports both automated and manual
deployment.

Automated deployment Manual deployment Use deployment slots

• Azure DevOps • Git Whenever possible, use
• GitHub • CLI deployment slots when deploying
a new production build.
• Bitbucket • Zipdeploy
• FTP/S
Authentication and authorization in App Service
Azure App Service provides built-in authentication and authorization support, so you can sign in users
and access data by writing minimal or no code in your web app, API, and mobile back end, and also
Azure Functions.
Why use the built-in Identity providers How it works Authentication flow Authorization
authentication enabled by default The authentication and 1. Sign user in behavior
Saves time by providing • Microsoft Identity authorization module • Allow unauthenticated
2. Post-authentication
out-of-the-box Platform run in the same sandbox requests
authentication with as your application 3. Establish
• Facebook authenticated • Require
federated identity code. When it's enabled,
every incoming HTTP session authentication
providers. • Google
request passes through
Allows you to focus on • Twitter 4. Serve authenticated
it before being handled
the rest of your content
by your application
application. code.
App Service networking features
Multitenant App Service networking features Single-tenant networking
Azure App Service is a distributed system. All the Azure App Service Environment hosts Isolated SKU
roles in an App Service deployment exist in a plans directly in your Azure virtual network. There
multitenant network. are two deployment types for an App Service
• Inbound features Environment.
‒ App-assigned address • External: Exposes the hosted apps by using an
‒ Access restrictions IP address that is accessible on the internet.
‒ Service endpoints • Internal load balancer: Exposes the hosted
‒ Private endpoints apps on an IP address inside your virtual
• Outbound features network.
‒ Hybrid Connections
‒ Gateway-required VNet Integration
‒ VNet Integration
Configure web app settings
Configure application settings
In App Service, app settings are passed as environment variables to the application code.

Adding and editing settings

• To add a new app setting, click New
application setting.
• To add or edit app settings in bulk, click
the Advanced edit button.

Configure connection strings

Adding and editing connection strings
follow the same principles as other app
settings and they can also be tied to
deployment slots.
Configure app settings in bulk
[
{
"name": "name-1",
"value": "conn-string-1",
"type": "SQLServer",
"slotSetting": false
},
{
"name": "name-2",
"value": "conn-string-2",
"type": "PostgreSQL",
"slotSetting": false
},
...
]
Configure general settings
Stack settings Platform settings
The software stack to run Configure settings for the
the app, including the hosting platform,
language and SDK including:
versions. • Bitness (32-bit or 64-bit)
• WebSocket protocol
• Always On
• Managed pipeline version
• HTTP version
• ARR affinity
Debugging Incoming client
Enable remote debugging certificates
for ASP.NET , ASP.NET Require client certificates
Core, or Node.js apps. in mutual authentication.
TLS mutual authentication
is used to restrict access to
your app by enabling
different types of
authentication for it.
Configure path mappings
Linux and containerized apps
You can add custom storage for your containerized
app. Containerized apps include all Linux apps and
Windows and Linux custom containers running on
App Service.
Windows apps (uncontainerized)
• For Windows apps, you can customize the IIS
handler mappings and virtual applications and
directories.
• Handler mappings let you add custom script
processors to handle requests for specific file
extensions.
Enable diagnostic logging

Enable application logging (Windows) Add log messages in code

Enable application logging Stream logs

(Linux/Container)

Enable web server logging Access log files

Configure security certificates
Options for adding certificates
in App Service
• Free App Service managed
certificate
• Purchase an App Service
certificate
• Import a certificate from Key
Vault
• Upload a private certificate
• Upload a public certificate
Manage app features

Basic concepts Feature flag usage in code Feature flag declaration Feature flag repository
• Feature flag 1. if (featureFlag) • Each feature flag has two • Azure App Configuration is
parts, a name and a list of designed to be a centralized
• Feature manager 2. bool featureFlag =
one or more filters repository for feature flags.
true;
• Filter
• The feature manager • You can use it to define
3. bool featureFlag =
supports appsettings.json as a different kinds of feature
isBetaUser();
configuration source for flags and manipulate their
4. if (featureFlag) { feature flags. states
} else { • Easily access these feature
} flags from your application
Scale apps in Azure App
Service
Examine autoscale factors

What is autoscaling?
Autoscaling is a cloud system or process that adjusts available resources based on the current demand. Autoscaling performs
scaling in and out, as opposed to scaling up and down.

Azure App Service Autoscaling

Autoscaling in Azure App Service monitors the resource metrics of a web app as it runs. It detects situations where additional
resources are required to handle an increasing workload, and ensures those resources are available before the system becomes
overloaded.

When should you consider autoscaling?

• Autoscaling provides elasticity for your services.
• Autoscaling improves availability and fault tolerance.
• Autoscaling works by adding or removing web servers.
• Autoscaling isn't the best approach to handling long-term growth.
Identify autoscale factors

Autoscaling and the App Service Plan Autoscale actions

Autoscale conditions Pairing autoscale rules

Metrics for autoscale rules Combining autoscale rules

How an autoscale rule analyzes metrics

 Enable autoscale in App Service
Enable autoscaling
To get started with autoscaling
navigate to to your App Service
plan in the Azure portal and
select Scale out (App Service
plan) in the Settings group in
the left navigation pane.
Add scale conditions
Once you enable autoscaling,
you can edit the automatically
created default scale condition,
and you can add your own
custom scale conditions.
Create scale rules
A metric-based scale condition
contains one or more scale rules.
You use the Add a rule link to
add your own custom rules.
Monitor autoscaling
activity
The Azure portal enables you to
track when autoscaling has
occurred through the Run
history chart. This chart shows
how the number of instances
varies over time, and which
autoscale conditions caused
each change.
Autoscale best practices
Ensure the maximum and minimum values are different and have an adequate margin between them

Choose the appropriate statistic for your diagnostics metric

Choose the thresholds carefully for all metric types

Considerations for scaling when multiple rules are configured in a profile

Always select a safe default instance count

Configure autoscale notifications

Deployment slots in Azure
App Service
Staging environments
When you deploy your web app, web app on Linux, mobile back end, or API app to Azure App Service, you
can use a separate deployment slot instead of the default production slot when you're running in the
Standard, Premium, or Isolated App Service plan tier.

Deploying your application to a non-production slot has the following benefits:

• You can validate app changes in a staging deployment slot before swapping it with the production
slot.
• Deploying an app to a slot first and swapping it into production makes sure that all instances of the
slot are warmed up before being swapped into production.
• After a swap, the slot with previously staged app now has the previous production app.
Swap deployment slots
You can swap deployment slots on your app's Deployment slots page and the Overview page.

Manually swapping deployment slots

Configure auto swap

Specify custom warm-up

Roll back and monitor a swap

Slot swapping details
Applies the following settings from the target If auto swap is enabled with custom warm-up,
slot (e.g., the production slot) to all instances of trigger Application Initiation by making an HTTP
the source slot: request to the application root ("/") on each
• Slot-specific app settings and connection strings, if instance of the source slot.
applicable.
• Continuous deployment settings, if enabled.
If all instances on the source slot are warmed up
• App Service authentication settings, if enabled.
successfully, swap the two slots by switching the
routing rules for the two slots.
Wait for every instance in the source slot to
complete its restart.

If local cache is enabled, trigger local cache Now that the source slot has the pre-swap app
initialization by making an HTTP request to the previously in the target slot, perform the same
application root ("/") on each instance of the operation by applying all settings and restarting
source slot. the instances.
Demo: Deploying the
customer feedback app
Overview of integration options
available in Azure for your web apps
In this module…

Azure API Management

Azure Logic Apps

Azure Key Vault

Azure DevOps and GitHub

Azure Cognitive Services

Azure API Management
Azure API Management overview

Securely connect applications

Simplify integration
API Management resources
Logic Apps, Azure Service Bus, and Azure
Event Grid
Azure API Management service components

The role of API management API Management components

• Ensure a successful API program through • API gateway
developer participation, business insight, • Azure portal
analysis, security, and protection.
• The Developer portal
• APIs consists of one or more operations,
and each API can be added to one or
more products.
API structure

Products Groups Developers

Products are how APIs are Groups are used to manage Developers represent the
surfaced to developers. the visibility of products to user accounts in an API
developers. Management service
instance.

Policies Developer portal

Allow the Azure portal to You can learn about your
change the behavior of the API, view and call
API through configuration. operations, and subscribe
to products.
Azure Logic Apps
Azure Logic Apps

• Develop, deploy, and run anywhere

• Boost productivity with seamless,
automated, business-critical
workflows without writing code
• Support complex mapping, B2B, and
enterprise messaging scenarios
Azure Key Vault
Azure Key Vault overview
Azure Key Vault features
• Secrets Management: For safe storage
and strict control
• Key Management: Used as a key
management solution
• Certificate Management: Provision,
manage, and deploy public and private
SSL/TLS certificates
Azure Key Vault benefits
• Centralized application secrets: Control their
distribution
• Securely store secrets and keys: Requires
proper authentication and authorization to
gain access
• Monitor access and use: Enable logging to
monitor activity
• Simplified administration of application
secrets: Follow the life cycle and have high
availability
Authenticating to Azure Key Vault
Three ways to authenticate:

• Managed identities for Azure resources: When you deploy an app on a virtual
machine in Azure, you can assign an identity to your virtual machine that has
access to Key Vault.
• Service principal and certificate: You can use a service principal and an associated
certificate that has access to Key Vault.
• Service principal and secret: Although you can use a service principal and a secret
to authenticate to Key Vault, we don't recommend it.
Azure DevOps and GitHub
Azure DevOps overview

• Plan work
• Collaborate on code development
• Build and deploy applications
Azure DevOps

Azure Boards Azure Repos Azure Pipelines Azure Test Azure Artifacts
Plans
Plan, track, and Unlimited CI/CD that Toolkit for test Create, host,
discuss work cloud-hosted works with any management and share
across teams. private Git language, and exploratory packages.
repos. platform and testing.
cloud.
GitHub integration

Feature Description

Connect Azure Boards project Establishes connection of one, or more, GitHub

to GitHub repos repositories to an Azure Boards project.

Link work items to GitHub Mentioned work items in GitHub comments are
commits, pull requests and configured as hyperlinks to support quick navigation.
issues.
Azure Cognitive Services
Azure Cognitive Services
Cognitive Services can be categorized into four main pillars:
 Vision APIs provide advanced cognitive algorithms for processing images.
 Speech APIs add speech-enabled features to applications like speech-to-text, text-to-speech,
speech translation, and many more.
 Language APIs provide Natural Language Processing, Language Understanding, translation,
and more.
 Decision APIs provide the ability to monitor and detect abnormalities in time series data,
content moderation, and more.
Optimize and monitor your apps
In this module…

Azure Monitor

Application Insights

Log-based metrics

Application Map

Demo: Application Insights

Azure Monitor
Azure Monitor overview
Azure Monitor metrics and logs
Application Insights
Application Insights benefits
Understand how your app is Start monitoring and analyzing app
performing and how it's being used performance
 Request rates, response times, and failure  At run time
rates  At development time
 Dependency rates, response times, and failure  Instrument your web pages
rates
 Analyze mobile app usage
 Exceptions
 Availability tests
 Page views and load performance
 AJAX calls from web pages
 And more…
How Application Insights works
Instrument an app for monitoring
Auto-instrumentation Instrumenting for distributed
 Enable application monitoring without tracing
changing your code.
 Enabling via Application Insights SDKs
 Enable and configure the agent which will
 Enable via OpenCensus
collect the telemetry automatically.
 You'll see the metrics, requests, and
dependencies in your Application Insights
resource
Log-based metrics
Log-based metrics
Log-based metrics
• The Application Insights backend stores all
collected events as logs
• The Application Insights blades in the
Azure portal act as a diagnostic tool for
visualizing event-based data from logs
• Using logs to retain a complete set of
events can bring great analytical and
diagnostic value
Pre-aggregated metrics
• Stored as pre-aggregated time series, and
only with key dimensions
• The Application Insights 2.7 SDK or later
pre-aggregate metrics during collection
• For the SDKs that don't implement pre-
aggregation, the Application Insights
backend still populates the new metrics by
aggregating the events received by the
Application Insights event collection
endpoint
Application Map
Troubleshoot app performance using Application Map

Spot performance
bottlenecks or failure
hotspots across all
components of your
distributed application

Identify and resolve performance bottlenecks​ and failure hotspots

Demo: Application Insights