Home News Contact About

Friday, June 15, 2018

Microsoft Azure

Microsoft Azure



Azure tutorial

Azure is a cloud computing platform, designed by Microsoft to successfully build, deploy, and manage applications and services through a global network of data centers.

 Fault Domains and Update Domains

 Roles (RBAC)

  • Owner - Has full access to all resources including the right to delegate access to others.
  • Contributor - Can create and manage all types of Azure resources but can’t grant access to others.
  • Reader - Can view existing Azure resources.
  • User Access Administrator - Lets you manage user access to Azure resources.
Flow, Logic Apps, Functions, and WebJobs

 LRS - 3 copies with in the same data center.
ZRS - 3 copies with in the 3 data centers
GRS - 6 copies of data (Primary region -3 & Secondary region -3)
  • Locally redundant storage (LRS)
    • Replicates your data three times within the region in which you created your storage account.
  • Zone redundant storage (ZRS)
    • Replicates your data three times across two to three facilities, either within a single region or across two regions.
  • Geo-redundant storage (GRS)
    • Replicates your data to a secondary region that is hundreds of miles away from the primary region.
  • Read-access geo-redundant storage (RA-GRS)
    • Replicates your data to a secondary region, as with GRS, but also then provides read-only access to the data in the secondary location.
Replication strategyLRSZRSGRSRA-GRS
Data is replicated across multiple facilities.NoYesYesYes
Data can be read from the secondary location and from the primary location.NoNoNoYes
Number of copies of data maintained on separate nodes.3366

 Types of Cloud
The storage options on cloud is in 3 forms −
  • Public
  • Private
  • Hybrid
Azure WebApps:
  • Azure Web Apps enables you to build and host web applications in the programming language of your choice without managing infrastructure. 
  • It offers auto-scaling and high availability, supports both Windows and Linux, and enables automated deployments from GitHub, Visual Studio Team Services, or any Git repo. 
  • Azure App Service Web Apps (or just Web Apps) is a service for hosting web applications, REST APIs, and mobile back ends.
  •  You can develop in your favorite language, be it .NET, .NET Core, Java, Ruby, Node.js, PHP, or Python.
  • Web Apps not only adds the power of Microsoft Azure to your application, such as security, load balancing, autoscaling, and automated management. 
  • You can also take advantage of its DevOps capabilities, such as continuous deployment from VSTS, GitHub, Docker Hub, and other sources, package management, staging environments, custom domain, and SSL certificates.
Azure App Service, Virtual Machines, Service Fabric, and Cloud Services comparison

Azure App Service online migration tool

Download Publish profile settings file from portal and upload the profile in Visual studio to deploy web site to specific site.
Azure Web App diagnostic logs can be accessed through diagnostic logs,  To access the path, download publish profile and take user name and password .

Azure Diagnostics Logs
Application Insights

 Swagger Web API

Azure Diagnostic Logs:

Adding Trace to Azure Web Sites and Web Jobs

using System.Diagnostics;
 Trace.TraceError("Index error logged");
Add the below tags to web.config

<system.diagnostics>
    <sharedListeners>
      <add name="AzureTableTraceListener" type="Microsoft.WindowsAzure.WebSites.Diagnostics.AzureTableTraceListener, Microsoft.WindowsAzure.WebSites.Diagnostics, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
      <add name="AzureBlobTraceListener" type="Microsoft.WindowsAzure.WebSites.Diagnostics.AzureBlobTraceListener, Microsoft.WindowsAzure.WebSites.Diagnostics, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
      <add name="AzureDriveTraceListener" type="Microsoft.WindowsAzure.WebSites.Diagnostics.AzureDriveTraceListener, Microsoft.WindowsAzure.WebSites.Diagnostics, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
    </sharedListeners>
    <sources>
      <source name="Diagnostics" switchName="DiagnosticsSourceSwitch" switchType="System.Diagnostics.SourceSwitch">
        <listeners>
          <add name="AzureDriveTraceListener"/>
        </listeners>
      </source>
      <source name="Messaging" switchName="MessagingSourceSwitch" switchType="System.Diagnostics.SourceSwitch">
        <listeners>
          <add name="AzureTableTraceListener"/>
          <add name="AzureBlobTraceListener"/>
        </listeners>
      </source>
      <source name="Operational" switchName="OperationalSourceSwitch" switchType="System.Diagnostics.SourceSwitch">
        <listeners>
          <add name="AzureTableTraceListener"/>
          <add name="AzureBlobTraceListener"/>
        </listeners>
      </source>
    </sources>
    <switches>
      <add name="DiagnosticsSourceSwitch" value="All" />
      <add name="MessagingSourceSwitch" value="All" />
      <add name="OperationalSourceSwitch" value="All" />
    </switches>
    <trace autoflush="true" indentsize="4" />
</system.diagnostics>

 Functions:
crown expressions

 Storage:
Click here

There ate two types of storage accounts.

  1. General purpose storage
  2. Blob storage
  • Microsoft Azure Storage is a Microsoft-managed cloud service that provides storage that is highly available, secure, durable, scalable, and redundant. 
  • Azure Storage consists of Blob storage, File Storage, and Queue storage.
Table Storage:
  • Each entity can include up to 252 properties to store data. 
  • Each entity also has three system properties that specify a partition key, a row key, and a timestamp. 
  • Entities with the same partition key can be queried more quickly, and inserted/updated in atomic operations. 
  • An entity's row key is its unique identifier within a partition.
We can define access policies to the storage account to restrict user access by providing read, write and both. We can define expiry date and time also.
Issues:
If CloudConfigurationManager  is not present then

  • CloudConfigurationManager : Install-Package Microsoft.WindowsAzure.ConfigurationManager -Version 3.2.3
When cloudtable.createifnotexists() is returning 403 forbidden then might be date time in the machine is wrong.

If you insert same partition key, will throw 409 forbidden.
Use InsertOrReplace instead ofInsert while inserting data to table or blob.

Key Vault:
https://www.synopsys.com/blogs/software-security/protecting-keys-and-secrets-in-microsoft-azure/
Key
A Cryptographic key represented as JWK (JSON Web Key)
Example: store A .pfx certificate file that contains a pair of public & private keys

Secret
KV accepts any value and stores it as a binary (there is a max size limitation)

Example: A password or API key

KeyVault sample
KeyVault

https://www.youtube.com/watch?v=51Qmk3TQJ44
ARM Template:
Slot setting

Media Services
 sample

Azure AD B2C

B2C Doc
========================================================================
Azure AD Web API:

 Web.Config:
<appSettings>
     <add key="ida:Tenant" value="https://webapiappsample.onmicrosoft.com" />
    <add key="ida:Audience" value="https://webapiappsample.onmicrosoft.com/8b91ea95-c787-42c1-b29e-3ae1de60eee6" />
   <add key="owin:AutomaticAppStartup" value="false" />

  </appSettings>
Startup.Auth.cs:

   public partial class Startup
    {
        // For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
        public void ConfigureAuth(IAppBuilder app)
        {
            app.UseWindowsAzureActiveDirectoryBearerAuthentication(
                new WindowsAzureActiveDirectoryBearerAuthenticationOptions
                {
                    Audience = ConfigurationManager.AppSettings["ida:Audience"],
                    Tenant = ConfigurationManager.AppSettings["ida:Tenant"],

                });
        }

    }
Impose [Authorize] attribute on controller.cs

========================================================================
Designing-multi-tenant-web-applications

Service Bus

========================================================================

AZURE BALANCER , APPLICATION GATEWAY AND TRAFFIC MANAGER

ServiceAzure Load BalancerApplication GatewayTraffic Manager
TechnologyTransport level (Layer 4)Application level (Layer 7)DNS level
Application protocols supportedAnyHTTP and HTTPSAny (An HTTP endpoint is required for endpoint monitoring)
EndpointsAzure VMs and Cloud Services role instancesAny Azure Internal IP address or public internet IP addressAzure VMs, Cloud Services, Azure Web Apps, and external endpoints
Vnet supportCan be used for both Internet facing and internal (Vnet) applicationsCan be used for both Internet facing and internal (Vnet) applicationsOnly supports Internet-facing applications
Endpoint MonitoringSupported via probesSupported via probesSupported via HTTP/HTTPS GET
======================================================================
Protect an API by using OAuth 2.0 with Azure Active Directory and API Management



Functions
When you're using a blob trigger on a Consumption plan, there can be up to a 10-minute delay in processing new blobs. This delay occurs when a function app has gone idle. After the function app is running, blobs are processed immediately. To avoid this cold-start delay, use an App Service plan with Always On enabled, or use the Event Grid trigger. For more information, see the blob trigger binding reference article.

 https://docs.microsoft.com/en-us/azure/media-services/previous/media-services-dotnet-how-to-use-azure-functions





Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)