Hi, I am Arun Kumar Palani, Senior software engineer in Luxoft & Microsoft certified solution Architect - Associate level.
Let's discuss 6 Azure services, developers might use day to day life if the project is completely developed in Microsoft platform.
Before going to discuss in detail let’s see some short introduction of them in 2 lines.
1.Azure Key vault – It is a place where we can keep our secrets. Mostly connection strings and external API secret keys are maintained here.
2.Azure Dev-ops – A simplified solution for maintaining source code, creating and maintaining CI/CD pipelines, release management, a place for maintaining artifacts and it also has test plan.
3.Azure API management – Acts as an entry gate in front of API’s and mostly used for API gateway implementation without much coding.
4.Azure Storage services – Mostly used for storing files and information in different azure storage services.
5.Azure SQL: Similar to on- premises database but offers more flexibility in terms of backup/restore and also in high availability/Auto scaling feature.
6.Azure App Service/VM: App service is a PAAS and VM is IAAS both are used for hosting web applications. VM’s have a lot of advantages other than hosting.
Note: This article is intended for those who have an interest in learning azure conceptually. It will give a clear idea and the exact usage of the service. If you’re new to Azure, please read it twice to get a clear picture of it. This is not a technical article this will just cover the overall view about all the 6 services.
1. What is an Azure Key vault?
Azure Key Vault is a cloud-based service that allows you to securely store and manage cryptographic keys, secrets and certificates used in your applications and services. It is a centralized service where you can store and manage all the sensitive data of your application instead of storing it locally, thus improving the security of your applications.
The Azure Key Vault service provides robust access control, auditing, and monitoring capabilities to ensure that your keys are being accessed only by authorized personnel. It also allows you to generate and manage encryption keys for your applications, making it easier to encrypt/decrypt data and keep it secure.
Advantages of Azure Key vault:
a. Enhanced Security: With Azure Key Vault, you can store and manage all your cryptographic assets in a secure, centralized location. This helps to reduce the risk of keys being compromised or lost due to insecure storage or sharing practices.
b. Simplified Key Management: Azure Key Vault provides a simple, easy-to-use interface for managing your encryption keys, secrets and certificates, which makes it easier for developers to implement secure key management practices.
c. Integration with Azure Services: Key Vault is tightly integrated with other Azure services like Azure Functions and Azure App Service, enabling developers to easily add encryption and decryption features to their applications without having to worry about key management.
d. Easy Compliance: Azure Key Vault supports compliance with various industry standards.
e. Bring Your Own Key Support: Azure Key Vault supports use cases where you want to manage keys on-premises while still utilizing Azure's many platform services.
f. Monitoring and Auditing Capabilities: Key Vault provides robust monitoring, logging, and auditing capabilities that enable teams to track usage, access, and changes to cryptographic keys, certificates, and secrets.
Disadvantages:
a. Cost: Using the Azure Key Vault service can add to your overall cloud expenses, especially if you have large amounts of keys, secrets, or certificates to manage.
b. Learning Curve: Azure Key Vault can be complex for new users and may require some time to learn and become familiar with its capabilities and integration with other Azure services.
c. Limited Programming Language Support: Although Azure Key Vault provides SDKs for multiple programming languages like .NET, Java, Python, etc., its functionality may not be fully supported by all programming languages and frameworks, which could limit its usage in some situations.
d. Dependency on Azure Infrastructure: Since Azure Key Vault is a cloud-based service, it requires an active internet connection and depends on Azure's infrastructure, which can lead to issues if there are any service disruptions or outages.
2. What is Azure DevOps?
Azure DevOps is a collection of services that allow software development teams to plan, build, test, and deploy software. It includes Azure Boards, Azure Repos, Azure Artifacts, Azure Test Plans, and Azure Pipelines. These tools work together seamlessly to provide a comprehensive DevOps solution for teams of any size.
What Azure DevOps Provides?
a. Azure Boards: Like Jira\HP ALM, where we can create and manage user stories/bugs. We can also create branches from the user story where the commit and branch are linked with the parent user story for easy tracking.
Azure Boards also includes built-in analytics features that allow teams to track metrics such as lead time, cycle time, and throughput, which can be useful for identifying bottlenecks and areas for improvement.
We can visualize our data from the azure board and track dependencies.
b. Azure Repos: Like GitHub\Bitbucket\ GitLab\ TFS, where we can push our changes and we can maintain versioning. We can add people from our team and collaborate on code, track the changes, and roll back it whenever necessary.
It provides options for code review and search option for code with specific pieces of snippet.
c. Azure Artifacts: Like JFrog\team city, where we can maintain our NuGet package for the organization includes NuGet, NPM, Maven packages.
With the help of artifacts, we can fetch easily build our pipeline.
Additionally, Azure Artifacts includes package management capabilities, which allow teams to manage dependencies, ensure that packages are up to date, and roll back to previous versions if necessary.
d. Azure Test-Plan: Like Q-test, TestRail. With Azure test plan, we can configure manual testing and exploratory testing plans. It also integrates with Azure Pipelines, making it easy to automate tests and ensure the software is tested before deployment.
We can make a track of all the test cases and we can automate it before going to deployment. So that our application is fully tested before release.
From the developer’s side, we can see the test failure and root cause of the error.
e. Azure Pipelines: Like Jenkins. With Azure Pipelines, teams can automate their software delivery process, from building and testing to deploying to multiple environments. It supports CI\CD which allows teams to build the application, test and deploy the code to environments when it is merged with repository.
The team can use Azure Pipelines to automate the application's build, test, and deployment process and release it to different environments whenever necessary.
We can create a release trigger either manual or automatic by setting the condition to trigger.
What is the advantage of using Azure DevOps?
- Easy integration.
- Cost effective solution.
- Single sign on using Azure AD.
- A complete package not depending on different software for each step.
Implementing a DevOps strategy is essential for software development teams to deliver software quickly and efficiently. Azure DevOps provides this feature with minimal cost, i.e.) cost is calculated on a user basis.
How to deploy a .NET application using Azure DevOps?
Step 1: Create an Azure DevOps feature from the azure portal.
Step 2: Create a simple Web API project and configure it to Azure repository.
Step 3: Create an App server or Virtual machine to host the application.
Step 4: Create a release pipeline. Once the build is available from the pipeline, we can deploy the build to the app service/ VM in the continuous way.
Step 5: What are the steps while deploying our application to app service?
1.Build the environment - Ubuntu\Windows etc.
2.Restore dependencies from the NuGet.
3.Build your project.
4.Run the test cases (Unit\Integration tests).
5.Collect code coverage if required.
6.Publish artifacts to azure pipelines.
7.Publish to NuGet feed.
8.Deploy to web app (app server or VM).
3. Azure API Management It is a cloud-based platform that allows developers to expose, publish, and manage APIs. The service provides a robust set of tools for managing APIs, controlling access to APIs, and monitoring traffic.
Within Azure API Management, developers can create new APIs or import existing ones, add restrictions on how the API may be consumed, and configure policies to apply when requests are received.
"Basically, we do the same thing in API gateway pattern. For this we might use the Ocelot NuGet package. The same service is provided by Google Apigee and in AWS as well".
Key Features of Azure API Management:
API Gateway:
At the core of Azure API Management is an API gateway, which acts as a reverse proxy through which requests are routed to the appropriate backend services. The gateway provides protocol translation, message transformation, and other communication functions to enable seamless integration between client applications and backend services.
API Definition:
With Azure API Management, developers can define APIs using the API Specification (formerly known as Swagger). The specification allows developers to describe the operation of their APIs in a machine-readable format, making it easier for clients to discover and consume the API.
a. Security:
APIs are often resources that need to be guarded against unauthorized access. To this end, Azure API Management provides a range of security features including authentication, authorization, and encryption.
Developers can require API consumers to authenticate themselves before accessing an API. Access can also be controlled by roles, allowing fine-grained control over which users can access which APIs.
b. Rate Limiting:
To prevent abuse of APIs, Azure API Management allows developers to apply rate limits. Limits can be applied based on the number of calls allowed per user, per minute or any other defined period. By setting up rate limits, developers can ensure that their APIs are not subjected to excessive load, which could affect system performance.
c. Analytics:
API data analytics are essential for understanding how your APIs are being used, where performance bottlenecks may exist, and what changes can be made to improve them. With Azure API Management, developers have access to detailed data analysis and reporting tools that provide real-time insights into the performance and usage of their APIs.
This feature includes tracking metrics such as call count, response codes, latency, and other relevant indicators.
d. Developer Portal:
A developer portal is a self-service interface that is used by developers to discover, learn, test, and get support for the APIs they use. Developers can browse documentation, test endpoints, download code samples, and subscribe to new APIs from a single location.
With Azure API Management, developers can build fully customized developer portals that include all the necessary information related to their APIs. Personalization options allow for branding and customization so that the developer portal can match the look and feel of your website or application.
Creating APIs with Azure API Management
The process of creating APIs with Azure API Management typically involves the following steps:
Define the backend service – you may have existing services, or you can create new ones that return the data or perform the operations the API will expose.
Create a new API – either by specifying the API specification directly or by importing an existing API definition.
Configure API policies – policies can be used to modify the behavior of your API, add additional security, or allow efficient caching.
a. Creating Inbound rules: This is the place where the incoming request and its IP address is filtered, and it will check whether these URL is allowed for communication.
Ex) we can directly CORS in API gateway itself rather configuring in the code.
b. Creating outbound rules: Here we can set our custom response headers and send the response back to the user. If there is any modification, we need here we can do that as well.
c. Backend policies: Here we can configure backend URL so that it can safely accessed with the help of inbound and out bound policy.
d. Issue API keys – Issuing authorization keys is a technique used to track the usage of your API and maintain control over who is allowed to use it.
e. Configure usage plans – usage plans allow you to specify rates at which developers can use your API under free, paid, or custom tier models.
f. Publish the API – Once the API has been thoroughly tested and reviewed, developers can publish it to make it publicly available.
Azure API Management is a powerful tool that enables developers to create, manage, and publish APIs quickly and efficiently. The platform comes equipped with a host of features that enable secure and reliable API management, including developer-friendly portals and comprehensive analytics capabilities.
4. Azure storage service: It offers a flexible and scalable solution for storing unstructured data, such as text or binary data, in the cloud. The service supports various types of data including blobs, files, queues, tables, and disks.
Azure Storage is designed to provide a highly available and durable storage infrastructure across multiple regions. It provides automatic replication of data within the same region and enables geo-replication across different regions. This ensures that data is always available even in case of regional disasters. Additionally, Azure Storage also provides multiple layers of security to protect data, including encryption at rest and in transit.
Let's take a closer look at some of the key features and services offered by Azure Storage:
a. Blob Storage
Azure Blob Storage is a scalable and secure object storage service that allows you to store large amounts of unstructured data, such as text or binary data, in the cloud. It provides support for several APIs including REST, .NET, Java, Python, and Node.js. It also provides three tiers of storage: hot, cool, and archive, allowing you to choose the storage option based on the frequency of access to the data.
b. File Storage
Azure File Storage provides fully managed file shares in the cloud. It allows you to create file shares that can be accessed from anywhere in the world using standard SMB 3.0 protocol. It allows you to store and share files with ease, enabling you to easily migrate your existing applications to the cloud.
c. Queue Storage
Azure Queue Storage is used to transmit messages between components of distributed systems. It provides a simple messaging service that allows you to send and receive messages between different components of your application. It is ideal for asynchronous communication and can be used to build reliable systems, decoupled systems, and scalable applications.
d. Table Storage
Azure Table Storage provides NoSQL-like storage capabilities for unstructured data. It allows you to store large amounts of structured, non-relational data in the cloud, and supports features such as secondary indexes and queries.
e. Disk Storage
Azure Disk Storage provides persistent block-level storage for virtual machines (VMs) running in Azure. With disk storage, you can attach disks to your VMs, providing them with durable, low-latency storage. You can also use managed disks, which provide simplified management of storage accounts.
In addition to these services, Azure Storage also provides several other features that make it a versatile and flexible storage solution:
a. Azure Data Lake Storage Gen2:
Azure Data Lake Storage Gen2 is a fully managed service that provides scalable, secure, and cost-effective storage for big data analytic workloads. It combines the power of a Hadoop file system with Azure Blob Storage to provide a common namespace for both structured and unstructured data.
b. Azure Backup:
Azure Backup provides reliable and scalable backup solutions for your data in the cloud. It enables you to protect your data by backing up files, folders, or entire VMs to Azure Storage. Azure Backup also provides support for backup of on-premises data to the cloud, making it a comprehensive backup solution.
c. Azure Site Recovery:
Azure Site Recovery provides disaster recovery solutions for your applications and workloads. It enables you to automate the replication of VMs and physical servers to the cloud, providing you with a seamless failover and failback experience in case of any disasters. It also provides support for real-time replication to minimize data loss.
d. Azure StorSimple:
Azure StorSimple provides a hybrid cloud storage solution that enables you to tier cold data to the cloud while keeping hot data on-premises. This helps reduce storage costs as you only pay for the data that you store in the cloud. Additionally, StorSimple provides intelligent caching and data management capabilities to optimize storage performance.
e. Azure Data Box:
Azure Data Box is a physical device that allows you to move large amounts of data to and from Azure Storage securely and quickly. It is ideal for scenarios where transferring large datasets over the network is not feasible. Data Box supports various storage options, including Blob Storage, File Storage, and Disk Storage.
5. Azure SQL service: It provides a highly scalable and flexible solution for managing relational data in the cloud. The service provides various features, including automatic scaling, high availability, security, and backup and recovery mechanisms.
Azure SQL provides support for several deployment options, including single databases, managed instances, and elastic pools. It also supports several programming languages and development tools, such as .NET, Java, Python, and Node.js, making it easy to develop and deploy applications in the cloud.
Let's take a closer look at some of the key features and services offered by Azure SQL:
1. Database-as-a-service:
Azure SQL is a fully managed database-as-a-service (DBaaS) that eliminates the need for managing infrastructure and hardware. The service takes care of database maintenance tasks such as patching, tuning, backups, and monitoring, freeing up your time to focus on application development.
2. Automatic Scaling:
Azure SQL provides automatic scaling capabilities, allowing you to automatically adjust the resources allocated to your database based on the workload demands. This ensures that your database can handle peak loads without compromising on performance.
3. High Availability:
Azure SQL provides high availability through its built-in replication technology. The service automatically replicates your database across multiple regions, ensuring that your application remains available even in case of regional disasters. Additionally, Azure SQL provides transparent failover mechanisms, so that your application can continue running seamlessly in case of any disruptions.
4. Security:
Azure SQL provides several layers of security to protect your data, including encryption in transit and at rest, firewall rules, identity and access management, and threat detection. It also provides compliance with industry-specific regulations such as HIPAA, PCI DSS, and GDPR.
5. Backup and Recovery:
Azure SQL provides automated backups and point-in-time restore capabilities, ensuring that your data is protected against accidental deletion, corruption, or other types of data loss.
In addition to these features, Azure SQL also provides several other services that make it a versatile and flexible database solution:
a. Single Databases:
Azure SQL supports single databases, which are fully managed databases that can be quickly created and managed in the cloud. You can choose from various database sizes based on your requirements and pay only for the resources that you use.
b. Managed Instances:
Azure SQL also provides managed instances, which are fully managed instances of SQL Server in the cloud. Managed instances provide full SQL Server compatibility, enabling you to easily migrate your existing applications to the cloud.
c. Elastic Pools:
Azure SQL supports elastic pools, which allow you to share resources among multiple databases with different usage patterns. This enables you to reduce costs by optimizing resource utilization across multiple databases.
d. Azure Synapse Analytics (formerly SQL Data Warehouse):
Azure Synapse Analytics is a cloud-based analytics service that allows you to analyze large amounts of data in the cloud using a combination of SQL queries and big data technologies such as Apache Spark. It provides integration with Azure Machine Learning, making it easy to build predictive models and integrate them into your data analysis workflows.
e. Azure Database Migration Service:
Azure SQL also provides a migration service that allows you to migrate your on-premises databases to Azure SQL easily. The service supports various database types, including SQL Server, MySQL, PostgreSQL, and MongoDB.
6. Azure App Service and VM: Azure App Service is a fully managed Platform-as-a-Service (PaaS) offering that allows you to quickly build, deploy, and scale web applications, mobile backends, and RESTful APIs. It supports various programming languages, including .NET, Java, Node.js, PHP, Python, and Ruby.
With Azure App Service, you can easily create and manage web apps, API apps, mobile apps, and logic apps using a single integrated solution. The service provides several features such as automatic scaling, high availability, continuous deployment, and DevOps integration, making it easy to maintain your applications and achieve faster time-to-market.
On the other hand, Azure Virtual Machines (VM) is an Infrastructure-as-a-Service (IaaS) offering that allows you to set up and run virtual machines in the cloud. You can choose from a wide range of pre-configured VM images or create your custom image based on your requirements. This gives you complete control over the operating system, applications, and configuration of your virtual machines.
Let's take a closer look at the key features and services offered by Azure App Service and virtual machines:
1. Azure App Service:
Azure App Service provides several features that make it a versatile and flexible platform for developing and deploying web applications and mobile backends.
a. Web Apps:
Azure Web Apps allow you to easily deploy and manage web applications using a single integrated solution. It supports various frameworks and technologies, including ASP.NET, Node.js, Python, and PHP. You can deploy your applications using FTP, Git, or continuous deployment tools such as Azure DevOps, GitHub, or Bitbucket.
b. Mobile Apps:
Azure Mobile Apps provide a scalable and secure backend for mobile applications. It enables you to build cross-platform mobile applications using Xamarin or Apache Cordova and authenticate users using popular identity providers such as Facebook, Google, and Twitter.
c. Logic Apps:
Azure Logic Apps provide a low-code framework for building workflows and integrations between different applications and services. It supports various connectors to integrate with popular SaaS applications such as Salesforce, Dynamics 365, and Office 365.
2. Virtual Machines:
Azure Virtual Machines provide several features that make it a versatile and flexible platform for running various workloads in the cloud.
a. Pre-configured VM Images:
Azure provides various pre-configured virtual machine images, allowing you to easily set up your preferred operating system and application stack. It includes images for Windows Server, Linux, SQL Server, Oracle, and much more.
b. Customizable VMs:
You can also create custom virtual machines based on your requirements. This enables you to configure the operating system, applications, and settings according to your specific needs.
c. High-performance Computing (HPC):
Azure provides several options for running HPC workloads, including high-performance computing clusters, low-latency storage, and GPU-enabled virtual machines.
d. Hybrid Cloud:
Azure provides seamless integration with your on-premises infrastructure, allowing you to extend your datacenter to the cloud with a hybrid cloud solution. This enables you to easily migrate your existing applications to the cloud and take advantage of its scalability and flexibility.
Comparison
Let's compare some key differences between Azure App Service and Virtual Machines:
a. Management:
Azure App Service is a fully managed service that eliminates the need for managing infrastructure or hardware. In contrast, Azure Virtual Machines require you to manage the underlying infrastructure, such as operating system updates, security patches, and backups.
b. Scalability:
Azure App Service provides automatic scaling capabilities, allowing you to scale your web apps, API apps, and mobile apps dynamically based on usage patterns. Azure Virtual Machines require manual intervention to scale resources up or down.
c. Cost:
Azure App Service charges based on the number of instances and their size, whereas Azure Virtual Machines charge based on the number of virtual machines, their size, and the amount of storage used.
d. Configuration:
Azure App Service provides a ready-to-use environment for developing and deploying web applications and mobile backends, whereas Azure Virtual Machines require you to set up your infrastructure from scratch.
e. Control:
Azure Virtual Machines provide complete control over the virtual machines' configuration, allowing you to configure hardware resources, operating systems, and applications based on your specific needs. In contrast, Azure App Service provides limited control over the underlying infrastructure.
Conclusion: Azure services play a major role if we are using Microsoft technologies like C#, it has direct integration with azure cloud PAAS and IAAS. There are lot of advantages if we use azure services in terms of cost, performance, security. Azure services also built in log facilities like application insight where we can the logs if in case of any failures.
If you have any doubts and require technical implementation for the same, please comment below. I am happy to provide the solution in my GitHub link on the next post.
Stay tuned!!!
Top comments (2)
Great! this is an amazing introductory article for understanding the main services that a dotnet developer will potentially use from Azure.
Many thanks @arunkumar2331996
Thanks @xelit3