Azure Clouder

Creating and Managing Azure App Services and Environments with IaC

Introduction

Azure App Service is a robust platform for hosting web applications, APIs, and mobile backends. The service provides fully managed environments to scale and secure your applications without the need to manage infrastructure. This guide explains the Azure App Service Environment (ASE), App Services (Linux and Windows), and Web Apps, along with a practical walkthrough to deploy these services using Infrastructure as Code (IaC) with Bicep and PowerShell scripts.


Key Components

  1. Azure App Service Environment (ASE)
    • ASE is a dedicated, isolated environment specifically designed for hosting high-compliance, high-performance applications securely within an Azure Virtual Network (VNet).
    • ASE supports hosting of both Windows and Linux App Services.
    • Benefits:
      • Isolation and Security: ASE can be configured within a virtual network, providing IP restrictions and control.
      • Scale and Performance: ASE offers increased compute resources and supports multiple scaling instances.
  2. Azure App Services (Windows and Linux)
    • Azure App Services provides a fully managed platform for deploying web applications.
    • Key Features:
      • Supports both Windows and Linux.
      • Different pricing tiers, such as Standard, Premium, and Isolated, allow flexible scaling and resources.
      • Provides integrated deployment options and a continuous integration pipeline for rapid releases.
  3. Web App
    • A Web App in Azure App Service is the actual application hosted on the platform, available for user access.
    • Azure Web Apps support various frameworks, including .NET, PHP, Java, Node.js, and Python.

Step-by-Step: Deploying Azure App Service Environment, App Services, and Web App Using IaC

File Overview

  1. deploy-asp.ps1: PowerShell script to initiate the deployment.
  2. main-asp-lin.bicep: Bicep template to deploy Linux App Service Plans.
  3. main-asp-win.bicep: Bicep template to deploy Windows App Service Plans.
  4. parameter-asp-lin.json: Parameter file for the Linux App Service Plan.
  5. parameter-asp-win.json: Parameter file for the Windows App Service Plan.

Step 1: Define the Deployment Script – deploy-asp.ps1

This PowerShell script is responsible for deploying the App Service Plans using Bicep templates and parameters.

# Define variables
$resourceGroupName = "your-resource-group"
$templateFile = ".\main-asp-lin.bicep" 
$parametersFile = ".\parameter-asp-lin.json"
$deploymentName = "AppServicePlan-Deployment-$(Get-Date -Format 'yyyyMMddHHmmss')"

# Log in to Azure
az login

# Set the subscription
az account set --subscription "your-subscription-id"

# Deploy the Bicep template
az deployment group create `
  --resource-group $resourceGroupName `
  --name $deploymentName `
  --template-file $templateFile `
  --parameters $parametersFile

Write-Output "Deployment complete."

Note: Replace "your-subscription-id" and "your-resource-group" with appropriate values for your environment.

Step 2: Create the Bicep Template for the Linux App Service Plan – main-asp-lin.bicep

In this Bicep file, we define parameters and resources required for the Linux App Service Plan, including the SKU, worker count, and hosting environment profile.

param name string
param location string
param sku string
param skucode string
param workerSizeId int
param numberOfWorkers int
param hostingEnvironmentProfile object
param kind string
param tags object

resource appServicePlan 'Microsoft.Web/serverfarms@2020-12-01' = {
  name: name
  location: location
  sku: {
    tier: sku
    name: skucode
  }
  kind: kind
  tags: tags
  properties: {
    targetWorkerSizeId: workerSizeId
    targetWorkerCount: numberOfWorkers
    reserved: true // Indicates a Linux plan
    hostingEnvironmentProfile: hostingEnvironmentProfile
  }
}

Parameters Explained:

  • name: Name of the App Service Plan.
  • location: Azure region, e.g., Australia East.
  • sku and skucode: Defines the tier (e.g., Isolated) and plan code (e.g., I1v2).
  • workerSizeId and numberOfWorkers: Specifies the VM size and count.
  • hostingEnvironmentProfile: Links to the ASE for isolation.

Step 3: Create the Bicep Template for the Windows App Service Plan – main-asp-win.bicep

This file is similar to the Linux template but has one key difference (reserved: false), which specifies it as a Windows plan.

param name string
param location string
param sku string
param skucode string
param workerSizeId int
param numberOfWorkers int
param hostingEnvironmentProfile object
param kind string
param tags object

resource appServicePlan 'Microsoft.Web/serverfarms@2020-12-01' = {
  name: name
  location: location
  sku: {
    tier: sku
    name: skucode
  }
  kind: kind
  tags: tags
  properties: {
    targetWorkerSizeId: workerSizeId
    targetWorkerCount: numberOfWorkers
    reserved: false // Indicates a Windows plan
    hostingEnvironmentProfile: hostingEnvironmentProfile
  }
}

Step 4: Parameter Files (parameter-asp-lin.json and parameter-asp-win.json)

These JSON files define parameter values for deploying both Linux and Windows App Service Plans.

Linux Parameters – parameter-asp-lin.json

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "name": {
      "value": "vnet-name-linux-asp"
    },
    "location": {
      "value": "Australia East"
    },
    "sku": {
      "value": "Isolated"
    },
    "skucode": {
      "value": "I1v2"
    },
    "workerSizeId": {
      "value": 6
    },
    "numberOfWorkers": {
      "value": 1
    },
    "hostingEnvironmentProfile": {
      "value": {
        "id": "/subscriptions/your-subscription-id/resourceGroups/your-resource-group/providers/Microsoft.Web/hostingEnvironments/your-ase-id"
      }
    },
    "kind": {
      "value": "linux"
    },
    "tags": {
      "value": {
        "Environment": "Non-Prod",
        "Owner": "Your Team",
        "DataClassification": "Confidential"
      }
    }
  }
}

Windows Parameters – parameter-asp-win.json

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "name": {
      "value": "vnet-name-windows-asp"
    },
    "location": {
      "value": "Australia East"
    },
    "sku": {
      "value": "Isolated"
    },
    "skucode": {
      "value": "I1v2"
    },
    "workerSizeId": {
      "value": 6
    },
    "numberOfWorkers": {
      "value": 1
    },
    "hostingEnvironmentProfile": {
      "value": {
        "id": "/subscriptions/your-subscription-id/resourceGroups/your-resource-group/providers/Microsoft.Web/hostingEnvironments/your-ase-id"
      }
    },
    "kind": {
      "value": "app"
    },
    "tags": {
      "value": {
        "Environment": "Non-Prod",
        "Owner": "Your Team",
        "DataClassification": "Confidential"
      }
    }
  }
}

Step 5: Execute the Deployment

Run the deploy-asp.ps1 PowerShell script to initiate the deployment:

powershell -File .\deploy-asp.ps1

Upon successful execution, Azure provisions the ASE and App Service Plan. To validate, navigate to Azure Portal > Resource Groups and confirm the new App Service Environment, App Service Plan, and Web App are in place.


Conclusion

This tutorial outlined how to deploy an Azure App Service Environment and App Services (Linux and Windows) using IaC through Bicep and PowerShell scripts. By leveraging Bicep’s reusability and structured approach, deploying complex environments becomes streamlined, maintainable, and scalable.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.