Introduction
This publication will demonstrate by example, the complete creation of a web application, also called “App Services”, on the cloud “Microsoft Azure”. Nothing very complicated at first glance, except that we will use in turn “Docker” containers, the development environment “Visual Studio Code” and of course, Microsoft Azure and its various services, such as databases and storage. Finally, to approach what would be done when creating a real application, access will be secured with “an SSL certificate” and “private endpoints” to secure the entire infrastructure.
This publication is composed of several parts. This is the first part.
The application
The application that will serve as the thread for this publication has no value in itself. It only serves to demonstrate the possibilities that the Microsoft Azure cloud can offer. Its reference will be “Images Gallery” for the whole article. Here is a representation of the main screen.
The purpose of the project
The project is for academic purposes only. It is simple and most certainly incomplete. Nevertheless, here is a list of the key points of it. The application will allow :
- Upload images, display them as thumbnails and store them in the Azure cloud.
- Download an image from Azure storage.
- Delete an image.
- Manage a database containing information about the images.
Microsoft Azure services
The application infrastructure will focus on the following services:
- App Services.
- Storage account for Blob.
- Microsoft Azure SQL Database.
The creation of the application
The application will be distributed in the form of a “Docker Container” and placed in an “Azure Container Registry”, also called “ACR”. This gives a taste of the development operations called “DevOps” in the IT jargon, of which containers are certainly the centerpiece. This article will also focus on another tool from Microsoft, the development platform “Visual Studio Code”. The latter is totally free and allows you to control the containers and the ACR registry from a centralized location.
PaaS rather than VM
The cloud development allows, today to free itself from all that makes us lose time, namely the maintenance of servers, their backups, as well as the update of the various parts constituting it. The cloud has a major advantage, that of using services, rather than servers on which we will install the application.
PaaS, for “Platform as a Service” is an acronym that groups all application services in the cloud for which no maintenance is required. The Azure SQL Database is one of them.
In this project, no VMs (virtual machines) are used. This simplifies the infrastructure but requires privatizing the services through virtual networks and endpoints. Indeed, it is important to keep in mind that PaaS are public, just like VMs, which are proprietary.
Application security
The environment of the application must be at least secure. For this, it will use the following technologies:
- Microsoft Key Vault and Managed Identities.
- An SSL certificate with a custom domain.
- Two virtual networks (VNet), as well as subnets.
- Private endpoints.
- Private DNS zones.
- An application gateway.
Design of the application
The two representations of the design below are the same.
- The design on the left shows the infrastructure in a simplified way.
- The design on the right shows the real infrastructure in the end. This one adds the security elements.
Conclusion
The introduction to this publication is now complete. It provided an introduction to some of the Microsoft Azure cloud services, a tour of the various tools used, and most importantly, a look at the final design of the application.
Now it’s time to set up a working environment.
