1.Overview & Architecture

Overview

• SLA 99,95% starting at Basic and over
• App Service Plan is made of:
  • Size:
    • Defines a set of compute + memory resources
    • small, medium, large
  • Tier:
    • Defines the available features
    • Free, Shared, Basic, Standard, Premium, Isolated
• App Service Plan Size:
  • = defines the scale unit
  • Small: 2 Core, 8GB
  • Medium: 4 Core, 16GB
  • Large: 8 Core, 32GB
• App Service Plan VM Type:
  • Free, Shared, Basic, Standard, Premium: = same VM type
  • Premium v2: based on Dv2
  • Premium v3: based on Dv4
• App Service Plan Pricing Tier:
  • Free, Shared:
    • App is hosted on a shared VM instance (= shared worker)
    • VM is shared with multi-apps & multi-customers
  • Basic, Standard:
    • App hosted on a dedicated VM instance(s)
    • Can host multiple apps
    • Support Web App for containers in the Linux runtime
  • Premium v3:
    • App hosted on a dedicated VM instance(s)
    • Can host multiple apps
    • Support for Vnet connectivity
    • Support for Linux containres
    • Support for Windows containers
  • Premium v2:
    • App hosted on a dedicated VM instance(s)
    • Can host multiple apps
  • ASE v3 (= Isolated v2):
    • isolated and dedicated environment
      • App hosted on dedicated VM instance(s)
      • Placed on dedicated Azure Vnet
    • Public preview 01/11/20
  • ASE v2 (= Isolated v1):
    • Provides a fully isolated and dedicated environment for securely running App Service apps
      • App hosted on dedicated VM instance(s)
      • Placed on dedicated Azure Vnet
    • Support:
      • Windows web apps
      • Linux web apps
      • Docker containers
      • Mobile apps
      • Functions
    • Appropriate for application workloads that require:
      • Very high scale.
      • Isolation and secure network access.
      • High memory utilization
    • ASE comes with its own pricing tier, learn how the Isolated offering helps drive hyper-scale and security
    • Can be deployed into Availability Zones (AZ) using zone pinning
    • Dedicated environment:
      • Can host 100 App Service Plan instances
  • ASE v1:
    • You need to manage all of the resources manually

Pricing

• Free & Shared:
  • metered on a per App basis
• Basic -> Isolated:
  • Billed on a per second basis
  • each VM instance in the App Service plan is charged
    • regardless how many apps are running on them
  • Tier: differs from features offered
  • Charged even when stopped
  • Includes 20MB Azure SQL free of charge for the first year
• Premium v2:
  • Support for MSDN Dev/Test subscription
• Premium v3:
  • Compatible with 1 or 3Y RI (starting 01/11/20)
  • Support for MSDN Dev/Test subscription
• ASE v3 (= Isolated v2):
  • no per instance stamp fee
  • each worker is charged (a worker run an app)
• ASE v2 (= Isolated v1):
  • flat monthly rate
  • • cost per instance
  • each worker is charged (a worker run an app)
  • Compatible with 1Y RI
• ASE v1:
  • you pay for each vCPU allocated
  • That includes vCPUs used for front ends or workers that aren't hosting any workloads
  • Default maximum-scale size of an ASE is 55 instances
  • Includes workers and front ends
• App Service Domain
• App Service Certificate (x509)
• SSL Connection:
  • No charges for SNI-based SSL
  • Std & Premium includes 1 IP-based SSL at no charges

Architecture

• App Service:
  • The roles that handle incoming HTTP or HTTPS requests are called front ends
  • The roles that host the customer workload are called workers
  • In multi-tenant:
    • All the roles in an App Service deployment exist in a multitenant network
    • front ends are shared, workers are dedicated (= dedicated VM)
    • Webspace:
      • Is a deployment unit hosting 1..n app service
      • App services are deployed into one of the deployment units in the Azure infra
  • In ASE: front ends and workers are dedicated
• Containers:
  • Linux Apps runs in its own container
  • Windows container app runs in its own container
  • No access to the host outside the container is provided
• ASE v3:
  • Isolated and dedicated environment
  • Build on VMSS
  • Internal ASE infra deployed in separate Azure-controlled network
    • Eliminates ASE management traffic in customer network
  • Endpoints injected in customer network
  • 
• ASE v2:
  • Isolated and dedicated environment
  • Composed of front ends and workers.
  • Front ends are responsible for HTTP/HTTPS termination and automatic load balancing of app requests within an ASE.
  • Front ends are automatically added as the App Service plans in the ASE are scaled out
  • Workers are roles that host customer apps:
    • One vCPU/3.5 GB RAM
    • Two vCPU/7 GB RAM
    • Four vCPU/14 GB RAM
• File Access:
  • Each customer's subscription has a reserved directory structure on a specific UNC share within a data center
    • => same UNC share for all the App Service within the same subscription
    • directories are available for read and write access at runtime by the app's application code
    • App code can list OS dir structures and read common files
  • Local Drives:
    • OS = D:\
    • User drive = C:\ => = UNC share
      • App Service reserves a chunk of space for app-specific temporary files
        • Not intended to be used directly by the application code
        • Intented for IIS & app framework
      • Since it's a share all the files are available to all the app instances at a time
    • Internal App Svc drive:
      • Contains the App svc packages
      • Is not accessible to customers
  • Network shares:
    • Allow to store the user content, based on UNC share like \\<host>\<path>\<filename>
    • UNC = Universal Naming Convention
    • Make it easy to work with front end behind load balancer
    • All of the file content for a single customer's subscription is always placed on the same UNC share
    • The C:\ drive is mapped to UNC shares