Setting Up a Sample Environment in Azure Cloud Platform

This article is as an requirement of course SENG 41283 : Distributed and Cloud Computing https://science.kln.ac.lk/tunits/setu/index.php/component/sppagebuilder/90-seng-41283.

Here I’m going to setup the sample environment in Azure Cloud platform based on the following cloud architecture.

Cloud Architecture

In order to setup the sample environment in azure platform as the first step I referred to the https://docs.microsoft.com/en-us/azure/guides/developer/azure-developer-guide to get familiar with the azure platform. In here first I would like to explain about the main components that I used in azure.

Azure Resource Group

Basically For an Azure solution, a resource group is a container that contains similar resources. The resource group may include all of the solution resources, or only certain resources that we want to handle as a group.

Azure Active Directory

Azure Active Directory (Azure AD) is the cloud-based identity and access management service provided by Microsoft that lets the employees sign in and access accounts in both internal and external domains.

Azure Database for MySQL server

Storage services are used to store records, files and caching records temporarily.

Azure App Services

Azure App Service is an HTTP-based service designed to host web applications, REST APIs, and mobile back ends.

Azure Function

Azure Functions allows small pieces of code that worry about the architecture of the application to be run. The cloud infrastructure includes all the up-to — date servers with Azure Features, which need to keep the application running at a scale. A function is “triggered” by an event of a particular type. Supported triggers include reacting to data changes, reacting to messages, running on a schedule, or an HTTP request as a result.

Azure Front Door

Azure Front Door helps to identify, manage and track global web traffic routing by optimizing high-availability for optimal performance and fast global fail over.

Azure Application Insights

Application Insights, an Azure Monitor feature, is an Application Performance Management (APM) extensible tool for developers and DevOps professionals. This can be used to track Live Apps. This can identify performance anomalies automatically, and provides powerful analytics tools to help you diagnose problems and understand what users actually do with app.

Now here will demonstrate how I set up the sample application in azure platform with the basic steps.

Creating Resource Group

First I created a resource group in order to include all the other resources. Following screenshot shows the final overview of the resource group that I created with the resources in it.

Resource Group Overview

By creating the resource group including other resources in it we can export the ARM template easily. Also both resources for the solution can also be deployed, managed, and monitored as a group, rather than managing the resources individually. We can delete all the resources once by deleting the resource group.

Creating Active Directory

Then I created a my own azure active directory(uokse_active directory) separate from default active directory in order to create own users.

uokse_active directory

By going to the users tab we can add new users. Following screenshot highlights logged active directory.

Then I added a new user to the active directory. Later by using the username and password of the newly created user, can log to the application.

Following screenshot shows the profile details of the newly created user.

Creating App Service

In order to create app service first I locally implemented and executed the service 01 which is to retrieve data from MySQL database. Then to host that service in azure I created a repository in GitHub and pushed my source code to that repository.

App Service overview for Service 01

Service 01 Repository

Then I added the secret to build trust in between GitHub and azure. To get the secret in the azure first go to the created resource group and create the App Service.

In there secret can be taken by downloading the Get Publish Profile. Then downloaded secret is added in the GitHub. In the above screenshot highlighted URL is the link of the App Service. After adding the secret I created an action on the GitHub in order to build and deploy it in azure.

Creating Azure Database for MySQL server

To create the azure database first go to particular resource group and create Azure Database for MySQL server. Here it needs to give server name, admin username and password. Following screenshot shows the overview of the Azure Database after creating.

Azure Database overview

From the Azure Database given password can be reset. Then I added the DB password, DB host name, DB user name to the service 1 app service in order to setup the configurations.

App Service Configuration for service 01

I added firewall rules to Azure Database to control the access level by allowing access to azure services. Then selected IP addresses can access to the database.

Azure Database connection security

Then I need to create a service to cache data. In that service I setup cache time to 3600 seconds. So cache database stores data for 3600 seconds. Within that time per every request data retrieves from cache memory. Like service 01, I implemented and executed the service 02 locally and then host that service in Azure like I did previously in the service 01.

App Service Overview for Service 02

Service 02 Repository

Creating Azure Cache for Redis

Then I created the Azure Cache for Redis in order to store cache data. We need to give a DNS name to create azure cache.

Azure Redis Cache overview

Then the above highlighted Host name, ports, keys are given in the redis cache app service to setup the configurations.

App Service Configuration for service 02

Creating Azure Functions

We create azure functions in order to upload files. For that I created the function app in the resource group.

Function App overview
HTTP Trigger function

Then index.js and function.json functions need to be implemented in the Code+Test.

index.js

Then I setup the integration part by creating output storage of Azure Blob Storage.

Main thing here is storage account is automatically created when the Function App created. If we have already created storage account we can use it instead of that. We can store files, images etc in the Azure Storage Account.

Storage Account

Now to check whether the file uploading is functioning correctly we need to upload files from the front end.

File Uploading…

Now we can see that the uploaded file stored in the storage account by going to Storage Explorer.

File Store

Creating Application Insights

We add an application insight to monitor apps. I created Application Insight in the particular resource group.With the application insight we can monitor the behavior of Failed Requests, Server Response Time, Server requests and Availability. After creating Application Insight then I enabled Application Insights in App services and selected the relative Application Insight there.

Application Insights
App Service Application Insights
Web App

Creating Static Web App

To Host the front end in Azure I used the static web app. I created the static web app in the particular resource group. By using the static web app we can automatically build and deploy the Web app in the Azure from GitHub repository.

Static Web App overview

Above highlighted link is the URL of the Web App.

Creating Front Door

Then I added a front door in between the static web app and service 02 in order to mask the back end service URLs. Basically it acts as the proxy like behavior.

Front Door

Above highlighted link is the front door URL. Next I added the Web Application Firewall in order to add policies and rules to the Front Door.

Front Door WAF policy

Then I configured policy settings in order to add a custom rule.

Policy Settings

Here I used mode as the prevention in order to prevent the requests.

Then I added a Custom rule to accept only one request per one minute. If it sends an another request within minute it blocks that request.

Custom Rule

Now if we see the requests that are coming to the front door within one minute we can see that first request successfully works and second request within that minute has been blocked.

First Request response
Second Request response

It shows that custom rule we added to the front door successfully block the unwanted requests.

In WAF policy there are pre built managed rules.

Managed rules

Conclusion

Through out this assignment according to my experience I felt that Azure is an User Friendly, Easy to configure Cloud platform. As a Software Engineering Batch from this assignment we had a great hands on experience with the Azure Cloud Service.

References

ARM Template — https://github.com/dulithsenanayake/SENG-41283-arm-templates

Full Stack Developer | BSc. (Hons.) in Software Engineering | University of Kelaniya, Sri Lanka