Azure App Service Tutorial: PaaS Web Hosting Guide 2024
Azure App Service: Platform-as-a-Service for Web Applications
Overview
Azure App Service is a fully managed Platform-as-a-Service (PaaS) offering for hosting web applications, REST APIs, mobile backends, and logic apps. It abstracts away infrastructure management while providing enterprise-grade features like auto-scaling, deployment slots, and integrated CI/CD.
Key characteristic: Your applications run on Azure-managed virtual machines (app service plans) with zero server maintenance required.
Supported Runtimes & Workloads
| Category | Technologies |
|---|---|
| Web frameworks | ASP.NET, ASP.NET Core, Java (Spring, Tomcat), Node.js, PHP, Python (Django, Flask) |
| Static sites | HTML/CSS/JavaScript |
| APIs | RESTful APIs, GraphQL endpoints |
| Mobile backends | Xamarin, native iOS/Android backends |
| Integration | Logic Apps, Azure Functions |
| Background tasks | PowerShell, Bash scripts, WebJobs |
App Service Plans: The Foundation
An App Service Plan defines the compute resources and pricing tier for your applications. Think of it as the “server” your apps run onโmanaged by Azure.
Plan Tiers
| Tier | Use Case | Key Features |
|---|---|---|
| Free (F1) | Development, testing | Shared infrastructure, 1GB RAM, custom domains not supported |
| Shared (D1) | Small dev/test | Shared infrastructure, custom domains, SSL support |
| Basic (B1-B3) | Small production | Dedicated compute, manual scaling, 3.5GBโ7GB RAM |
| Standard (S1-S3) | Production workloads | Auto-scaling (up to 10 instances), deployment slots, 1.75GBโ7GB RAM per instance |
| Premium (P1v3-P3v3) | High-performance | Faster processors, VNet integration, up to 14GB RAM |
| Isolated (I1-I3) | Compliance/security | Dedicated App Service Environment (ASE), private VNet |
Plan Configuration Options
- Operating System: Windows or Linux
- Compute Size: CPU cores and RAM allocation
- Region: Geographic deployment location
- Number of Instances: Manual or auto-scaling configuration
Multi-Tenancy & Cost Efficiency
Key advantage: Multiple apps can share a single app service plan.
| Scenario | Configuration |
|---|---|
| Development | 1 plan (Standard) โ 3 apps (dev, staging, prod) |
| Microservices | 1 plan (Premium) โ 5+ API services sharing compute |
| Cost optimization | Scale plan up during peak, down during off-hours |
Benefits:
- Consolidated billing
- Shared compute resources
- Collective scaling based on aggregate demand
Scaling Strategies
Vertical Scaling (Scale Up/Down)
Change to a higher or lower pricing tier:
- Up: More CPU/RAM for resource-intensive workloads
- Down: Reduce costs during low-demand periods
Horizontal Scaling (Scale Out/In)
Add or remove instances within the same tier:
| Method | Behavior | Best For |
|---|---|---|
| Manual | Fixed instance count (1โ30) | Predictable workloads |
| Auto-scaling | Dynamic based on metrics | Variable traffic patterns |
Auto-scaling Metrics:
- CPU percentage (average across instances)
- Memory percentage
- HTTP queue length
- Custom Application Insights metrics
Auto-scaling Rules Example:
- Scale out: Add 2 instances when CPU > 70% for 5 minutes
- Scale in: Remove 1 instance when CPU < 30% for 10 minutes
- Instance limits: Min 2, Max 10 (ensures high availability)
Deployment Slots: Zero-Downtime Deployments
Deployment slots are separate environments within the same app service plan, each with its own URL and configuration.
Standard Slot Configuration
| Slot | Purpose | URL Pattern |
|---|---|---|
| Production | Live application | https://myapp.azurewebsites.net |
| Staging | Pre-production validation | https://myapp-staging.azurewebsites.net |
| Development | Feature testing | https://myapp-dev.azurewebsites.net |
Slot Swap Workflow
- Deploy new version to staging slot
- Test thoroughly on staging URL
- Swap staging โ production (instant, no downtime)
- Monitor production; rollback by swapping back if issues arise
Benefits:
- Zero-downtime deployments
- Easy rollback capability
- Warm-up periods (staging slot “warms up” before receiving production traffic)
- Slot-specific settings (connection strings, app settings) that stick with the slot
Security: Service Endpoints & VNet Integration
Service Endpoints
Purpose: Securely connect App Service to Azure PaaS services (Storage, SQL Database, Cosmos DB) without traversing the public internet.
How it works:
- Enable service endpoint on subnet within your VNet
- Configure target Azure service to allow traffic from that subnet
- Traffic flows through Azure backbone network only
Benefits:
- Data stays on Microsoft’s private network
- Public endpoint exposure eliminated
- Simplified firewall rules (IP-based restrictions replaced by VNet rules)
Architecture Example
[App Service] โโ [VNet Integration] โโ [Service Endpoint] โโ [Azure Storage]
โ โ โ
Public Private Private
Internet IP EndpointAdditional Security Features:
- Private Endpoints: Assign private IP addresses from your VNet to App Service
- VNet Integration: Inject App Service into your virtual network
- Hybrid Connections: Connect to on-premises resources securely
App Service vs. Other Azure Compute Options
| Feature | App Service | Container Instances | Container Apps | AKS |
|---|---|---|---|---|
| Abstraction | PaaS (managed runtime) | IaaS (container) | PaaS (container) | IaaS (orchestrator) |
| Best for | Web apps, APIs, mobile backends | Simple containers | Microservices, event-driven | Complex, custom workloads |
| Scaling | Built-in auto-scale | Manual | Event-driven auto-scale | Manual/HPAs |
| Deployment slots | โ Yes | โ No | โ Revisions | โ Manual strategies |
| Custom containers | โ Yes (Web App for Containers) | โ Yes | โ Yes | โ Yes |
| Pricing model | Per plan + instances | Per second | Per usage | Per node + management |
Quick Reference: Creating an App Service
Azure Portal Path: Create resource โ Web App โ Configure:
- Basics: Subscription, resource group, name, runtime stack (.NET, Node, Python, etc.)
- Hosting: Select or create App Service Plan (tier, OS, region)
- Deployment: GitHub Actions, Azure DevOps, local Git, or container registry
- Networking: VNet integration, private endpoints (optional)
- Monitoring: Application Insights, Log Analytics (recommended)
Azure CLI Equivalent:
az webapp create \
--resource-group myResourceGroup \
--plan myAppServicePlan \
--name myUniqueAppName \
--runtime "NODE|18-lts"Key Takeaways
- PaaS simplicity: No server management, patching, or infrastructure maintenance
- Flexible runtimes: Native support for all major web frameworks
- Cost efficiency: Share plans across multiple apps; scale collectively
- Production-ready: Deployment slots, auto-scaling, and high availability built-in
- Enterprise security: VNet integration, service endpoints, private connectivity
Azure App Service strikes the balance between ease of use (managed platform) and flexibility (multiple runtimes, scaling options, deployment strategies)โmaking it the go-to choice for most web application workloads in Azure.
