Your First "Aha" Moment: Azure App Service is just IIS in the cloud. But with slots, auto-scale, and a credit card attached.
1. App Service Plan = Your Azure Bill
Free F1: 60 min/day compute. Sleeps. Good for demo. Bad for users.
Basic B1: ~$13/month. Always on. No slots. No auto-scale.
Standard S1: ~$70/month. Has slots + 5 deploy slots. Minimum for prod.
Premium P1v3: ~$200/month. VNet, Private Endpoint, faster CPU.
Career-Killer Mistake #1: Choosing P1v3 "to be safe".
What happens: $200/month * 3 envs = $600/month. For a CRUD API with 10 users. CTO fires you.
Fix: Start B1. Load test. Move to S1 only if you need slots. Scale up, not out.
2. Deploy in 3 Ways - Pick One
| Method | Speed | Use When |
|---|
| VS Publish | 30s | First-time, testing. Never for prod. |
| Azure CLI | 1 min | az webapp up --name myapp --resource-group rg |
| GitHub Actions | 3 min | Production. CI/CD. Auto-deploy on push. |
3. Deployment Slots = Zero Downtime
Problem: Deploy to prod. App restarts. Users see 502 for 30s.
Fix: 1. Deploy to staging slot. 2. Warm it up: hit myapp-staging.azurewebsites.net. 3. Click "Swap" with prod. Instant DNS switch. 0s downtime.
az webapp deployment slot swap -g rg -n myapp --slot staging --target-slot production
4. Secrets: Never in appsettings.json
Wrong: Commit "ConnectionStrings": {"Default": "Server=prod;..."} to git.
Right: Azure Portal โ App Service โ Configuration โ Connection strings. Or Azure Key Vault.
Code: builder.Configuration.AddEnvironmentVariables() reads them. Name = ConnectionStrings__Default.
Stop Here. Think. App Service logs to /LogFiles. Download via Kudu: myapp.scm.azurewebsites.net.
Next: Docker. Why every startup uses it and banks are scared of it.
1. The Interview Theory: How Azure Runs Your App
Reality: App Service = Windows/Linux VM + IIS/Kestrel + Load Balancer. You rent a sandbox, not a server.
Startup: 1. ANCM starts dotnet MyApp.dll. 2. Kestrel listens on port from ASPNETCORE_URLS. 3. IIS/front-end routes public 80/443 to Kestrel.
Crash? Check Diagnose and solve problems โ Application Logs. Or Kudu /LogFiles/eventlog.xml.
2. The #1 Interview Question: "Blue-Green Deploy in Azure?"
Your Answer: "Use Deployment Slots. Blue = prod slot. Green = staging slot. CI/CD deploys to staging. Run smoke tests on staging URL. If pass, swap slots. Swap is instant DNS change at load balancer. No app restart. If bug, swap back in 10s. For DB changes, use feature flags or backward-compatible migrations. Never run destructive migration before swap."
3. GitHub Actions CI/CD - Prod Ready
Azure Portal โ Deployment Center โ GitHub โ Authorize. It generates this YAML:
name: Deploy to Azure
on: push: branches: [ main ]
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup.NET
uses: actions/setup-dotnet@v3
with: dotnet-version: '8.0.x'
- run: dotnet publish -c Release -o./publish
- name: Deploy to Staging
uses: azure/webapps-deploy@v2
with:
app-name: 'myapp'
slot-name: 'staging'
package:./publish
- name: Swap to Prod
run: az webapp deployment slot swap -g rg -n myapp --slot staging
4. Key Vault - Stop Hardcoding Secrets
Problem: Connection string in App Settings is visible to anyone with Azure read access.
Fix: 1. Create Key Vault. 2. Add secret DbConnection. 3. App Service โ Identity โ System Assigned โ On. 4. Key Vault โ Access Policies โ Add App Service. 5. App Settings โ Add ConnectionStrings__Default = @Microsoft.KeyVault(SecretUri=...).
Code: builder.Configuration.AddAzureKeyVault() with Managed Identity. Zero secrets in code.
5. Scale Rules - Don't Go Broke
| Rule | Bad | Good |
|---|
| Scale Up | B1 โ P3v3 on CPU spike | Scale Out: B1 โ 3x B1 instances |
| Auto-scale | CPU > 70% = add instance | CPU > 70% for 5min, Queue length > 100 |
| Always On | Off on B1 = app sleeps | On for prod. Off for dev/test only |
Career-Killer Mistake #2: Logging to file system C:\home\LogFiles.
Theory: App Service disk is local, temporary. Scale out = 3 instances = 3 sets of logs. App restart = logs gone.
Fix: Log to Application Insights. builder.Services.AddApplicationInsightsTelemetry(). Query all instances in one place.
What's Next = Containers: App Service is PaaS.
Next: Docker Basics teaches you to run anywhere: AWS, GCP, K8s. Banks love it.
Click Next.
No comments yet. Be the first to share your thoughts!