Operating System Functionality on Azure App Service

Pre-requisite: Create an App Service Plan

Azure App Service plans to define a set of compute resources for a web app to run. These computational resources resemble the server farm used in traditional web hosting. App Service plans can be used to host web apps, mobile back ends, and API apps in Azure.

The tier of an App Service Plan is determined by the pricing tier chosen for the plan. The pricing tier determines the features and resources available to the app, such as memory, CPU, storage, and other services. The pricing tiers range from Free to Premium, with each tier offering different levels of resources. The pricing tiers can be found on the pricing page for App Service Plans.

Azure App Service Plans are categorized into Five Tiers:

1. Free: This tier is suitable for testing and development purposes. It offers 1 GB of storage and 1 GB of monthly data transfer.
2. Shared: This tier is suitable for small-scale applications and provides 1 GB of storage and 10 GB of monthly data transfer.
3. Standard: This tier is suitable for large-scale applications. It provides up to 10 GB of storage and 100 GB of monthly data transfer.
4. Premium: This tier is suitable for enterprise-level applications and provides up to 10 GB of storage and 200 GB of monthly data transfer.
5. Isolated: This tier is suitable for applications that require complete isolation from other customers, and provides up to 10 GB of storage and unlimited data transfer.

Frameworks for Development

• Azure App Service: This is a platform-as-a-service offering from Microsoft Azure that enables developers to quickly and easily create and deploy web, mobile, and API apps. It is a fully managed cloud platform and supports a variety of languages and frameworks such as .NET, Node.js, Python, Java, and PHP. It also provides built-in support for DevOps and continuous deployment.
• Azure Functions: Azure Functions is a serverless compute service that enables you to run code on-demand without managing infrastructure. It supports a variety of languages and frameworks such as .NET, Node.js, Python, Java, and PHP. It enables the development of event-driven, serverless applications that can scale up and down as needed.
• Azure Kubernetes Service (AKS): AKS is a container orchestration service that enables developers to quickly and easily deploy, manage and scale containerized applications. It is built on the open-source Kubernetes platform and is fully managed and supported by Microsoft. It allows developers to easily integrate their DevOps pipelines and deploy applications across multiple clusters. 
• Azure Cognitive Services: Azure Cognitive Services are a suite of cloud-based services that enable developers to create applications that can see, hear, speak, understand, and interpret a user’s needs using natural methods of communication. These services can be used to create a wide range of applications from chatbots to image recognition and more. With Azure Cognitive Services, developers can quickly and easily create applications that can respond to input from users, understand and process natural language, extract insights from text and images, and more.

Access to Files

• Azure provides a range of access options for users to access files stored in its cloud platform. One of the primary ways users can access files stored in Azure is via the Azure portal. This portal provides an interface for users to view and manage any files stored in Azure. The portal also includes functionality to upload, download, and delete files from the platform.
• Azure also provides a range of client SDKs, allowing users to programmatically access files stored in Azure. These SDKs provide an API that allows developers to interact with the platform, allowing them to access and manipulate files stored in Azure.
• Azure provides access to files stored in its cloud platform via a range of third-party applications. These applications, such as Dropbox and Google Drive, allow users to access files stored in Azure without having to use the Azure portal or any of the client SDKs.

Regional Drives

1. Azure Regional Drives are a high-performance, low-latency, and secure storage solution that provides local storage to virtual machines (VMs) running on Azure. Regional Drives are a managed storage service that provides local storage on the same Azure region as the VM.
2. It can be used to store applications, data, and operating system files. It is designed to provide VMs with the performance of a local disk without the overhead associated with managing on-premises storage. With Regional Drives, VMs have access to local data within the same Azure region. This eliminates the need for data to be transferred over the public internet or private networks, reducing latency and improving performance.
3. Additionally, it allows for secure access to data within the same Azure region, reducing the risk of data leakage. Regional Drives are offered in two sizes, Standard and Premium. The Standard size offers up to 32 TB of capacity with a maximum throughput of 250 MB/s, while the Premium size offers up to 64 TB of capacity and a maximum throughput of 500 MB/s.

Azure Regional Drives are a great solution for applications that require low latency and high performance. They are ideal for applications such as databases, analytics, and machine learning

Drives on a Network (UNC shares)

A UNC (Universal Naming Convention) share is a type of shared folder or drive that allows users to access files and folders stored on a remote server over the network. It is a common way of sharing data in a Windows environment.

In Azure, UNC shares can be created by creating a virtual machine and configuring a file share. The virtual machine will act as the server, and the file share will be hosted on the virtual machine. The UNC share can then be accessed by users on the network by entering the UNC path in the address bar of their file explorer. UNC paths typically begin with \\ followed by the server name, and then the name of the file share.

For example, \\server1\fileshare.

Network Access

Network access is the ability of an entity (such as a user or a device) to connect to a computer network or a system of interconnected computers. This access can be granted or denied depending on the network’s security settings and authentication methods. A user’s network access rights may be limited to certain services, applications, or machines, and they may be further restricted depending on the user’s access level and privileges. Network access is often controlled using technologies such as firewalls, access control lists, and user authentication protocols.

Code Processing and Execution

• When a request is made to an App Service, the request is routed through the Azure Load Balancer which is responsible for routing requests to the correct App Service instance. Once the request is routed to the correct App Service instance, the code is processed and executed by the Azure App Service instance.
• The Azure App Service instance will use memory management techniques to ensure that resources are managed efficiently. This includes allocating memory for the code and running the code in a secure sandbox.
• The Azure App Service instance also handles any other tasks such as logging, monitoring, and error handling. Additionally, the Azure App Service instance can scale up or down as necessary to meet the demand of the application. This ensures that the application is able to handle the increased load without any issues.

Diagnose Logs and Events

Azure App Services enable logging for applications hosted on the platform. Logs are stored in the file system and can be accessed in several ways. The most common method is to use the Kudu console, which is a web-based tool used to manage applications. By logging into the Kudu console, users can access the LogFiles directory, which contains the log files for the application. Alternatively, users can also access the log files through FTP or the Azure Portal. All log files are stored in the LogFiles directory, located in the www-root folder. Finally, users can also use the Azure Log Stream feature to view the log files in real-time. This feature is especially useful for debugging applications in production environments.

Access to an Azure App Service can be granted in several ways. Firstly, by enabling Azure Active Directory authentication and assigning role-based access control to specific users. Secondly, by creating an IP Address Restriction rule, allowing access only to a specific set of IP addresses. Thirdly, by using the URL Rewrite module to restrict access to specific URLs. Lastly, by setting up an App Service Environment, which provides a private and isolated network environment that can be used to restrict access.

Registry Access

Azure app services provide access to the registry via the Azure Container Registry (ACR) service. The ACR allows you to store and manage Docker images, as well as other types of container images. Access to the registry can be managed via role-based access control (RBAC) or through using the Azure CLI. Alternatively, the images can be accessed through the Azure portal. Additionally, Azure provides the ability to configure webhooks to trigger tasks when images are pushed to the registry.