• Have an Azure account with those followings:
      • A resource group where resources will be declared (here we will use "MYRG" for example).
      • Azure Container Registry (ACR) - Azure solution to store docker images. (Here we will use "ACR01" for example). The application container image is push in the ACR01 with the name "myapp" and tag "latest".
      • Create a User (User_ACR_pull) in your Active Directory and assign it the AcrPull role for the Azure Container Registry "ARC01".
    • Have Terraform installed
    • Have Azure cli installed

    Terraform an app service configuration


    In the following section, I describe the Terraform configuration.


    Set up the provider for Azure


    Get user assign identity

    Load your user "User_ACR_pull" in Terraform. These pieces of information will be used to give the correct right to your app service to pull images from the ACR.



    Terraform documentation: azurerm_user_assigned_identity


    App service plan

    Before creating your app service you need first to create an app service plan. An App Service plan defines a set of computing resources for a web app to run. These compute resources are analogous to the server farm in conventional web hosting.



    Terraform documentation: azurerm_app_service_plan


    Warning: For high availability, Azure advises to have at least 3 instances running (defined incapacity). In fact, azure can do maintenance and if you have only one instance this one can be done during the maintenance process.


    Environment variables

    In order to use an Azure Container Registry, you need to declare some environment variables to your app service:



    This is here where you will have to declare all other environment variables required for your application.


    App service

    Once you have declared your app service plan and the environment variables, you can declare your app service:



    Terraform documentation: azurerm_app_service


    Staging slot

    In order to use blue/green deployment to avoid downtime during the deployment of a new version of the code, you need to declare a staging slot. During a new code version deployment, the new version will be deployed first in the staging slot. Once the application is fully started on this slot, the application will be swapped with the one running on the production slot and all the traffic will go through the new version.



    Terraform documentation: azurerm_app_service_slot


    Monitoring - app insight

    You can also add an app insight to improve the monitoring of your application:



    Terraform documentation: azurerm_application_insights


    In order to connect the app insight to your app, you need to your application you need to add these environment variables:



    Warning: when you add a new environment variable to your application this one restarts. So you will have a downtime. To avoid this downtime:


    1. Add the new environment variable only in the staging slot.

    2. Swap the staging slot to the production slot.

    3. Put the new environment variable in the production slot.

    Apply your configuration in Azure


    Here is the command you have to pass in your terminal


    Login to Azure



    Init terraform



    Apply your configuration



    Once applied, you can see the resources created in azure:

    - App service plan: my_service_plan

    - App service: my_app_service_container

    - App insight: my_app_insight


    You are now able to deploy from code, an high available application in an Azure app service with the required monitoring for production use with the possibility of using blue/green deployment with the staging slot to avoid any downtime during your code deployment.