Azure Resource Manager: Next Generation App Deployments

Anton VidishchevProgram Manager @ EDGAR Online (Ciklum)Azure MVP

Azure Resource Manager: Next Generation Cloud App Deployments

• A lot of material from the session was first introduced on Build 2015 less than a month ago• This is a major change in cloud

deployments since the beginning of Azure• This is how deployments will be performed

from now on, and earlier approaches will be deprecated

Trivia

• Manual• Use Azure Portal to create resources• Use manual deployment steps, e.g. from Visual Studio

• Client driven automation• Write a PowerShell script to automate the process

• Cloud driven deployment• Use an Azure Resource Manager (ARM) template

Several ways to provision resources

• It’s not easily repeatable• What if you need to do it all over again?• Or you need to deploy to a second region?

What’s wrong with manual deployments?

• Solves a lot of the manual deployment issues• Puts too much logic on your client• Uses imperative logic• Hard to parallelize

• Round trips secrets through client

Client driven automation (e.g. PowerShell script)

• Cloud based orchestration engine• Fully declarative• Automatically optimizes the deployment

based on dependency graph• Secrets never make it to the client• More transparent use of the API

ARM Templates

• Containers of multiple resource instances

• Each resource instance has a resource type

• Resource types are defined by resource providers

• Every resource must exist in one and only one resource group

Resource Groups

RESOURCE GROUP

• Lifecycle: deployment, update, delete, status• Grouping: metering, billing, quota, UX

(portal, PowerShell, CLI)• Access Control: scope for RBAC permissions• Identity: resources can talk to each other

Resource Group: Management Container

Resource Group Lifecycle

Question: Should these resources be in the same group or a different one?

Answer: Do they have common lifecycle and management?

• Centralized auditing of operations• Simple tagging and grouping of resources• Consistent access control (e.g. RBAC)

Resource Group Manager Services

• Declarative, model based specification of resources and their configuration, code, and extensions• Idempotent • Consistent deployment• Source file, checked-in• Parameterized

input/output

Resource Templates

SQL Azure Web App

SQLCONFIG

Template: Website Azure DB

DEPENDS ON SQL

• Execution engine builds a state machine• dependsOn and reference() establish

dependencies

Template Execution

StartApp

Service Plan

End

Auto Scale Settin

g

WebSite Alert

Rule

App Insight

s

MS Deploy PKG

After App Service Plan Completes

After Website Completes Once All

Complete

Demo: Resource Group Templates

• Parameters: user input for the template• Variables: allows model reuse and

“mappings” (e.g. different image based on region)• Resources: models all the resources in the

resource group• Outputs: captures information from the

execution (e.g. DNS name for the created blog)

Template Sections

• Functions are delimited by “[{dsl keyword}]”• E.g. “name”: “[concat(‘foo’, parameters(‘p1’))]

• Basic functions:• concat() -- “[concat(‘foo’,’bar’)]” = foobar• variable() – “[variable(‘foo’)]” = variables “foo” value• reference() – “[reference(‘VM1’). IpAddress]”• parameters() – “[parameters(‘blogName’)]”

Template DSL

• https://github.com/Azure/azure-quickstart-templates• https://github.com/rjmax/ArmExamples• http://azure.microsoft.com/en-us/document

ation/articles/resource-group-overview/

Where to start?

© 2015 Microsoft Corporation. All rights reserved.