A Lap Around Microsoft Azure by Joseph Guadagno || Azure Virtual Conference

So, my name is Joe Guadagno

Most people call me Joe G because my last name is kind of hard to pronounce

As Mahesh and Magnus mentioned, I am a director of technology at Quicken Loans

We're going to kind of walk through, if you want to follow me on Facebook, Twitter, or anything

here's all the contact information. I'm also on Twitch at Jake Wadagno, where I stream three times a week, Monday, Tuesday, and Wednesday at 7 p.m. Pacific time, covering all kinds of topics

You can find out more on my GitHub repo at github.com slash Jake Wadagno or my website

So we're here to talk about Azure. So as I started to rearrange this talk, I gave it a couple of years ago, and a lot has changed since then

I started thinking about talking about all of the different resources that there are in Azure

and then realized there are way too many resources available in Azure

especially for a 45-minute talk that will most likely be cut down to 30 minutes because I'm at the end of the day

and conferences tend to not run on time. So I tweaked the talk a little bit

We're going to kind of cover, take a basic .NET application, which has an API and an MVC portion to it

Then we're going to publish that to the cloud. And we'll cover Azure Web Services

Azure App Service, Azure SQL. and if we have time at the end, Azure Blob Search

And just to show you how easy it is to get in, I know you see a lot of talks

and especially if you're watching anyone from Microsoft or Amazon, it's always those quick hello world apps

They right-click and three seconds later, you have 700 deployed VMs. I'm going to take you a little step back

and give you something hopefully a little bit more realistic. So as I said, this is a lap around Azure

It's really a partial lap. We're not doing a full marathon. We're not going to run 26 miles

Luckily, we're not going to run at all unless you're on a treadmill while you're watching this

We're just going to exercise your mind with this. So we're going to start off with creating two app services

So we're going to be able to publish a web app and then publish an API to it

After we do that, we're going to publish a SQL database with it

This application requires a SQL backend. It doesn't have to be SQL Server

It could be SQLite. It could be anything, but we're going to publish it to SQL. Then if time allows, we're going to use something called storage accounts

that the application we're working on is a context application to manage, you know, first name, last name, date of birth, that kind of stuff for context

But it also has an image component to it. If time allows, we will publish those images to blob storage

And then if we're lucky, we'll start working on a content delivery network to be able to expose that and then run into applications insights

So enough about that. We're not at the finish line yet. We're just at the getting started

So let's take a look at this app and what we are going to do. So this is a pretty basic application

If I hit run, you'll notice I'm using JetBrains Writer and not Visual Studio. There is really no particular reason for it outside of I really like Writer now compared to Visual Studio

but I didn't say that live, but the world is watching. It just has a couple of benefits to it

I'd started my stream using my Mac, and the writer really does have a cross-platform way of doing it

So here's our API endpoint. We have a context endpoint that just spit out a bunch of JSON

and then there's a viewer to it. Nothing major, a typical MVC app

We're just going to show you the power of Azure to be able to deploy this in hopefully under 27 minutes

That's assuming also I don't make any mistakes along the way. So let's start off here

So the first step is I'm logged into the Azure portal. I did that ahead of time just to avoid any of the two-factor authentication that I have set up for it

So first thing I like to do whenever I'm creating an app, especially one for a presentation, is start off with creating a resource group

A resource group you can think of as a logical binding for your applications

It's a way to kind of group them together. Allows you to look at billing firm

Also allows you to both delete them. So when this session is done, I can just come across and delete this

So I am going to call this a lap around Azure. And because I am in the U.S. in the western part of the country, I am going to choose West U.S. to be a little bit faster

For me, click create. And within seconds, that resource group is created

I can click on go to group and you'll see nothing here. So the first thing we want to do is to add what's called an app service plan

So an app service plan allows us to host applications. Think of it as like a virtual IIS box or a virtual Windows or Linux server that allows you to host more than one app

So we're going to create one that allows us to host our two applications

So when I click create, see it automatically talks about my subscription and puts in the resource group since I created it from there

Then we're going to give it a name. Let's call this. These names have to be unique, so sometimes you have to get a little creative

So I'm going to do LAA, follow up around Azure, and then API-app

So names don't necessarily mean anything. It's just more for logical how you figure it out

And I'm going to choose Windows for this just in case some of the libraries you might use might be Windows specific

In our case, it's not, but I'm more comfortable with Windows than Linux. So I just chose that

And then again, the region. And you want to try to keep the regions in the same thing so you don't run into costs when it comes from going from one environment to the next

And then the type of server. So there's lots of different options and the cost varies tremendously on it

Luckily Azure gives you kind of a little sample of roughly how much it would cost The cheapest production box costs about US a month and can go up as high as thousands When you just developing and testing I recommend you go

with either the F1, D1, or B1. I'm not going to do that for this because when I was running through

these demos last night, these are usually shared resources and they're not guaranteed to be up

And while I'm doing a demo, I want to make sure they're up. So I choose one of the production mindsets

And we're going to go with the cheaper S1 for now, which has more than enough power to run that simple app

Click review and create. Hopefully, you get the green checkmark that everything's there

I click create. In a couple of seconds, that will be done

done. Once it's done, we'll go to the resource and start with our next one. Okay, it's done

I'm going to click go to resource. And then you'll see this section here called apps. And there are

no apps to it. So you're good to go. Let's create the next app or the first app, which is going to

as you could imagine, we are going to create what's called a web app

Whether it's an API or an application, this is essentially running Kestrel or IIS for you

We're going to click create, choose that resource group, give it a name

I am going to do la-webapp. Let's do the API first. API-app, and I'm going to do it through code

I can publish a Docker container, but that's a little bit beyond what we're going to do

And this particular app is written with .NET Core 3.1, so I'm going to choose that

Windows, and let's go back. For some reason, it always defaults to central

so let's do west, and I'll go down to west2. Now, it's going to look within West 2 to see if there's any existing app service I have

And I should have three in there. Context Web, which is what I've been using for my stream

LA-API app, which is the one we just created. And LAT app service, which is what I created last night to make sure the demo worked

And in the event that we ran out of time or there was failures, I have a fallback

So let's go and create that. And this takes a couple of seconds once the validation passes

While that's happening, we're going to go and create the next one

And a lot of these you can actually create through Visual Studio, Visual Studio Code, or JetBrainsRider

I'm just creating it here to show how you can do it in the portal

But you can also, as Mustafa mentioned, you know, the real way you want to create infrastructure is through scripts using something like Terraform or the Azure Resource Manager

So it's repeatable and you don't make mistakes. But I like to learn from the, I like to learn from scratch

So this is the way I'm showing everyone else how to do it

LA-web-app, Docker, still the same 3.1. Too bad there isn't a way to just go and copy

I want an exact copy of this. Just change the name. And then it's going under the LA app

Click review and create. Click create. So once this is done, it's been eight minutes now

I've created an app server and I've created or in the process of creating two web applications to go there

So we're almost there. Next thing we want to do is create a SQL server instance

So I'm going to do new again and then search for Azure SQL

You can actually search for SQL. Click create. Now, this one's the creation experience is a little bit different

It really just depends on your experience. But for this one, there's three different offerings that you have for SQL Server

There's SQL databases where I just want to create a database. I want to create a managed instance, meaning Microsoft slash Azure

You're going to manage everything about this. This is typical when you want to grab an existing on-prem database and just say, here, Microsoft, you manage it

And then the SQL virtual machines is you really control everything about it

You get a machine that has SQL server preloaded. You're responsible for the operating system updates, any updates to SQL server

Easy demo, easy app. I'm going to go with SQL databases. First, we want to create a database server because we need the database server to host the database

And it defaulted to Presentations India because the last talk I was giving was supposed to be at C Sharp Corner in India

And that's why that resource group is selected. So let's go, what do I call it

A lap around Azure. And we are going to give it a database name

Let's call it LA SQL. server. You notice I use law because when you're looking at the resources, it kind of sorts them

for you by application. You can also do that by resource group, but this for me

does a little bit better. Now, you need to create an equivalent server administrator. And if you

notice in the text, it says that this needs to be something other than a typical name. You can't

use admin, administrators, SA, root, or anything that's commonly there. What they're trying to do is reduce the vector for your attacking

So I'm going to use jguedagno. And then for a password, type in something that you're going to remember

I use something like LastPass for my password so I can generate it

Since this is a demo here, I am going to use the typical demo password of password1

And it doesn't matter that you know because I am going to destroy these instances right after the talk is done

So I'm going to do review and create. This one takes a little bit longer to do because it has to create a new virtual machine or find one that's available, throw it on there, and get it ready for you

So while that is happening oh there it is It done That was quick Oh no it was just accepted So we are going to get ready to next step is install the database to it So we got the actual server We going to want to put our context database out here

Luckily, I have scripts for all that. So you're just going to see me copy and paste when we're ready

And this is just a lot of filler talk right now while this creates

I've thought about actually creating the database behind the scenes and just having it ready

but I thought it was important to see it. And I was able to pass the time enough to do it

So now I'm here. I can see everything there is about the database. I'm going to choose Create Database

And then it already has the subscription and resource selected, looking for a database name

So I am going to call it Context. Then you need to choose the database like we did with the app server

and the server itself, what kind of throughput do you want? The default is this general purpose one, which is a whopping $380 to run

If you go to like the most business critical, you're talking thousands of dollars an hour to run these

For our example, we are going to use just the basic and start off with the minimum of 100 megs because there's really nothing there

And that puts us around. $5. I click apply, review and create, create, and this should only take a couple of seconds

a minute at tops to create. Once it creates, we'll go to the resource page to get the basic

connection info for it. Now it should be something like la-sql-server.azurewebsites

or databases.azurewebsites. I forget the full syntax, but we'll see it here

once this deployment step is done. And then we will jump over to Rider and do our database connections to get ready for the actual connection

So come on, come on, come on, Azure. It's always awkward when it's trying to run and you're in there

Let's see. Oh, my green screen cut out. Okay, now it's done

So let's go back to the code. Let's copy this out because we need the server name

So I'm going to hit copy. Go to Rider, and Rider has a built-in database explorer

So let's go and create a new one. You can also do it from their Azure Explorer

like you would do in SQL Server. Click on the SQL databases

Give it a second to refresh. And it should appear with seven or eight different databases, five of them

So this is the one we recently created, and I want to connect to the contacts

So I'm going to right-click and choose Connect to Database and try to log in

And the reason why I said try to log in is because the login is going to be unsuccessful

There's a reason for that. So as soon as I hit connect, I should try in a couple seconds

and then I'll get this message here that says this is specific database user password combination

is rejected by the server, cannot open server, client with IP address is not

and then blah, blah, blah, essentially saying that, I did not allow, excuse me, or authorize this database to connect, which is true

Azure has a built-in firewall to SQL databases that only allow specific connections

So we are going to create a server firewall rule. If you notice within Azure or within Rider, if you were watching, where did it go

So when I right-clicked here, there was a set firewall rule, which allows you to do that

But I'm going to do it here only because there's another change we need to make. So set firewall rule

And then there's a simple add client IP right here that you'll click

But you'll notice below it adds in a client IP address, which is my public IP

And what I typically do is just put in a name for it here, like home connection, just so I know in case there's other

Now, later on, we're going to want to expose this application or this database to other Azure services

So we're going to want to check this box here or say allow Azure resources and services to access this server

So I'm going to click yes to those and that just saves us a step later on

so now that that is done let's go back to our application

and choose okay to see if it works now i probably have to retype the password

did i get the password wrong I did this the other day

I got the password wrong multiple times. And it looks like I got it wrong again

If I get it wrong, I'll just show you how to reset it

Test connection. Yep, I got it wrong. Oh, it still says the firewall was not there

The change probably didn't happen yet. Save. There it goes. Usually it doesn't take that long to actually save

So now let me go back. It wasn't me mistyping the password

It was just Azure. It was not ready for me. I click OK

Test passed successfully. I click OK. And I am ready to access database

There is nothing there. So I am going to run a couple of scripts just to get our database there

So let's open a query console. You can do this in SQL Server Manager, Azure Data Studio, Visual Studio Code, whatever your poison is

You can even actually do this online in Azure So I am going to run a quick test And my eyes are looking at a different screen

because I am copying some text. So this is everything we need to do to create the schema

I could have done a backup and a restore, but that's pretty complicated

I want to make this sample something that everyone could follow. So you can recreate this database and everything as needed

So in a couple of seconds, we're done. Now I want to create the user

So for that, there's two steps for creating the user. So let's get rid of all this text

It's the user. This needs to be done in master. Don't worry about password

Like I said, I'm deleting this database and everything else after this talk

Click run. That's done. Now I want to create a local user and give it the rights

The reason why these are done in multiple scripts is because the Azure client doesn't support

the Azure database doesn't support you being able to change databases on the same connection

So what's happening behind the scenes is writer in this particular case is creating a new connection because I am changing the database that I'm going to, as you kind of noticed here

So I can't do any use statements inside of the IDE. And I do this

Our user's created. It's got DB reader and write access. I do this so that it doesn't have the super SA user to it

Now the last step is for me to populate it with some data

And I'm only populating two of the tables with it. If I can only copy the text

you'll see we're populating the context table and the phone table. Control A to run them all

Run it. So now it's done. So now I have the database up there. Database is populated. I should be able to come here and do jump to query and let's do a new one and do select star from contacts

and should see I have four or five contacts in there. So database is good, and this is going out to the cloud

So now that we are done with that, the next step for us is to publish the API

Now, publishing the API, there's four or five or six or seven different thousand ways of doing it

I like to try to stay within my environment. So here I'm staying within Rider, just like you can stay within Visual Studio Code or Visual Studio proper and do it

There is an ability for me to right click and choose publish, which is what I'm going to do now

And then there is a publish to Azure, which I am going to pick

and then it wants to know if I'm going to use an existing app or create a new web app

So this is where I could have actually created those web apps ahead of time

or not created them, but actually created them physically from here. So if I expand this dialog box a little bit, you'll see all the different applications

And I should see LA API app right there. and I am going to open it in a browser after publish and click run

And then you'll notice down here, it's starting to build it. Now it's building a zip using the Azure resource API

It's going to upload that zip and then it'll give me a URL that I could get to

to validate it works. so I think I clicked open it up but if not let's go and open it up and if I configured it correctly

it should fail and it does fail and it fails for a reason problem is there's no settings to it so

it doesn't know what to connect to the database because I have our I have all the app settings

as blank in production because I want us to create them on the server

and I don't want them checked into source at all. So this is just the shell for Visual Studio or .NET Core to be able to access them

So we're going to go and do all the settings afterwards. Let's go and migrate the web app and then do the same step for that

Do publish, publish to Azure, search for that web branch, which should be the next one down from here

And then do run. This time I'm not going to select open in browser because we know it's going to fail

So while that's happening, let's go back to the portal. and take a quick look at some of the settings that we need to change

Here's the portal. So we're going to go to home and then look for La app

which is not in my most recent, which is weird because it was most recent

but I don't understand the real how that works. But if I click on apps here, I should be able to get to it pretty easy

And then the configuration is here. And you'll notice you get like a grid-like look to create

And pardon me, to save some time, I am going to copy and paste some of that data

So the only one we really need for this is a new connection string that we will call contacts database SQL server

And then if I have everything else correct, I'm going to paste this string, but the password is different in this one

I didn't put it in the zero. And then choose SQL server

I'll show you where to get this. It's pretty easy to get that connection string

Azure actually provides it. So if I do open a new tab

just so we don't lose our place there, and go through some of the connections

I can click there for contacts. There is a show connection strings right here

where I can click copy and it'll copy the ADN Go.net or the ASP way of connecting

But I had it on the clipboard because we've already used it before

I think that's all the connections we need for this. So let's click save

Click continue. As a result of the save, it's going to restart the database

Or sorry, restart the API app. Once that's done, I can come back to this page where we tried to view it

And then do contacts because that's the endpoint name. Try it. And if I got everything correct in the first shot, which would be a first

we should have access to it. And it says this page can't currently handle the request, and I get a 500 error

So let's see if it actually already refreshed. Let's make sure our database string is correct

Oh, it did not work. because actually no, the API should have worked. So let's take a quick look. While you're testing

it's easy to do something like this. So I am changing my environment to say development. This

will give me that old typical yellow screen of death that used to get with ASP.net core or ASP.net

but they didn't like the color yellow. So they went away from that. So I'm going to click save

continue. Now I'm pretending it's a development environment, which kids don't try this at home

You shouldn't do when you are working in a real app. We're just doing this to kind of show you a

debugging way of testing when you're not in prod and to figure out what I missed

Takes a second because it's got to re-spin up the service. and the login failed for contact users

I must have the password wrong. Let's see what I did for the password

Oh, I created a user with a password. So I did have the right password

I changed it in the connection string, which I shouldn't have. My apologies

So let's go back to our Azure portal. Change this. I thought I actually changed this code, but we didn't

So I'm going to click edit. And this password really is password Now there other ways of doing it You can use managed identity but I didn want to throw too many new things at you all at once So let hit save continue While that goes

I'm going to do a quick peek over to see if they want me to wrap up since we're getting into

the time that my talk was supposed to be done. And so far, no comments from them

So let's go back here, do a refresh. And if everything is fine, I should be able to connect

And there, now I have my API. So let's get the database working

We got the database working. Let's get the API up for the web app

up and it should need like two more minutes to do this and then we're going to have to create a blob

container for this to work so let's go to publish we actually already published it we need to do the

permissions for it where are you that one let's go to home choose our app service plan since the web is not there

choose web. This one needs a couple of more points. So I need to create a setting called

API root. So let's go to configuration. There is a way you can do this through the ID. It's just

a little bit hard to do in Rider. In Visual Studio, you can right-click and upload them all

which is a nice little feature. But again, your users should not really know

so these connections should be in Azure App Configuration. I think it's called Azure Configuration Service now, or in Key Vault

But since this is a demo, we break all the rules in a demo

We're going to leave this blank for now because we don't have the storage account created

Then we need to create the container name setting. And then this is going to be contact-images

As you can see I done this demo once or twice We have different IntelliSense coming up And then the last one is image URI

And this wants the fully connected string. So I am hoping this is available so I don't have to come back and type it

I hit save. I still can't run it because this app is dependent on having the blob storage

So let's go and create a blob storage really quick. So I'm going to do new storage, storage account, create

And then you get a lot of the same stuff. And let's do what I call it, lost storage

It's now fancy, or it's French. and then we're going to choose standard storage

The only thing we're going to change is this read access. All these options, like everything else, have a cost incurred to it

This is the cheapest and most cost-effective option. You have an option of cold or hot

If you're planning any real-time access to data, you want hot. Cold is for things like archives, backups

and things you don't need like instantaneous response for. So I'm going to click review and create validation passes

So now I just create it. Man, I feel like I'm talking a thousand miles a minute

Once this is done, we're going to create the container and then create the blob

Then I'm going to copy out the access tokens to it and provide that to the application

then we should be good to go so we're good here let's go to containers and then create a container

and then we call this container i think it was contact images

contact image oh we got to do it here contact dash images and public access level for now

because we want to access this directly from the browser we're going to choose blob anonymous read

only typically you'd want private and then set up the azure identity to have access to it but

because we are running out of time and that's a little bit more complicated

We're just going to create that. Now in order to get that we need to have an access key So I am going to copy this An access key is kind of like the credentials If you think in the OAuth way this says I authorize this user

Don't try this at home. Don't ever give out both your keys. You only get two keys. If one gets

stolen, you have to kind of regenerate them. But like I said, everything from this resource is going

to be disabled once I do it, so I don't mind that everyone sees it right now. Now I'm going to go

and edit this based in the code. Click OK. Click Save. Now if I configured everything right

if I go to the viewer app, which should be this web app, I'm going to go to the overview

and click on the API, fingers crossed. It loads, it loads. I click containers or I click contacts

That goes out to the database. Right now, this is calling the API, which is calling the service and did it

Let's go and edit a picture. I should get a contact here

As you see, last time I tested this was local host. So let's go and browse and upload

and let's pick Monopoly, Joe. My team loves to Photoshop my face into different pictures

I click Upload, and there is Monopoly Man that is now in the container

And where are we? If we go to More Tools, Developer Tools

if I inspect this element, you should see here that it is coming

from lawstorage.blob.core.azure.net slash contact images. So it saved it, uploaded it, pulled it into its own container

and it is good to go. Steve and I are ready to be joined back into the talk

I will be bringing all of this back to on GitHub over the weekend

So you will have access to the code and the scripts to try this out for yourself

Thank you