enquiries@dvt.co.uk |  +44 020 3422 3400
Media

Insights

Trends and insights making an impact in your digital transformation journey.

5 key tips for designing and developing applications on Azure
Muhammed Baderdien

5 key tips for designing and developing applications on Azure

There are many principles to look at when designing and developing applications on Azure. To ensure software quality and architecture excellence when building solutions on the Microsoft Azure Cloud, these five tips can be used as guidelines to ensure that they are scalable, resilient, and highly available. To summarise, these 5 tips are:


  • Security
  • Costs
  • Scalability
  • Resiliency
  • DevSecOps

These tips are also a good starting point for application modernisation using the Microsoft Azure Cloud.


Security

Security should be thought about throughout the entire lifecycle of an application, from design and implementation to deployment and operations.


Build security into your application and your DevSecOps processes.


Add an Azure Web Application Firewall in front of internet-facing applications.


Consider using Azure Active Directory (Azure AD) to authenticate and authorise users.


For consumer-facing applications, consider using Azure Active Directory B2C which lets users authenticate with their existing social accounts, or create a new user account that is managed by Azure AD.


In general, the security best practices for application development still apply in the cloud. These include using SSL everywhere, protecting against CSRF and XSS attacks and preventing SQL injection attacks, etc.


Cloud applications often use managed services that have access keys. Never check these into source control. Consider storing application secrets in Azure Key Vault.


When developing Azure solutions, for security please see below the cloud design patterns:


  • Federated Identity - Delegate authentication to an external identity provider.
  • Gatekeeper - Protect applications and services by using a dedicated host instance that acts as a broker between clients and the application or service, validates and sanitizes requests, and passes requests and data between them.
  • Valet Key - Use a token or key that provides clients with restricted direct access to a specific resource or service.
Costs

Plan with cost in mind. Before you deploy cloud resources, assess the following items:


  • The Azure offer that best meets your needs
  • The resources you plan to use
  • How much they might cost

Select the best Azure configuration for your situation with cost in mind. When you are designing a cloud solution, focus on generating incremental value early.


Apply the principles of Build-Measure-Learn, to accelerate your time to market while avoiding capital-intensive solutions.


Use the pay-as-you-go strategy for your architecture, and invest in scaling out, rather than delivering a large investment first version.


Consider opportunity cost in your architecture and the balance between first-mover advantage versus "fast follow".


Use the Azure pricing calculator to estimate the initial cost. Establish policies, budgets, and controls that set cost limits for your solution.


Finally, use Azure Serverless components like Azure Functions, Azure SQL Serverless where possible to gain cost optimisation.


Scalability

Scalability is the ability of a system either to handle increases in load without impact on performance or for the available resources to be readily increased.


Cloud applications typically encounter variable workloads and peaks in activity.


Predicting these, especially in a multi-tenant scenario, is almost impossible. Instead, applications should be able to scale out within limits to meet peaks in demand and scale in when demand decreases.


Use Azure Serverless components like Azure Functions, Azure SQL Serverless where possible to gain scalability.


When developing Azure solutions, for performance and scalability please see below the cloud design patterns:


  • Cache-Aside - Load data on demand into a cache from a data store
  • Choreography -Have each component of the system participate in the decision-making process about the workflow of a business transaction, instead of relying on a central point of control.
  • CQRS - Segregate operations that read data from operations that update data by using separate interfaces.
  • Event Sourcing - Use an append-only store to record the full series of events that describe actions taken on data in a domain.
  • Geodes Deploy - backend services into a set of geographical nodes, each of which can service any client request in any region.
  • Index Table - Create indexes over the fields in data stores that are frequently referenced by queries.
  • Materialized View - Generate prepopulated views over the data in one or more data stores when the data isn't ideally formatted for required query operations.
  • Priority Queue - Prioritize requests sent to services so that requests with a higher priority are received and processed more quickly than those with a lower priority.
  • Queue-Based Load Leveling -Use a queue that acts as a buffer between a task and a service that it invokes to smooth intermittent heavy loads.
  • Sharding - Divide a data store into a set of horizontal partitions or shards.
  • Static Content Hosting - Deploy static content to a cloud-based storage service that can deliver them directly to the client.
  • Throttling - Control the consumption of resources used by an instance of an application, an individual tenant, or an entire service.
Resiliency

Resiliency is the ability of the system to recover from failures and continue to function. The goal of resiliency is to return the application to a fully functioning state after a failure occurs.


Instead of trying to prevent failures altogether, the goal is to minimize the effects of a single failing component.


Resiliency is closely related to availability.


When designing an application to be resilient, you must understand your availability requirements, such as:


  • How much downtime is acceptable?
  • How much potential downtime will cost your business?
  • How much should you invest in making the application highly available?

When developing Azure solutions, for resiliency please see below the cloud design patterns:


  • Bulkhead - Isolate elements of an application into pools so that if one fails, the others will continue to function.
  • Circuit Breaker - Handle faults that might take a variable amount of time to fix when connecting to a remote service or resource.
  • Compensating Transaction - Undo the work performed by a series of steps, which together define an eventually consistent operation.
  • Health Endpoint Monitoring - Implement functional checks in an application that external tools can access through exposed endpoints at regular intervals.
  • Leader Election - Coordinate the actions performed by a collection of collaborating task instances in a distributed application by electing one instance as the leader that assumes responsibility for managing the other instances.
  • Queue-Based Load Leveling - Use a queue that acts as a buffer between a task and a service that it invokes to smooth intermittent heavy loads.
  • Retry - Enable an application to handle anticipated, temporary failures when it tries to connect to a service or network resource by transparently retrying an operation that's previously failed.
  • Scheduler Agent Supervisor - Coordinate a set of actions across a distributed set of services and other remote resources.
DevSecOps

To ensure that your Azure application is running effectively over time, consider the processes that you implement to make sure that your users are getting the right experience.


Maintain a production-like environment as this will help when you run into issues in production and you want to release hotfixes or updates quickly. If you follow some of the best practices like Infrastructure as Code (IaC) and CI/CD processes you can easily spin up or tear down your environment as required.


Deployments must be reliable and predictable. They should be automated to reduce the chance of human error. They should be a fast and routine process, so they don't slow down the release of new features or bug fixes.


You must also be able to roll back or roll forward if an update has problems.


Use Blue-Green deployments to minimise downtime and risk.


Testing is one of the fundamental components in DevOps and agile development in general. If automation gives DevOps the required speed and agility to deploy software quickly, only through extensive testing, will those deployments achieve the required reliability that customers demand.


When designing a DevSecOps process consider Business Governance processes and build it into the pipeline.


Below is a sample DevSecOps pipeline that can be of great value to any development team small or large:



When developing Azure solutions, for management and monitoring please see below the cloud design patterns:


  • Ambassador - Create helper services that send network requests on behalf of a consumer service or application.
  • Anti-Corruption Layer - Implement a façade or adapter layer between a modern application and a legacy system.
  • External Configuration Store - Move configuration information out of the application deployment package to a centralised location.
  • Gateway Aggregation - Use a gateway to aggregate multiple individual requests into a single request.
  • Gateway Offloading - Offload shared or specialized service functionality to a gateway proxy.
  • Gateway Routing - Route requests to multiple services using a single endpoint.
  • Health Endpoint Monitoring - Implement functional checks in an application that external tools can access through exposed endpoints at regular intervals.
  • Sidecar - Deploy components of an application into a separate process or container to provide isolation and encapsulation.
  • Strangler - Incrementally migrate a legacy system by gradually replacing specific pieces of functionality with new applications and services.

I have found great benefit in using the above tips when designing and deploying solutions to Azure.


I hope you’ve found the information useful, and gain value from using these tips to design and deploy applications on Azure that are scalable, resilient, and highly available.