SlideShare a Scribd company logo

Azure App configuration

M
Muhammad Sajid

Use App Configuration to store all the settings for your application and secure their accesses in one place. Centralize management and distribution of hierarchical configuration data for different environments and geographies Dynamically change application settings without the need to redeploy or restart an application At the core its a key-value store Supports history Great fit for Event-driven microservices architecture Control feature availability in real-time Cloud Native Implementation of the “External configuration store” pattern https://www.meetup.com/Stockholm-Azure-Meetup/events/265524268/

Software
1 of 73
Download to read offline
#StockholmAzure Meetup Sponsors
Who am I ? • Lead Cloud Solutions Architect at PwC Sweden • Leading Cloud Center for Enablement and Cloud-native transformation initiative for the organization. • Architecture Council at PwC • Microsoft Azure Advisory group • Blogger https://www.msajid.cloud/ • Speaker (Swetugg, APIDays, Azure meetup) • Badminton • Photography • Ping pong 2 https://www.linkedin.com/in/musa/ https://twitter.com/sajid_nazeer
Azure App Configuration and Feature management Presentation by Muhammad Sajid November 2019
1. What is Azure App Configuration and why should you care 2. Using App Configuration in .NET Core, ASP.NET Core and Azure Functions 3. Integration with Azure Key Vault and Event Grid 4. High Availability -> replication and failover using import/export feature 5. Using App Configuration in Azure DevOps 6. ETA and Pricing 7. Feature management 8. Key Takeaways 4
What is Azure App Configuration 1
What is Azure App Configurationhttps://docs.microsoft.com/en-us/azure/azure-app-configuration/overview 6 • Centralize management and distribution of hierarchical configuration data • At the core its a key-value store • Great fit for Event-driven microservices architecture • Control feature availability in real-time • Cloud Native Implementation of the “External configuration store” pattern
Why should we care • Cloud Native applications are mostly polyglot Microservices (with different programming languages, technology stacks etc) but every Micoservice needs some kind of configuration • According to 12 factor App, It is recommended to separate Configuration from the Code https://12factor.net/config https://content.pivotal.io/blog/beyond-the-twelve-factor-app 7 App Configuration supports: • Namespaces • Labeling • Extensive queries • Batch retrieval • History • feature-management • Event-driven Architecture Author: Kevin Hoffman https://learning.oreilly.com/library/view/beyond-th e-twelve-factor/9781492042631/ Author: multiple authors https://www.amazon.in/Cloud-Native-Transforma tion-Pini-Reznik/dp/1492048909
Configuration information out of the application deployment package to a centralized location. This pattern is useful for: • Shared configuration between multiple applications or multiple instances of the same application. • A standard Key-Value configuration system • Simplify administration and monitoring of configuration settings External Configuration Storehttps://docs.microsoft.com/en-us/azure/architecture/patterns/external-configuration-store 8
9 Search App Configuration in Azure Portal and Create Creating the resource
10 Name should be globally unique Choose subscription, resource group and location
11 Endpoint to use Configuration and feature management Import/export configuration
12 Use read-only keys
13 https://docs.microsoft.com/en-us/azure/azure-app-configuration/cli-samples
14 Resource type Microsoft.AppConfiguration/configurationStores Api Version 2019-02-01-preview
Using Azure App Configuration in .NET Core, ASP.NET Core and Azure Functions 2
16 .NET Core Add nuget package Microsoft.Extensions.Configuration.AzureAppConfiguration
17 ManagedIdentity or Connect with Connection string Key to watch and if changed refresh everything
18 KeyVault client using ManagedIdentity for fetching secrets using Configuration provider Configuration and KeyVault client Glue Namespace/prefix to watch Trigger refresh only when sentinel is changed to avoid splicing
19 Role of a Sentinel • Sentinel is just another key-value item in the App Configuration • It is used as a signal for configuration provider client that one or more properties have changed • Sentinel or any other configuration item will only be checked for changes if cache has expired. Cache expiry is 30 seconds by default
20 Use Managed Identity Same identity will work with fetching Key Vault Secret ASP.NET Core
21 Middleware responsible for refreshing the configuration based on activity
How does configuration Refresh works at runtime? 22 Timer-based watch (Old design) • Configuration was kept in sync with Azure App Configuration using a watch mechanism which ran on a timer. Flaws • On-demand invocation not possible. • Background activity even in the dormant application instances. • Polling Activity-based watch (New design) • Uses a middleware to determine activity • Works only in ASP.NET (middleware dependency) https://devblogs.microsoft.com/aspnet/redesigning-configuration-refresh-for-azure-app-configuration/?WT.mc_id=cloudnative-ch9-shboyer
Activity based refresh 23
24 Azure Functions Use Azure functions Dependency injection to configure Azure App Configuration
25 Inject Settings using IOptionsSnapshot
26 Create a separate refresh function to refresh configuration. Refresh will only happen when Cache has expired
Integration with Azure Key Vault and Event Grid 3
Azure Key Vault Integration 28 https://github.com/Azure/AppConfiguration-Announcements/issues/1#issue-504279728 October 8, 2019 Lisa Guthrie Senior Program Manager
Azure Key Vault Integration 29 https://github.com/Azure/AppConfiguration-Announcements/issues/1#issue-504279728 • App Configuration and Key Vault are complementary services • App Configuration allows you to create Keys that reference value of Key Vault secrets • App Configuration stores the Uri or the secret not the Value • Client providers detect the key as a Key Vault secret and use Key Vault client to retrieve the actual value of the secret • App Configuration and Key Vault does not communicate to each other automatically Lisa Guthrie Senior Program Manager
30 App Configuration provider uses KeyVault client under the hood to fetch the value for a secret. Refresh works for both App Configuration Items and Key Vault Secret Use App Service token provider to get token for Accessing Key Vault
31 App Configuration provider will not know if you delete a secret from Key Vault until you restart. For running instances it will not crash or reload other configuration items.
32 How to handle transient errors?https://docs.microsoft.com/en-us/azure/architecture/best-practices/transient-faults • Due to the distributed nature of the cloud, transient faults are very common • Handling transient errors is very important for the building resilience applications • Use Polly to add retry policy while refreshing
33 Polly integration for Transient errors using custom refresh middleware Add Polly nuget package
34 Program.cs Configure App Configuration as usual
35 Startup.cs User custom middleware with Retry logic
36
37 • Storing data in a different store and passing a reference to the original data along. The receiver is responsible for retrieving original data from the store (in this case from Key Vault). • The pattern can also be used if the payload should be accessed only by services that are authorized to see it. (Skinny payload) Claim check? Also known as Reference-Based Messaging https://www.enterpriseintegrationpatterns.com/patter ns/messaging/StoreInLibrary.html https://docs.microsoft.com/en-us/azure/architecture/ patterns/claim-check Reference: {"uri":"https://abc1234keyvault.va ult.azure.net/secrets/testsecret"} Content Type: application/vnd.microsoft.appcon fig.keyvaultref+json;charset=utf-8
Event Grid Integration 38
39
40
High availability 4
Import/Export 42
43 Event-driven Sync • Use Event-Grid to receive changes and replicate configuration items to secondary store • Use special Sync sentinel if you want to control sync • Use App Configuration SDK to replicate configuration items using C#
Configure Event-Grid for Receiving Sync Sentinel signal 44
Configure Event-Grid for Receiving Sync Sentinel signal 45 Apply a filter to receive events only when Sync Sentinel is changed. Filter on subject suffix match You can specify empty labels as %00 Api-version is always included
Receive Events in a Bus, Storage or directly to an Azure Function 46 User App Configuration SDK to manage key-value pairs and you can use ConfigurationClient to replicate primary store to secondary store
47 Replicator function takes primary and secondary connection. Replicate only when you receive “Sync Sentinel” trigger via Event Grid string primaryConnection = "Endpoint=https://abc1234configstore.azconfig.io;Id=XXXX;Secret=YYYYYYY"; var primary = new ConfigurationClient(primaryConnection);
48
Azure DevOps Integration 5
Install App Configuration Task 50
51
52
ETA and Pricing 6
GA and Pricing Azure App Configuration Service is planned to be Generally available in January 2020 54 October 26, 2019 Lisa Guthrie Senior Program Manager
PwC 55 Free Standard Stores 1 / subscription Unlimited Keys 1000 or 1MB / store 20000 or 1GB / store History 7 days 30 days Requests / day 1000 Unlimited SLA N/A 99.9% Cost Free US$1.20/day + any additional changes at US$0.06/10000 requests ETA and Pricing Azure App Configuration Service is planned to be Generally available in January 2020
7Feature management
57
58
59
60
8Key takeaways
• Group keys using Prefixes and Labels • Design hierarchical namespaces • Always set a Content-Type • Use Sentinel to avoid splicing 62
63 Jimmy Campbell • Use Labels as an extra dimension for organizing/grouping settings
• Create separate stores if you want to separately control the permissions • If permission is not a concern then use one multi-tenant store
• Another reason to have multiple stores would be for disaster recovery https://docs.microsoft.com/en-us/azure/azure-app-configuration/concept-disaster-recovery
• Beware of the key storage and request limitations per store • Beware of limitations of creating multiple stores per subscription 66
• It is ok to store a secret in App Configuration but use Key Vault which is designed for this use case. 67
• Beware of the configuration stacking 68
• If an environment does not have possibility to fetch configuration at runtime (possibly due to a firewall) then inject the configuration using Azure DevOps 69
• Listen to configuration changes using Azure Event Grid and react accordingly • Use managed identity for authentication 70
• Sync configuration to multiple stores for high availability and disaster recovery • If you have a Key Vault referenced key you must add permission to Key Vault for both stores • Use Sync Sentinel 71
72 Questions
PwC Presentation Title [View > Master and edit/delete on very top slide master] Date [View > Master and edit/delete on very top slide master] 73 References: Icons @SandroPereira -> repo, blog | @Azurekid -> repo | @BenCodeGeek -> project | @David Summers -> repo Documentation https://docs.microsoft.com/en-us/azure/azure-app-configuration/ Feedback page https://feedback.azure.com/forums/920545-azure-app-configuration GitHub https://github.com/Azure/AppConfiguration/ Slack https://aka.ms/azconfig/slack Announcements https://github.com/Azure/AppConfiguration-Announcements CloudNativeShow episode https://www.youtube.com/watch?v=DJqmA5PcfzE DOTNETConf https://www.youtube.com/watch?v=zRstfC3Nn7M Thank you https://www.linkedin.com/in/musa/ https://twitter.com/sajid_nazeer

Recommended

Introduction to Azure Functions
Introduction to Azure FunctionsIntroduction to Azure Functions
Introduction to Azure FunctionsCallon Campbell
 
Exposing services with Azure API Management
Exposing services with Azure API ManagementExposing services with Azure API Management
Exposing services with Azure API ManagementCallon Campbell
 
Azure Application insights - An Introduction
Azure Application insights - An IntroductionAzure Application insights - An Introduction
Azure Application insights - An IntroductionMatthias Güntert
 
Centralized configuration with azure app configuration
Centralized configuration with azure app configurationCentralized configuration with azure app configuration
Centralized configuration with azure app configurationCallon Campbell
 
Service Mesh - Observability
Service Mesh - ObservabilityService Mesh - Observability
Service Mesh - ObservabilityAraf Karsh Hamid
 
Azure Governance
Azure GovernanceAzure Governance
Azure GovernanceBenjamin Hüpeden
 
0 to hero with Azure DevOps
0 to hero with Azure DevOps0 to hero with Azure DevOps
0 to hero with Azure DevOpsChristos Matskas
 
OpenAPI 3.0, And What It Means for the Future of Swagger
OpenAPI 3.0, And What It Means for the Future of SwaggerOpenAPI 3.0, And What It Means for the Future of Swagger
OpenAPI 3.0, And What It Means for the Future of SwaggerSmartBear
 

Recommended

Introduction to Azure Functions
Introduction to Azure FunctionsIntroduction to Azure Functions
Introduction to Azure FunctionsCallon Campbell
 
Exposing services with Azure API Management
Exposing services with Azure API ManagementExposing services with Azure API Management
Exposing services with Azure API ManagementCallon Campbell
 
Azure Application insights - An Introduction
Azure Application insights - An IntroductionAzure Application insights - An Introduction
Azure Application insights - An IntroductionMatthias Güntert
 
Centralized configuration with azure app configuration
Centralized configuration with azure app configurationCentralized configuration with azure app configuration
Centralized configuration with azure app configurationCallon Campbell
 
Service Mesh - Observability
Service Mesh - ObservabilityService Mesh - Observability
Service Mesh - ObservabilityAraf Karsh Hamid
 
Azure Governance
Azure GovernanceAzure Governance
Azure GovernanceBenjamin Hüpeden
 
0 to hero with Azure DevOps
0 to hero with Azure DevOps0 to hero with Azure DevOps
0 to hero with Azure DevOpsChristos Matskas
 
OpenAPI 3.0, And What It Means for the Future of Swagger
OpenAPI 3.0, And What It Means for the Future of SwaggerOpenAPI 3.0, And What It Means for the Future of Swagger
OpenAPI 3.0, And What It Means for the Future of SwaggerSmartBear
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices Nebulaworks
 
DevSecOps Basics with Azure Pipelines
DevSecOps Basics with Azure Pipelines DevSecOps Basics with Azure Pipelines
DevSecOps Basics with Azure Pipelines Abdul_Mujeeb
 
Azure API Management
Azure API ManagementAzure API Management
Azure API ManagementDaniel Toomey
 
Azure DevOps Complete CI/CD Pipeline
Azure DevOps Complete CI/CD PipelineAzure DevOps Complete CI/CD Pipeline
Azure DevOps Complete CI/CD PipelineNicolas Benjamin Cruz Carpio
 
Azure devops
Azure devopsAzure devops
Azure devopsMohit Chhabra
 
Centralized Configuration Management for the Cloud with Azure App Configuration
Centralized Configuration Management for the Cloud with Azure App ConfigurationCentralized Configuration Management for the Cloud with Azure App Configuration
Centralized Configuration Management for the Cloud with Azure App ConfigurationKasun Kodagoda
 
CI/CD on Google Cloud Platform
CI/CD on Google Cloud PlatformCI/CD on Google Cloud Platform
CI/CD on Google Cloud PlatformDevOps Indonesia
 
Devops insights
Devops insightsDevops insights
Devops insightsMohammad Imran Ansari
 
Tour of Azure DevOps
Tour of Azure DevOpsTour of Azure DevOps
Tour of Azure DevOpsCallon Campbell
 
Azure Storage
Azure StorageAzure Storage
Azure StorageMustafa
 
The Power of Azure DevOps
The Power of Azure DevOpsThe Power of Azure DevOps
The Power of Azure DevOpsJeff Bramwell
 
Logic Apps and Azure Functions
Logic Apps and Azure FunctionsLogic Apps and Azure Functions
Logic Apps and Azure FunctionsDaniel Toomey
 
Microservices Architecture & Testing Strategies
Microservices Architecture & Testing StrategiesMicroservices Architecture & Testing Strategies
Microservices Architecture & Testing StrategiesAraf Karsh Hamid
 
Azure App Service
Azure App ServiceAzure App Service
Azure App ServiceBizTalk360
 
Building an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance ModelBuilding an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance ModelKarl Ots
 
Stephane Lapointe: Governance in Azure, keep control of your environments
Stephane Lapointe: Governance in Azure, keep control of your environmentsStephane Lapointe: Governance in Azure, keep control of your environments
Stephane Lapointe: Governance in Azure, keep control of your environmentsMSDEVMTL
 
Infrastructure is code with the AWS CDK - MAD312 - New York AWS Summit
Infrastructure is code with the AWS CDK - MAD312 - New York AWS SummitInfrastructure is code with the AWS CDK - MAD312 - New York AWS Summit
Infrastructure is code with the AWS CDK - MAD312 - New York AWS SummitAmazon Web Services
 
Agile, User Stories, Domain Driven Design
Agile, User Stories, Domain Driven DesignAgile, User Stories, Domain Driven Design
Agile, User Stories, Domain Driven DesignAraf Karsh Hamid
 
NashTech - Azure Application Insights
NashTech - Azure Application InsightsNashTech - Azure Application Insights
NashTech - Azure Application InsightsPhi Huynh
 
Introduction to Azure monitor
Introduction to Azure monitorIntroduction to Azure monitor
Introduction to Azure monitorPraveen Nair
 
Festive Tech Calendar 2022
Festive Tech Calendar 2022Festive Tech Calendar 2022
Festive Tech Calendar 2022Callon Campbell
 
Wellington MuleSoft Meetup 2021-02-18
Wellington MuleSoft Meetup 2021-02-18Wellington MuleSoft Meetup 2021-02-18
Wellington MuleSoft Meetup 2021-02-18Mary Joy Sabal
 

More Related Content

What's hot

A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices Nebulaworks
 
DevSecOps Basics with Azure Pipelines
DevSecOps Basics with Azure Pipelines DevSecOps Basics with Azure Pipelines
DevSecOps Basics with Azure Pipelines Abdul_Mujeeb
 
Azure API Management
Azure API ManagementAzure API Management
Azure API ManagementDaniel Toomey
 
Centralized Configuration Management for the Cloud with Azure App Configuration
Centralized Configuration Management for the Cloud with Azure App ConfigurationCentralized Configuration Management for the Cloud with Azure App Configuration
Centralized Configuration Management for the Cloud with Azure App ConfigurationKasun Kodagoda
 
CI/CD on Google Cloud Platform
CI/CD on Google Cloud PlatformCI/CD on Google Cloud Platform
CI/CD on Google Cloud PlatformDevOps Indonesia
 
Azure Storage
Azure StorageAzure Storage
Azure StorageMustafa
 
The Power of Azure DevOps
The Power of Azure DevOpsThe Power of Azure DevOps
The Power of Azure DevOpsJeff Bramwell
 
Logic Apps and Azure Functions
Logic Apps and Azure FunctionsLogic Apps and Azure Functions
Logic Apps and Azure FunctionsDaniel Toomey
 
Microservices Architecture & Testing Strategies
Microservices Architecture & Testing StrategiesMicroservices Architecture & Testing Strategies
Microservices Architecture & Testing StrategiesAraf Karsh Hamid
 
Azure App Service
Azure App ServiceAzure App Service
Azure App ServiceBizTalk360
 
Building an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance ModelBuilding an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance ModelKarl Ots
 
Stephane Lapointe: Governance in Azure, keep control of your environments
Stephane Lapointe: Governance in Azure, keep control of your environmentsStephane Lapointe: Governance in Azure, keep control of your environments
Stephane Lapointe: Governance in Azure, keep control of your environmentsMSDEVMTL
 
Infrastructure is code with the AWS CDK - MAD312 - New York AWS Summit
Infrastructure is code with the AWS CDK - MAD312 - New York AWS SummitInfrastructure is code with the AWS CDK - MAD312 - New York AWS Summit
Infrastructure is code with the AWS CDK - MAD312 - New York AWS SummitAmazon Web Services
 
Agile, User Stories, Domain Driven Design
Agile, User Stories, Domain Driven DesignAgile, User Stories, Domain Driven Design
Agile, User Stories, Domain Driven DesignAraf Karsh Hamid
 
NashTech - Azure Application Insights
NashTech - Azure Application InsightsNashTech - Azure Application Insights
NashTech - Azure Application InsightsPhi Huynh
 
Introduction to Azure monitor
Introduction to Azure monitorIntroduction to Azure monitor
Introduction to Azure monitorPraveen Nair
 

What's hot (20)

A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices
 
DevSecOps Basics with Azure Pipelines
DevSecOps Basics with Azure Pipelines DevSecOps Basics with Azure Pipelines
DevSecOps Basics with Azure Pipelines
 
Azure API Management
Azure API ManagementAzure API Management
Azure API Management
 
Azure DevOps Complete CI/CD Pipeline
Azure DevOps Complete CI/CD PipelineAzure DevOps Complete CI/CD Pipeline
Azure DevOps Complete CI/CD Pipeline
 
Azure devops
Azure devopsAzure devops
Azure devops
 
Centralized Configuration Management for the Cloud with Azure App Configuration
Centralized Configuration Management for the Cloud with Azure App ConfigurationCentralized Configuration Management for the Cloud with Azure App Configuration
Centralized Configuration Management for the Cloud with Azure App Configuration
 
CI/CD on Google Cloud Platform
CI/CD on Google Cloud PlatformCI/CD on Google Cloud Platform
CI/CD on Google Cloud Platform
 
Devops insights
Devops insightsDevops insights
Devops insights
 
Tour of Azure DevOps
Tour of Azure DevOpsTour of Azure DevOps
Tour of Azure DevOps
 
Azure Storage
Azure StorageAzure Storage
Azure Storage
 
The Power of Azure DevOps
The Power of Azure DevOpsThe Power of Azure DevOps
The Power of Azure DevOps
 
Logic Apps and Azure Functions
Logic Apps and Azure FunctionsLogic Apps and Azure Functions
Logic Apps and Azure Functions
 
Microservices Architecture & Testing Strategies
Microservices Architecture & Testing StrategiesMicroservices Architecture & Testing Strategies
Microservices Architecture & Testing Strategies
 
Azure App Service
Azure App ServiceAzure App Service
Azure App Service
 
Building an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance ModelBuilding an Enterprise-Grade Azure Governance Model
Building an Enterprise-Grade Azure Governance Model
 
Stephane Lapointe: Governance in Azure, keep control of your environments
Stephane Lapointe: Governance in Azure, keep control of your environmentsStephane Lapointe: Governance in Azure, keep control of your environments
Stephane Lapointe: Governance in Azure, keep control of your environments
 
Infrastructure is code with the AWS CDK - MAD312 - New York AWS Summit
Infrastructure is code with the AWS CDK - MAD312 - New York AWS SummitInfrastructure is code with the AWS CDK - MAD312 - New York AWS Summit
Infrastructure is code with the AWS CDK - MAD312 - New York AWS Summit
 
Agile, User Stories, Domain Driven Design
Agile, User Stories, Domain Driven DesignAgile, User Stories, Domain Driven Design
Agile, User Stories, Domain Driven Design
 
NashTech - Azure Application Insights
NashTech - Azure Application InsightsNashTech - Azure Application Insights
NashTech - Azure Application Insights
 
Introduction to Azure monitor
Introduction to Azure monitorIntroduction to Azure monitor
Introduction to Azure monitor
 

Similar to Azure App configuration

Festive Tech Calendar 2022
Festive Tech Calendar 2022Festive Tech Calendar 2022
Festive Tech Calendar 2022Callon Campbell
 
Wellington MuleSoft Meetup 2021-02-18
Wellington MuleSoft Meetup 2021-02-18Wellington MuleSoft Meetup 2021-02-18
Wellington MuleSoft Meetup 2021-02-18Mary Joy Sabal
 
Secretsth-Azure-KeyVault-and-Azure-App.pdf
Secretsth-Azure-KeyVault-and-Azure-App.pdfSecretsth-Azure-KeyVault-and-Azure-App.pdf
Secretsth-Azure-KeyVault-and-Azure-App.pdfs87j3
 
Secretsth-Azure-KeyVault-and-Azure-App.pdf
Secretsth-Azure-KeyVault-and-Azure-App.pdfSecretsth-Azure-KeyVault-and-Azure-App.pdf
Secretsth-Azure-KeyVault-and-Azure-App.pdfs87j3
 
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...VMworld
 
Azure Meetup: Keep your secrets and configurations safe in azure!
Azure Meetup: Keep your secrets and configurations safe in azure!Azure Meetup: Keep your secrets and configurations safe in azure!
Azure Meetup: Keep your secrets and configurations safe in azure!dotnetcode
 
Azure Stack Overview (Dec/2018)
Azure Stack Overview (Dec/2018)Azure Stack Overview (Dec/2018)
Azure Stack Overview (Dec/2018)Cenk Ersoy
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...Oleg Shalygin
 
Az 104 session 8 azure monitoring
Az 104 session 8 azure monitoringAz 104 session 8 azure monitoring
Az 104 session 8 azure monitoringAzureEzy1
 
Unleash the power of Serverless Computing
Unleash the power of Serverless ComputingUnleash the power of Serverless Computing
Unleash the power of Serverless ComputingGaurav Madaan
 
#SPFestDC #Azure #Functions V2: What's new and getting started
#SPFestDC #Azure #Functions V2: What's new and getting started#SPFestDC #Azure #Functions V2: What's new and getting started
#SPFestDC #Azure #Functions V2: What's new and getting startedVincent Biret
 
Deploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsDeploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsOpsta
 
Challenges In Modern Application
Challenges In Modern ApplicationChallenges In Modern Application
Challenges In Modern ApplicationRahul Kumar Gupta
 
Securing microservices continuous delivery using grafeas and kritis
Securing microservices continuous delivery using grafeas and kritisSecuring microservices continuous delivery using grafeas and kritis
Securing microservices continuous delivery using grafeas and kritisVishal Banthia
 
Peek into Neo4j Product Strategy and Roadmap
Peek into Neo4j Product Strategy and RoadmapPeek into Neo4j Product Strategy and Roadmap
Peek into Neo4j Product Strategy and RoadmapNeo4j
 
Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...
Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...
Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...Tom Kerkhove
 
"How to create an infrastructure in .NET", Leonid Chetverikov
"How to create an infrastructure in .NET", Leonid Chetverikov"How to create an infrastructure in .NET", Leonid Chetverikov
"How to create an infrastructure in .NET", Leonid ChetverikovFwdays
 
Innovation morning agenda+azure arc
Innovation morning agenda+azure arcInnovation morning agenda+azure arc
Innovation morning agenda+azure arcClaudia Angelelli
 
Azure functions: Build apps faster with serverless architecture (March 2018)
Azure functions: Build apps faster with serverless architecture (March 2018)Azure functions: Build apps faster with serverless architecture (March 2018)
Azure functions: Build apps faster with serverless architecture (March 2018)Callon Campbell
 

Similar to Azure App configuration (20)

Festive Tech Calendar 2022
Festive Tech Calendar 2022Festive Tech Calendar 2022
Festive Tech Calendar 2022
 
Wellington MuleSoft Meetup 2021-02-18
Wellington MuleSoft Meetup 2021-02-18Wellington MuleSoft Meetup 2021-02-18
Wellington MuleSoft Meetup 2021-02-18
 
Secretsth-Azure-KeyVault-and-Azure-App.pdf
Secretsth-Azure-KeyVault-and-Azure-App.pdfSecretsth-Azure-KeyVault-and-Azure-App.pdf
Secretsth-Azure-KeyVault-and-Azure-App.pdf
 
Secretsth-Azure-KeyVault-and-Azure-App.pdf
Secretsth-Azure-KeyVault-and-Azure-App.pdfSecretsth-Azure-KeyVault-and-Azure-App.pdf
Secretsth-Azure-KeyVault-and-Azure-App.pdf
 
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
VMworld 2013: NSX PCI Reference Architecture Workshop Session 3 - Operational...
 
Azure Meetup: Keep your secrets and configurations safe in azure!
Azure Meetup: Keep your secrets and configurations safe in azure!Azure Meetup: Keep your secrets and configurations safe in azure!
Azure Meetup: Keep your secrets and configurations safe in azure!
 
Azure Stack Overview (Dec/2018)
Azure Stack Overview (Dec/2018)Azure Stack Overview (Dec/2018)
Azure Stack Overview (Dec/2018)
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
 
Az 104 session 8 azure monitoring
Az 104 session 8 azure monitoringAz 104 session 8 azure monitoring
Az 104 session 8 azure monitoring
 
Unleash the power of Serverless Computing
Unleash the power of Serverless ComputingUnleash the power of Serverless Computing
Unleash the power of Serverless Computing
 
#SPFestDC #Azure #Functions V2: What's new and getting started
#SPFestDC #Azure #Functions V2: What's new and getting started#SPFestDC #Azure #Functions V2: What's new and getting started
#SPFestDC #Azure #Functions V2: What's new and getting started
 
Deploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsDeploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOps
 
Challenges In Modern Application
Challenges In Modern ApplicationChallenges In Modern Application
Challenges In Modern Application
 
Securing microservices continuous delivery using grafeas and kritis
Securing microservices continuous delivery using grafeas and kritisSecuring microservices continuous delivery using grafeas and kritis
Securing microservices continuous delivery using grafeas and kritis
 
Peek into Neo4j Product Strategy and Roadmap
Peek into Neo4j Product Strategy and RoadmapPeek into Neo4j Product Strategy and Roadmap
Peek into Neo4j Product Strategy and Roadmap
 
Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...
Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...
Microsoft Partners - Application Autoscaling Made Easy With Kubernetes Event-...
 
"How to create an infrastructure in .NET", Leonid Chetverikov
"How to create an infrastructure in .NET", Leonid Chetverikov"How to create an infrastructure in .NET", Leonid Chetverikov
"How to create an infrastructure in .NET", Leonid Chetverikov
 
Power Apps for developers
Power Apps for developersPower Apps for developers
Power Apps for developers
 
Innovation morning agenda+azure arc
Innovation morning agenda+azure arcInnovation morning agenda+azure arc
Innovation morning agenda+azure arc
 
Azure functions: Build apps faster with serverless architecture (March 2018)
Azure functions: Build apps faster with serverless architecture (March 2018)Azure functions: Build apps faster with serverless architecture (March 2018)
Azure functions: Build apps faster with serverless architecture (March 2018)
 

Recently uploaded

Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendArshad QA
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
Clustering techniques data mining book ....
Clustering techniques data mining book ....Clustering techniques data mining book ....
Clustering techniques data mining book ....ShaimaaMohamedGalal
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 

Recently uploaded (20)

Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and Backend
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Clustering techniques data mining book ....
Clustering techniques data mining book ....Clustering techniques data mining book ....
Clustering techniques data mining book ....
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 

Azure App configuration

  • 2. Who am I ? • Lead Cloud Solutions Architect at PwC Sweden • Leading Cloud Center for Enablement and Cloud-native transformation initiative for the organization. • Architecture Council at PwC • Microsoft Azure Advisory group • Blogger https://www.msajid.cloud/ • Speaker (Swetugg, APIDays, Azure meetup) • Badminton • Photography • Ping pong 2 https://www.linkedin.com/in/musa/ https://twitter.com/sajid_nazeer
  • 3. Azure App Configuration and Feature management Presentation by Muhammad Sajid November 2019
  • 4. 1. What is Azure App Configuration and why should you care 2. Using App Configuration in .NET Core, ASP.NET Core and Azure Functions 3. Integration with Azure Key Vault and Event Grid 4. High Availability -> replication and failover using import/export feature 5. Using App Configuration in Azure DevOps 6. ETA and Pricing 7. Feature management 8. Key Takeaways 4
  • 5. What is Azure App Configuration 1
  • 6. What is Azure App Configurationhttps://docs.microsoft.com/en-us/azure/azure-app-configuration/overview 6 • Centralize management and distribution of hierarchical configuration data • At the core its a key-value store • Great fit for Event-driven microservices architecture • Control feature availability in real-time • Cloud Native Implementation of the “External configuration store” pattern
  • 7. Why should we care • Cloud Native applications are mostly polyglot Microservices (with different programming languages, technology stacks etc) but every Micoservice needs some kind of configuration • According to 12 factor App, It is recommended to separate Configuration from the Code https://12factor.net/config https://content.pivotal.io/blog/beyond-the-twelve-factor-app 7 App Configuration supports: • Namespaces • Labeling • Extensive queries • Batch retrieval • History • feature-management • Event-driven Architecture Author: Kevin Hoffman https://learning.oreilly.com/library/view/beyond-th e-twelve-factor/9781492042631/ Author: multiple authors https://www.amazon.in/Cloud-Native-Transforma tion-Pini-Reznik/dp/1492048909
  • 8. Configuration information out of the application deployment package to a centralized location. This pattern is useful for: • Shared configuration between multiple applications or multiple instances of the same application. • A standard Key-Value configuration system • Simplify administration and monitoring of configuration settings External Configuration Storehttps://docs.microsoft.com/en-us/azure/architecture/patterns/external-configuration-store 8
  • 9. 9 Search App Configuration in Azure Portal and Create Creating the resource
  • 10. 10 Name should be globally unique Choose subscription, resource group and location
  • 11. 11 Endpoint to use Configuration and feature management Import/export configuration
  • 15. Using Azure App Configuration in .NET Core, ASP.NET Core and Azure Functions 2
  • 16. 16 .NET Core Add nuget package Microsoft.Extensions.Configuration.AzureAppConfiguration
  • 17. 17 ManagedIdentity or Connect with Connection string Key to watch and if changed refresh everything
  • 18. 18 KeyVault client using ManagedIdentity for fetching secrets using Configuration provider Configuration and KeyVault client Glue Namespace/prefix to watch Trigger refresh only when sentinel is changed to avoid splicing
  • 19. 19 Role of a Sentinel • Sentinel is just another key-value item in the App Configuration • It is used as a signal for configuration provider client that one or more properties have changed • Sentinel or any other configuration item will only be checked for changes if cache has expired. Cache expiry is 30 seconds by default
  • 20. 20 Use Managed Identity Same identity will work with fetching Key Vault Secret ASP.NET Core
  • 21. 21 Middleware responsible for refreshing the configuration based on activity
  • 22. How does configuration Refresh works at runtime? 22 Timer-based watch (Old design) • Configuration was kept in sync with Azure App Configuration using a watch mechanism which ran on a timer. Flaws • On-demand invocation not possible. • Background activity even in the dormant application instances. • Polling Activity-based watch (New design) • Uses a middleware to determine activity • Works only in ASP.NET (middleware dependency) https://devblogs.microsoft.com/aspnet/redesigning-configuration-refresh-for-azure-app-configuration/?WT.mc_id=cloudnative-ch9-shboyer
  • 24. 24 Azure Functions Use Azure functions Dependency injection to configure Azure App Configuration
  • 25. 25 Inject Settings using IOptionsSnapshot
  • 26. 26 Create a separate refresh function to refresh configuration. Refresh will only happen when Cache has expired
  • 27. Integration with Azure Key Vault and Event Grid 3
  • 28. Azure Key Vault Integration 28 https://github.com/Azure/AppConfiguration-Announcements/issues/1#issue-504279728 October 8, 2019 Lisa Guthrie Senior Program Manager
  • 29. Azure Key Vault Integration 29 https://github.com/Azure/AppConfiguration-Announcements/issues/1#issue-504279728 • App Configuration and Key Vault are complementary services • App Configuration allows you to create Keys that reference value of Key Vault secrets • App Configuration stores the Uri or the secret not the Value • Client providers detect the key as a Key Vault secret and use Key Vault client to retrieve the actual value of the secret • App Configuration and Key Vault does not communicate to each other automatically Lisa Guthrie Senior Program Manager
  • 30. 30 App Configuration provider uses KeyVault client under the hood to fetch the value for a secret. Refresh works for both App Configuration Items and Key Vault Secret Use App Service token provider to get token for Accessing Key Vault
  • 31. 31 App Configuration provider will not know if you delete a secret from Key Vault until you restart. For running instances it will not crash or reload other configuration items.
  • 32. 32 How to handle transient errors?https://docs.microsoft.com/en-us/azure/architecture/best-practices/transient-faults • Due to the distributed nature of the cloud, transient faults are very common • Handling transient errors is very important for the building resilience applications • Use Polly to add retry policy while refreshing
  • 33. 33 Polly integration for Transient errors using custom refresh middleware Add Polly nuget package
  • 36. 36
  • 37. 37 • Storing data in a different store and passing a reference to the original data along. The receiver is responsible for retrieving original data from the store (in this case from Key Vault). • The pattern can also be used if the payload should be accessed only by services that are authorized to see it. (Skinny payload) Claim check? Also known as Reference-Based Messaging https://www.enterpriseintegrationpatterns.com/patter ns/messaging/StoreInLibrary.html https://docs.microsoft.com/en-us/azure/architecture/ patterns/claim-check Reference: {"uri":"https://abc1234keyvault.va ult.azure.net/secrets/testsecret"} Content Type: application/vnd.microsoft.appcon fig.keyvaultref+json;charset=utf-8
  • 39. 39
  • 40. 40
  • 43. 43 Event-driven Sync • Use Event-Grid to receive changes and replicate configuration items to secondary store • Use special Sync sentinel if you want to control sync • Use App Configuration SDK to replicate configuration items using C#
  • 44. Configure Event-Grid for Receiving Sync Sentinel signal 44
  • 45. Configure Event-Grid for Receiving Sync Sentinel signal 45 Apply a filter to receive events only when Sync Sentinel is changed. Filter on subject suffix match You can specify empty labels as %00 Api-version is always included
  • 46. Receive Events in a Bus, Storage or directly to an Azure Function 46 User App Configuration SDK to manage key-value pairs and you can use ConfigurationClient to replicate primary store to secondary store
  • 47. 47 Replicator function takes primary and secondary connection. Replicate only when you receive “Sync Sentinel” trigger via Event Grid string primaryConnection = "Endpoint=https://abc1234configstore.azconfig.io;Id=XXXX;Secret=YYYYYYY"; var primary = new ConfigurationClient(primaryConnection);
  • 48. 48
  • 51. 51
  • 52. 52
  • 54. GA and Pricing Azure App Configuration Service is planned to be Generally available in January 2020 54 October 26, 2019 Lisa Guthrie Senior Program Manager
  • 55. PwC 55 Free Standard Stores 1 / subscription Unlimited Keys 1000 or 1MB / store 20000 or 1GB / store History 7 days 30 days Requests / day 1000 Unlimited SLA N/A 99.9% Cost Free US$1.20/day + any additional changes at US$0.06/10000 requests ETA and Pricing Azure App Configuration Service is planned to be Generally available in January 2020
  • 57. 57
  • 58. 58
  • 59. 59
  • 60. 60
  • 62. • Group keys using Prefixes and Labels • Design hierarchical namespaces • Always set a Content-Type • Use Sentinel to avoid splicing 62
  • 63. 63 Jimmy Campbell • Use Labels as an extra dimension for organizing/grouping settings
  • 64. • Create separate stores if you want to separately control the permissions • If permission is not a concern then use one multi-tenant store
  • 65. • Another reason to have multiple stores would be for disaster recovery https://docs.microsoft.com/en-us/azure/azure-app-configuration/concept-disaster-recovery
  • 66. • Beware of the key storage and request limitations per store • Beware of limitations of creating multiple stores per subscription 66
  • 67. • It is ok to store a secret in App Configuration but use Key Vault which is designed for this use case. 67
  • 68. • Beware of the configuration stacking 68
  • 69. • If an environment does not have possibility to fetch configuration at runtime (possibly due to a firewall) then inject the configuration using Azure DevOps 69
  • 70. • Listen to configuration changes using Azure Event Grid and react accordingly • Use managed identity for authentication 70
  • 71. • Sync configuration to multiple stores for high availability and disaster recovery • If you have a Key Vault referenced key you must add permission to Key Vault for both stores • Use Sync Sentinel 71
  • 73. PwC Presentation Title [View > Master and edit/delete on very top slide master] Date [View > Master and edit/delete on very top slide master] 73 References: Icons @SandroPereira -> repo, blog | @Azurekid -> repo | @BenCodeGeek -> project | @David Summers -> repo Documentation https://docs.microsoft.com/en-us/azure/azure-app-configuration/ Feedback page https://feedback.azure.com/forums/920545-azure-app-configuration GitHub https://github.com/Azure/AppConfiguration/ Slack https://aka.ms/azconfig/slack Announcements https://github.com/Azure/AppConfiguration-Announcements CloudNativeShow episode https://www.youtube.com/watch?v=DJqmA5PcfzE DOTNETConf https://www.youtube.com/watch?v=zRstfC3Nn7M Thank you https://www.linkedin.com/in/musa/ https://twitter.com/sajid_nazeer