In today’s post I am going to share about the experience I had recently with the Platform as a Service: Azure Web App Updates

Platform as a Service

By having the PaaS flavor, a couple things are no longer your responsibility and leans on your Cloud Provider, in this case Azure.

In summary, PaaS allows you to focus on your application and its data.

What to expect when you are not expecting

Since you are running your application in a managed platform, there are a few things you should aware and avoid to be taken aback.

Monthly updates

One of the benefits in have a PaaS is to keep your environment with the latest patches applied on it but how this magic happens behind the scenes?

First of all, and reinforcing the PaaS way to have things done

You don’t have to enable, allow, accept or anything else to have your PaaS environment part of the updates roll outs

Azure names their schedule as Patched Tuesday, and everything happen automatically in a way that guarantees the SLA of Azure services.

Which Tuesday?

Unfortunately, you will never know. And I heard once from an Azure Engineer that is to avoid Denial-of-service (DDoS) attack because during the updates roll out the environments have half of their capacity which would facilitate the success of the attacks.

What is the due date to complete the updates?

The updates are installed during off hours in each region, and to accomplish that worldwide is about 10 business days.

Restarts and Mitigations

Even performing this activity out of business hours for each region, and guarantee SLA numbers, it does not mean your application will be available during the updates.

So far, I have experienced two type of updates, and I am going to explain briefly about them and ways to mitigate downtime of your application

Platform (Infrastructure Upgrade)

These updates are specific to the App Service infrastructure, and they allow bug fixes, security patching, new functionality

Platform(Infrastructure Upgrade)

Your application was recycled as the Azure scale unit was undergoing an upgrade. This event occurred multiple times during the day across multiple instances. There are periodic updates made by Microsoft to the underlying Azure platform to improve overall reliability, performance, and security of the platform infrastructure where your application is running on. Most of these updates are performed without any impact upon your web app. To reduce the impact of such events on your application, consider deploying your application to multiple regions and use Azure Traffic Manager to distribute the load across regions.

You can reduce the impact in your application by having one or ALL of the following

• An App Service Scale Out, since it will restart one instance at a time
• An App Service on the same region but with its own App Service and using Azure Traffic Manager to switch traffic
• An App Service in a different region and using Azure Traffic Manager to switch traffic

Platform (File Server Upgrade)

Looking to improve durability and security, Azure also performs specific updates to their file servers.

Each App Service is connected two storage: one is the primary/active, and the other is secondary/passive. Once the active storage is updated, Azure has to point the storage to the secondary/passive node, and as soon as the update finishes the storage is changed it back.

That said, any App Service will be restarted twice, and this is by design!

Platform(File Server Upgrade)

Your application was recycled due to a file server upgrade. This event occurred multiple times during the day across multiple instances. These events cause a Storage Volume movement which may result in a restart of your application. If this restart event negatively impacts the availability of the application, enabling the Local Cache feature can help reduce dependency on storage file servers to some extent. Learn more: Check Local Cache described in the Troubleshooting and Next Steps.

You can reduce the impact in your application by having one or ALL of the following

• An App Service on the same region but with its own App Service and using Azure Traffic Manager to switch traffic
• An App Service in a different region and using Azure Traffic Manager to switch traffic
• Use of Local Cache but keep in mind there’s a maximum of 2GB limit for caching

Additional Tips

In addition to that I just said, there are some tips for you when Azure Web Apps topic shows up

How do I know if my Web App is updated?

I was working in an environment with App Services in East US and Europe West, and once East US started to be updated, I wanted to know if the European Web Apps were already updated.

Navigate to App Services (1), select one of them, look for Advanced Tools (2) and click Go (3)

A new tab will open, and find Azure App Service and you will see an entry similar to this one 89.0.7.88 (master-18642c22ea4) that is the version of it

Now, you can simply repeat the steps and check the App Services in the other region, if they don’t match, then the region is not updated yet.

And that’s it

I hope you liked it, and I’ll see you on my next post

Photo by Markus Winkler on Unsplash