Infrastructure as Code (IaC), CI/CD and Load Balancing for a .NET Web App

• Introduction
• Setting Up the Environment
• Configuring GitHub Actions for CI/CD
• Deploying Infrastructure as Code
• Enhancing Resiliency with Load Balancing
• Testing Resiliency with Azure Chaos Studio
• Conclusion and Next Steps
• Additional Resources

Introduction

In this article, we will deploy a .NET web app using Infrastructure as Code (IaC) and Continuous Integration/Continuous Deployment (CI/CD) with GitHub Actions and Bicep templates on Azure. Additionally, we will enhance the app's resiliency by configuring load balancing with Azure Traffic Manager and testing it with Azure Chaos Studio.

Setting Up the Environment

Start by navigating to the Azure portal: https://portal.azure.com. In our Azure subscription, enable Microsoft.CloudShell as a resource provider.

Next, we will prepare the GitHub repository containing the source code, GitHub Actions workflow, and Bicep template for the web app: GitHub Repository.

Configuring GitHub Actions for CI/CD

To automate the build and deployment process, we configure GitHub Actions using a workflow file named eshoponweb-cicd.yml.

This workflow defines two main jobs: buildandtest and deploy.

buildandtest job:

• Checkout the repository: Pull the latest code.
• Prepare the runner: Set up the desired .NET version SDK.
• Build, test, and publish: Compile the .NET project, run tests, and publish artifacts.
• Upload artifacts: Store the published website code and Bicep template.

deploy job:

• Download artifacts: Retrieve the previously uploaded artifacts.
• Login to Azure: Use a service principal to authenticate with Azure.
• Deploy the web app: Use the Bicep template to deploy the Azure App Service.
• Publish the website artifacts: Deploy the app to the Azure App Service.

Deploying Infrastructure as Code

We use a Bicep template to define and deploy the infrastructure needed for the .NET web app. This template creates the necessary Azure resources such as an App Service and associated infrastructure.

Review the Bicep file to understand the infrastructure setup:

Next, configure the target environment in Azure by creating resources in two different regions (Western Europe and Eastern US). This setup helps us implement a load-balancing strategy later in the article.

Create resources in Azure regions: Set up resources in Western Europe and Eastern US.

Use Azure Cloud Shell: Start Cloud Shell and use Bash to configure the environment.

By running the following commands in GitHub Actions, we can deploy build and test the application instance in Western Europe and Eastern US:

Here is our web app deployed in Western Europe:

and in Eastern US:

Enhancing Resiliency with Load Balancing

To enhance the resiliency of the web app, we will configure Azure Traffic Manager for load balancing between the two deployed instances in different Azure regions.

1. Create a Traffic Manager profile: Set up a new Traffic Manager profile in the Azure portal.
2. Add endpoints: Point the Traffic Manager to the two different app instances.
3. Validate the setup: Ensure that Traffic Manager is correctly balancing traffic.

Testing Resiliency with Azure Chaos Studio

Azure Chaos Studio helps simulate failures to test the resiliency of your app. We will simulate a failure in one of the Azure regions and observe how Traffic Manager redirects traffic to the healthy instance.

Steps to perform:

• Add the Microsoft.Chaos resource provider to our Azure subscription.
• Design a Chaos Experiment: Configure an experiment to stop one of the web app instances.
• Run the experiment and validate: Confirm that Traffic Manager routes traffic to the remaining active instance.

Chaos Experiment JSON:

{
  "type": "Microsoft.Chaos/experiments",
  "id": "/subscriptions/<SUBSCRIPTION_ID>/resourceGroups/devops-custom-rg/providers/Microsoft.Chaos/experiments/DevOps_Experiment_01",
  "name": "DevOps_Experiment_01",
  "systemData": {
    "createdAt": "2024-08-27T09:21:05.652+00:00",
    "lastModifiedAt": "2024-08-27T09:21:05.652+00:00",
    "createdByType": "User"
  },
  "identity": {
    "type": "SystemAssigned",
    "principalId": "<PRINCIPAL_ID>",
    "tenantId": "<TENANT_ID>"
  },
  "tags": {},
  "location": "westeurope",
  "properties": {
    "provisioningState": "Succeeded",
    "selectors": [
      {
        "type": "List",
        "targets": [
          {
            "id": "/subscriptions/<SUBSCRIPTION_ID>/resourceGroups/rg-eshoponweb-westeurope/providers/microsoft.web/sites/devops-webapp-westeurope-.../providers/Microsoft.Chaos/targets/microsoft-appservice",
            "type": "ChaosTarget"
          }
        ],
        "id": "..."
      }
    ],
    "steps": [
      {
        "name": "Step 1: Failover an App Service web app",
        "branches": [
          {
            "name": "Branch 1: Emulate an App Service failure",
            "actions": [
              {
                "type": "continuous",
                "selectorId": "...",
                "duration": "PT10M",
                "parameters": [],
                "name": "urn:csci:microsoft:appService:stop/1.0"
              }
            ]
          }
        ]
      }
    ]
  }
}

On the Load Balancing Traffic Manager page we can see that the Western Europe instance is stopped as expected.

In the next step, we will see that the load balancer has made our .NET application available through the East US instance.

Conclusion and Next Steps

By implemening Infrastructure as Code (IaC) and configuring CI/CD pipeline with GitHub Actions, we have:

• Automated Deployment: We have automated the deployment of a .NET web app using GitHub Actions and Bicep templates.
• Load Balancing: Configured Azure Traffic Manager to balance traffic between two app instances in different regions.
• Resiliency Testing: Used Azure Chaos Studio to simulate failures and test the app’s resiliency.

Next Steps:

• Automate more tests: Expand the CI/CD pipeline to include more automated tests to ensure robustness.
• Monitor continuously: Implement continuous monitoring to detect and respond to new potential failures or vulnerabilities.
• Refine the Chaos experiments: Continue to use Azure Chaos Studio to test various failure scenarios and improve our app’s resilience.

This approach provides a solid foundation for building, deploying, and maintaining resilient .NET web applications in the cloud.

Additional Resources

Here are some additional resources to further explore the concepts of Infrastructure as Code (IaC) and CI/CD, especially in the context of .NET web applications and Azure:

• GitHub Actions Documentation: Comprehensive guides and tutorials for setting up and managing workflows using GitHub Actions.
• Azure Bicep Documentation: Detailed documentation on using Bicep for Infrastructure as Code in Azure, including best practices and templates.
• Azure App Service Documentation: Learn how to deploy and manage web apps on Azure App Service.
• Azure Traffic Manager Documentation: Understand how to use Azure Traffic Manager for load balancing and high availability.
• Azure Chaos Studio Documentation: Guides and examples for using Azure Chaos Studio to test and improve the resiliency of your applications.
• .NET Documentation: Official documentation for .NET, covering development, deployment, and best practices.
• Continuous Integration and Continuous Deployment (CI/CD): Overview of CI/CD concepts and how to implement them using Azure DevOps and GitHub Actions.
• Infrastructure as Code (IaC) on Azure: A comprehensive guide to using IaC practices and tools on Azure.

By exploring these resources, we can deepen our understanding of setting up, managing, and optimizing the CI/CD pipelines and infrastructure for .NET applications on Azure.