01: Before Starting
In this tutorial, we will explore Azure server less offering Azure Function. Please read the pre-requisite as below before starting. This tutorial expect you to know what is server less computing. Familiarity with Python and Flask framework. Azure Subscription Azure CLI installed on your machine VS Code as an IDE. Account on github.com At the end of this tutorial, you will be able to design a service in Azure Function with concept of API Authentication, Logging and Telemetry, Configuring Azure Function for popular python framework like Flask or FastAPI.
02: Setting up Environment
Browser Login to Azure Portal with your account. Select your subscription. Say: Visual Studio Enterprise Subscription. Create a new Resource Group. Name: az-func-demo-wus Region: West US AZ CLI Authenticate az cli. Select your account when prompted az login Set Account to Visual Studio Enterprise Subscription. Copy subscription Id from portal. az account set --subscription xxx-0fc2-xxxxx-9342-xxxxxxx GitHub Repo Create a GitHub repo on github.com for committing the code. Click on github.com Create a new public repository.
03: Creating Azure Function App
For this tutorial, we will create azure function using Azure Portal, however, this can also be created directly from VSCode, Az Cli etc. Creating Azure Function App using Azure Portal Select resource group az-func-demo-wus Click on +Create button in overview tab. Search for Function App in marketplace and click create In Create Function App page: Ensure right subscription and resource group are selected. Function App name: Provide a unique name to Azure Function.
04: Writing an API
Now we have Azure Function App with a Function (API) running. Lets us know write our API. There is no set rules or patterns to develop APIs on Azure Function App. One can have one-function-one-api or we can use popular framework like Flask or FastApi integrated with Azure Function. For this tutorial we will use Flask as that can help us migrate existing Flask App running on Virtual Machine or any Host to Azure Function.
05: API Authentication
As we now have a function integrated with flask framework and exposing two APIs i.e. /health and /vault/<secret_name>. In this step, we will see who to have protected api. If we just need to protect all APIs then we can simply use Azure Function Identity feature, however in most cases, not all api’s needs Authz as we may have health api which needs to be open. Also, in many other cases we want to verify token for custom roles based on access to certain specific api.
06: Accessing Protected API
To access protected API in our Function App, we need to get an access token from Azure AD App. This diagram shows a high-level view of the authentication flow: The E2E oauth2 auth code flow is being described here Generate Client Id and Secret To generate an access token to access our APIs, A User first need to onboard their AD App (Client AD App) to our AD App (Server AD App).
07: Logging with App Insight
Before we start, we need to verify if Azure Function App is connected to an instance of App Insight or not. To check this, go to Application Insights in Azure Function and verify if it is connected to an App Insight Resource. If not, we either need to create a new App Insight resource and attach it to Function App or use an existing App Insight app. Get App Insight Connection String Click on App Insight attached to Azure Function Copy Instrumentation Key and Connection String from overview tab Code Changes Notes:
08: Telemetry with App Insight
Let us now create work on injestig code for App Insight telemetry. This help observe how a request was served from the different part of the code. Code Changes In src/appinsight/logger.py, we will create decorator that help inject trace to App Insight def trace_as_dependency(tracer: Tracer = None, name: str = None, prefix: str = None): """trace_as_dependency [method decorator to trace a method invocation as a dependency (in AppInsights)] Args: tracer (Tracer): [Opencensus tracer object used to create the trace record.
Click here to star, improve or add to this page List of Awesome Lists Awesome Kubernetes Tools and Resources by datree.io ramitsurana/awesome-kubernetes: A curated list of awesome Kubernetes tools and resources. tomhuang12/awesome-k8s-resources: A curated list of awesome Kubernetes tools and resources. nubenetes: A curated list of awesome references collected since 2018. Tools Kubexit: Command supervisor for coordinated Kubernetes pod container termination. Kubectl-flame: Kubectl plugin for effortless profiling on kubernetes Kube-lineage: A CLI tool to display all dependencies or dependents of an object in a Kubernetes cluster.
Extending K8S: Mutating Web hooks
We will be writing a Mutating Webhook to implement a pattern where we need to inject another container as side car. Say, we are running a rest-api container and we want to front that with nginx Container as sidecar in a Pod. This nginx container will be used to terminate SSL and act as reverse proxy for rest-api container. As a user, we will only be writing rest-api container manifest within Pod and let mutating webhook inject nginx to it.
Feature Flag Using Python Decorators
In this blog I will be discussing about a use case where you can use Python decorators as feature flag to disable and enable a function execution. This is helpful when you write a new function and later want to disable if there is any issue with the functionality or not required. This blog was originally written as Medium Blog. Please click here to read.
Python Sanic vs GoLang Mux
In this blog I will be comparing Python Sanic and Golang Mux Web Framework. Golang Mux is high performance request router and dispatcher for matching incoming requests to their respective handler. On the other hand, Python Sanic is a Python 3.6+ web server and web framework that’s written to go fast. It allows the usage of the async/await syntax added in Python 3.5, which makes your code non-blocking and speedy.