What’s New for Azure App Service at Build 2023

Posted by

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Community Hub.

Welcome to Build 2023!

Welcome to this year's Build 2023 roundup of What’s New for Azure App Service! Build is in-person for the first time in many years (/woo-hoo!) and product group members will be in-person at Build 2023 in Seattle this year! 

 

This link to Application Innovation sessions at Build 2023 includes a comprehensive list of ten separate breakout sessions, demo sessions, and discussion (Q&A) sessions where Azure App Service is covered!  Its also a handy guide to the plethora of Build content about API Management, Cloud Native and Serverless development, Low-code and Power Platform as well as Azure Communication Services!  Team members will also be onsite during the conference at the Cloud Developer Expert Meet-up area on Level 4 of the convention center – feel free to drop by, say hello and chat!  We look forward to everyone who will be virtually or physically attending Build 2023 this week!

 

The service has been rolling out many new features in the recent weeks and has quite a few more improvements “coming soon” after Build as well.  Below is a quick summary table highlighting many of the recent and upcoming innovations. Read on for more info on each of them, as well as sneak peeks at what’s planned further into 2023!

 

Feature

Announcing GA or Public Preview

New entry level P0v3 SKU

New memory-optimized PremiumV3 SKUs

GA

Automatic Scaling for App Service Plans

Public Preview

New Wordpress hosting plan options

GA

Wordpress multisite support

GA

Wordpress PHP 8.2 & MySQL 8 support

GA

.NET 8.0

Public Preview (upcoming)

JBoss EAP Clustering

Public Preview (upcoming)

Join multiple app service plans to single subnet

Public Preview (upcoming)

Configurable minimum TLS cipher suites

Public Preview

End-to-end TLS encryption

Public Preview (upcoming)

Memory-optimized Isolatedv2

Public Preview (upcoming)

Custom error pages

Public Preview

Web application undelete portal experience

GA (upcoming)

 

New PremiumV3 SKUs

The new PremiumV3 offerings introduce a 1 vCPU/4GB option (P0v3) as well as a plethora of memory optimized options spanning 2 vCPU/16GB through 32 vCPU/256GB (P1mv3 – P5mv3).  The new additions to the PremiumV3 SKU provide developers with a full spectrum of compute spanning dev/test and smaller production scenarios to the most compute and memory intensive web application production workloads.  Especially for net-new workloads where making changes is easier, App Service highly recommends developers choose PremiumV3 rather than the previous Standard and PremiumV2 SKUs.  With the availability of Azure Dev/Test pricing, Azure Savings Plans, and Reserved Instances pricing for PremiumV3, developers can access more compute power at substantially lower price points than the prior Standard and PremiumV2 offerings!

 

Azure App Service started rolling out the new PremiumV3 SKUs in April.  As the platform rollout has progressed, App Service now supports the new SKU options across most geographies with coverage across twenty-eight separate Azure regions.  App Service is continually working on adding support across regions so check back periodically in the Azure portal to see if the new SKUs are available for you!

 

Automatic Scaling

The Automatic Scaling feature for App Service has been recently updated with an Automatic Scaling UX experience now integrated into the Azure Portal along with myriad back-end tweaks and fixes.  We frequently refer to the Automatic Scaling feature as a metaphorical “automatic cruise control for your web apps”.  While developers have used Azure Auto-Scale rules for years, the most requested capability has been for a straightforward way to scale applications based on the current HTTP request rate.  And that’s exactly what the Automatic Scaling feature does!

 

As a developer you configure some guardrails around minimum and maximum instance count scaling parameters.  Then the App Service platform takes care of automatically increasing and decreasing the number of workers running your workloads based on a combination of incoming HTTP request rate and real-time sampling of the relative load on each of the underlying workers running an application.  The underlying implementation is an adaptation of the serverless scaling technology that underpins much of Azure Functions, but integrated with App Service plans and available for any web application to leverage.

 

On the path to GA for Automatic Scaling, App Service will be adding new functionality to in the coming months including support for the recently released memory optimized Pmv3 SKUs.  You can also see the feature in action at a recent Azure App Service Community Standup as well as the "Automatic Scaling for Azure App Service Web Apps" demo session at Build 2023!

 

What's New for Wordpress on App Service

Given the popularity of Wordpress, Azure App Service has been continually investing in and optimizing the Wordpress experience when running on Linux App Service.  Earlier this year the service released a comprehensive update that enables developers to quickly get up and running with an optimized Wordpress configuration incorporating best practices and performance optimizations.  Building off of that, App Service updated the Quickstart experience with simplified price/performance options that reduced costs anywhere from 20% to 35% providing combined web app + database options ranging from a small “getting started” configuration up through a highly performant production ready configuration.  And most recently the team shipped one of the most-asked for features:  subdirectory style multisite support!

 

The "Wordpress on App Service" marketplace offering (accessible from the Azure portal) has also just been updated to PHP 8.2 & Azure Flexible MySQL 8.0, with the auto-upgrade option for minor version updates turned on by default as well.  Keep an eye on out on the Tech Community Apps on Azure Blog for future updates!

 

.NET 8.0 Coming in June and Additional Language Updates

.NET 8. 0 (Preview 7) will shortly arrive on Azure App Service in June, with availability across both Windows and Linux flavors of App Service.  As with prior previews, the .NET 8.0 preview will be available in "early access" and transition to fully built-in status later this summer.

 

For existing versions of .NET, Node, Java, Python and PHP, App Service has recently deployed dozens of minor version updates across the various stacks, continuing to deliver on the service promise of automatically maintaining and updating built-in language stacks.  Looking farther out, Linux App Service is also working on adding support for Node 20, Python 3.12 and PHP 8.3 as well as the GA of .NET 8.0. 

 

Turning to Java and the JBoss EAP offering on Azure App Service, App Service will soon be introducing support for JBoss clustering this summer!  Clustering is a feature that allows JBoss EAP to have multiple instances working together in high availability mode to provide applications that are more resistant to fluctuations in traffic, server load and server failure. In the upcoming release, when a JBoss EAP application on App Service is configured to use virtual network integration, clustering support for JBoss EAP will be automatically enabled as well.

 

Virtual Network Improvements

In the "coming very soon" category, public multi-tenant App Service will soon be releasing the initial preview for joining multiple app service plans to a single subnet.  This capability will enable developers to join two or more distinct app service plans to the same subnet in their virtual network topology, thus substantially reducing “subnet sprawl”.  Currently developers must carve out a unique subnet for each separate app service plan, which leads to challenges around network address space management and app service plan -to- subnet allocations. 

 

With the new multi-plan subnet join capability developers will be able to allocate a single larger subnet intended for use by multiple applications (and by extension their app service plans).  One thing to keep in mind, developers should ensure that subnets are large enough to accommodate the aggregate IP address usage across multiple app service plans, including the aggregate maximum scale-out requirements from all the connected app service plans!

 

Looking farther out this calendar year (2023) App Service also plans to start introducing support for inbound HTTP traffic over IPv6.  Web applications will be able to accept traffic exclusively on IPv6, exclusively on IPv4, or accept traffic via both IPv6 and IPv4 addresses.

 

Increasing Security with New TLS Configuration Options

Securing inbound traffic with TLS is de rigueur for web applications these days, with App Service automatically turning TLS on for newly created web applications.  Just recently App Service introduced a new minimum TLS cipher suite configuration option enabling developers to customize the set of TLS Cipher Suites used when negotiating a TLS connection to a web application.  This enables developers to enforce more modern cipher suites while retaining flexibility for applications to optionally support legacy clients using older TLS versions:

 

Configuring Minimum TLS Cipher Suite in Azure PortalConfiguring Minimum TLS Cipher Suite in Azure Portal

While the feature has been announced in public preview, it is fully supported for production workloads.  The Minimum TLS Cipher Suite feature is estimated to move to GA later in 2023 once App Service starts upgrading the service’s front-ends to Windows Server 2022 and TLS 1.3.  Keep an eye out for the announcements later this year around TLS 1.3 support on App Service!

 

App Service is also amidst rolling out an additional TLS enhancement that supports end-to-end (e2e) TLS encryption.  While inbound traffic from the outside world is secured with TLS, intra-cluster traffic between the App Service front-ends and the workers running application workloads inside of an App Service scale unit use HTTP.  App Service Environments (ASEs) have supported a cluster configuration setting for a few years that enables intra-cluster e2e TLS encryption, but a similar capability has not been available for the rest of App Service.  Developers will soon have a new configuration capability that enables e2e TLS encryption for applications not running on ASEs, with network traffic between the front-ends and application workloads being secured via TLS as well.  Expect an announcement "soon" with information about the feature and details on enabling it via ARM and CLI!

 

Upcoming App Service Environment (ASEv3) Features

Expanding on the release of more powerful Isolatedv2 SKUs earlier in the year, App Service will be introducing memory-optimized offerings to ASEv3 this summer!  The new ASEv3 SKUs will parallel the recent Pmv3 rollout, bringing memory-optimized offerings spanning 2 vCPUs/16GB memory all the way up to 32 vCPUs/256GB to App Service Environment v3 customers.  The new Imv2 (memory optimized Isolated v2) offerings will provide developers a more cost-effective price point for workloads that require larger memory sizes.

 

In addition to the new memory-optimized options coming to ASEv3 this summer, the team has several additional ASEv3 features cooking!  Currently all applications running inside of an App Service Environment share a common set of ASE-wide network, security and encryption configurations.  These aspects can be viewed and configured with ARM/Bicep as well as using the App Service Environment Configuration experience in the Azure Portal as shown below:

 

Common App Service Environment Configuration SettingsCommon App Service Environment Configuration Settings

Since ASEv3s are very frequently deployed as 100% internal-facing environments (aka ILB ASEv3s), developers may want to add TLS certificates generated by custom certificate authorities (CAs).  Planned for release this summer, developers will be able to configure TLS certificates for inbound traffic to applications running on an ILB ASEv3s using certificates issued by a non-public CA.  When client browsers and applications connect, the ILB ASEv3 will return the full certificate chain from the custom CA that generated the TLS certificate.  This new TLS capability will enable organizations to rely on internal corporate CAs when generating TLS certificates for scenarios such as internal-facing line of business web applications!

 

Custom Error Pages and Easier Undeletes

The number one top-voted customer ask for App Service was support for custom error pages that could be served in cases where App Service currently returns a generic error page.  We’re happy to say that support for custom error pages just rolled out in preview, and is now available for developers to try out and use.  Also take a look at the new tutorial on setting up custom error pages!

 

The feature enables developers to provide their own site content incorporating their application’s site layout and branding that will be served in cases where the App Service platform is returning a 403, 502 or 503 HTTP error code.  For example, if a site experiences a massive burst of requests resulting in temporary "503 Service Unavailable" errors due to an overloaded application, the App Service platform will now return the custom 503 error page supplied by the developer.  The screenshot below shows the Azure Portal experience where customers can upload custom error pages for each of the 403, 502 and 503 class of errors:

 

Custom Error Page Configuration in Azure PortalCustom Error Page Configuration in Azure Portal

You can also see a live demonstration of the new custom error page feature at a recent Azure App Service Community Standup!  A further improvement planned in the coming months will deliver the ability to source the custom error pages from a storage account thus making it easy for developers to reference the same set of custom error pages across multiple applications.

 

Another quality-of-life improvement planned for the coming months is easier access to the App Service web application un-delete functionality.  Not many developers realize it, but for quite a few years App Service has enabled developers to self-serve restoring accidentally deleted web applications using Powershell commands.  If you accidentally delete your application and need to retrieve it (within 30 days), you can use the Powershell commands described in the article to retrieve both website content as well as application configuration information and restore it to a resource group and location of your choice. 

 

In the next few weeks, right after Build, this functionality will now become available directly in the Azure Portal, no command-line configuration necessary!  Below is an early peek of the upcoming Azure Portal UX:

 

Undelete Web Application in Azure PortalUndelete Web Application in Azure Portal

Developers will be able to find previously deleted applications and the new Azure Portal experience will walk them through retrieving and re-hydrating the application content and configuration.  Although you shouldn’t go out and start deleting your web applications with

wild abandon now, this will hopefully save developers a few grey hairs when the inevitable “fat finger” situations occur!

 

Next Steps

Developers can learn more about Azure App Service at Getting Started with Azure App Service.  Stay up to date on new features and innovations on Azure App Service via Azure Updates (App Service) as well as the Azure App Service (@AzAppService) / Twitter feed.  There is always a steady stream of great deep-dive technical articles across the breadth of developer focused Azure services over on the Apps on Azure blog.  And lastly drop by the Azure Developers Community YouTube channel for developer focused content about tooling, languages and services running in the cloud!

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.