DevOps - Azure Solutions

Quiz

DevOps on Azure is all about bringing development and IT operations together. It helps us deliver software faster, with better quality and more reliability. Azure gives us a strong platform to set up DevOps. It has tools for continuous integration (CI), continuous delivery (CD), infrastructure as code (IaC), and monitoring.

With Azure DevOps, we can manage code repositories, automate workflows, and deploy apps easily to services like Azure App Service or Kubernetes. It has different services like Azure Repos, Pipelines, Boards, Artifacts, and Test Plans. These services help at every step of the DevOps lifecycle. They make collaboration easy and create a smooth delivery process.

Why Choose Azure for DevOps?

Azure gives us a complete DevOps solution. It comes with enterprise-level tools, great scalability, and availability worldwide. It supports many programming languages, frameworks, and third-party tools. This makes it flexible for different types of projects.

Azure DevOps is known for its strong CI/CD pipelines. It works well with GitHub and makes deploying apps to Azure cloud simple. Security is a big focus. Tools like Azure Key Vault help us manage secrets, and Azure Policy takes care of governance.

Azure also uses AI to give us insights and monitoring tools like Application Insights. These help fix issues before they become big problems and improve performance. All of this makes Azure a great platform for modern DevOps practices.

Setting up Azure DevOps

Azure DevOps gives us tools to handle the whole software process, from planning to deployment. Setting it up is simple. We prepare the environment, create an organization, and use services like Azure Repos and Pipelines. Let's go step by step.

Prerequisites

Before you start, make sure you have these ready −

Azure Account − You can create one on the Azure Portal.
Subscription − An active Azure subscription is needed for advanced features.
Git Installed − Check if Git is installed. Use git --version to confirm.
Development Environment − Use tools like Visual Studio or VS Code. They work directly with Azure DevOps.

Creating an Azure DevOps Organization

An organization in Azure DevOps is like a main container for projects and users.

Sign In − Go to Azure DevOps and log in with your Microsoft account.

Create Organization

Click New Organization.
Enter a name, like MyDevOpsOrg, and choose a region.
Click Continue.
Add a Project:
Inside your organization, click New Project.
Add details like the Project Name, visibility (Private or Public), and version control (Git or TFVC).

Given below is an example YAML for setting up a pipeline −

trigger:
  - main
pool:
  vmImage: 'ubuntu-latest'
steps:
  - script: echo "Hello Azure DevOps!"
    displayName: 'Print Message'

Overview of Azure DevOps Services

Azure DevOps offers several services. We can pick and use only the ones we need −

Azure Repos − Helps us manage code repositories. Example to push code −

git init  
git remote add origin https://dev.azure.com/MyDevOpsOrg/MyProject/_git/MyRepo  
git add .  
git commit -m "Initial commit"  
git push -u origin main

Azure Pipelines − Automates CI/CD workflows. For example, deploying a Node.js

app:
pool:
  vmImage: 'ubuntu-latest'
steps:
  - task: NodeTool@0
    inputs:
      versionSpec: '14.x'
  - script: npm install
    displayName: 'Install Dependencies'
  - script: npm test
    displayName: 'Run Tests'

Azure Boards − Tracks tasks, sprints, and overall progress.

Azure Test Plans − Lets us manage and automate tests.

Azure Artifacts − Handles and shares packages like npm, Maven, or NuGet.

This setup makes it easy to fit Azure DevOps into existing workflows. It's efficient and scales well for different needs.

Azure Pipelines: CI / CD

Azure Pipelines helps us automate building, testing, and deploying apps. It has two options - YAML pipelines for more flexibility and Classic pipelines with a simple graphical interface. Heres how we can create and use these pipelines for Continuous Integration (CI) and Continuous Deployment (CD).

Creating Build Pipelines

Build pipelines help us compile source code, run tests, and create build artifacts.

Steps to Create

Open Pipelines in your Azure DevOps project.
Click New Pipeline.
Choose the repository you want (like GitHub or Azure Repos).
Pick a YAML file or set up with a template.

Example YAML Build Pipeline for a .NET Project −

trigger:
  - main
pool:
  vmImage: 'windows-latest'
steps:
  - task: UseDotNet@2
    inputs:
      packageType: 'sdk'
      version: '6.x'
  - script: dotnet build
    displayName: 'Build the project'
  - script: dotnet test
    displayName: 'Run Unit Tests'

Save this file as azure-pipelines.yml in the main folder of your repo.

Every time we push to the main branch, this pipeline will run.

Setting Up Release Pipelines

Release pipelines let us deploy build artifacts to environments like staging or production.

Steps to Create −

Go to Pipelines > Releases.
Click New Pipeline and choose a template (like Azure App Service deployment).
Link it to the build artifacts from the Build Pipeline.
Add stages for deployment (e.g., Development, Testing, Production).

Example Configuration for Web App Deployment −

Artifact Source − Link to the output from the build pipeline.
Tasks − Add Azure App Service Deploy task. Fill in App Service Name, Package or Folder, and Azure Subscription.

YAML Pipelines vs Classic Pipelines

The following table highlights how YAML Pipelines differ from Classic Pipelines −

Feature	YAML Pipelines	Classic Pipelines
Definition	Stored in a YAML file in the repo.	Configured through Azure DevOps UI.
Flexibility	Very customizable and version-controlled.	Simple setup for smaller projects.
Triggering	Works with branches, pull requests, etc.	Fewer triggering options.
Example YAML	Below example shows deployment to Azure App Service:	Not applicable

trigger:
  - main
pool:
  vmImage: 'ubuntu-latest'
steps:
  - task: AzureWebApp@1
    inputs:
      azureSubscription: '<Your Azure Subscription>'
      appName: '<Your App Service Name>'
      package: '$(Pipeline.Workspace)/drop/*.zip'

YAML pipelines work best for big projects and teams. They allow automation and collaboration. Classic pipelines are simpler and good for quick setups or if YAML seems too complex.

Infrastructure as Code (IaC) with Azure

Infrastructure as Code (IaC) helps us manage cloud resources with code. It makes provisioning automatic and simpler. Azure supports many IaC tools. These tools bring consistency, version control, and easy repeatability. We can use Azure Resource Manager (ARM) templates, Terraform, or similar tools to define and deploy infrastructure easily.

Introduction to IaC on Azure

Azure supports IaC with −

ARM Templates − These are JSON-based templates made just for Azure.
Terraform − A third-party tool that works across different clouds, including Azure.

Using IaC reduces mistakes because it removes most manual steps. It keeps environments consistent and makes rolling back changes easier. When we use IaC with CI/CD pipelines, it ensures smooth and automated setups for infrastructure.

Using Azure Resource Manager (ARM) Templates

ARM templates define Azure resources in JSON. They work declaratively, so we write what we need, and Azure sets it up.

Structure

Resources − List the Azure services to deploy.
Parameters − These make the templates reusable. We can provide inputs like names or regions.
Outputs − They return key information after deployment.

Example ARM Template for a Virtual Machine

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "vmName": { "type": "string" },
    "adminUsername": { "type": "string" },
    "adminPassword": { "type": "securestring" }
  },
  "resources": [
    {
      "type": "Microsoft.Compute/virtualMachines",
      "apiVersion": "2021-07-01",
      "name": "[parameters('vmName')]",
      "location": "eastus",
      "properties": {
        "hardwareProfile": { "vmSize": "Standard_DS1_v2" },
        "osProfile": {
          "computerName": "[parameters('vmName')]",
          "adminUsername": "[parameters('adminUsername')]",
          "adminPassword": "[parameters('adminPassword')]"
        }
      }
    }
  ]
}

Deployment − Deploy with Azure CLI.

Managing IaC with Terraform and Azure

Terraform is another tool we can use to manage Azure resources. It's flexible, supports multiple clouds, and tracks the state of resources.

Install Terraform − Download Terraform from Terraform Downloads.

Create Terraform Configuration

provider "azurerm" {
   features {}
}
resource "azurerm_resource_group" "example" {
   name     = "example-resources"
   location = "eastus"
}
resource "azurerm_storage_account" "example" {
   name                     = "examplestorageacct"
   resource_group_name      = azurerm_resource_group.example.name
   location                 = azurerm_resource_group.example.location
   account_tier             = "Standard"
   account_replication_type = "LRS"
}

Use the following commands to manage resources −

Initialize

terraform init

Plan

terraform plan

Apply

terraform apply

Terraform lets us reuse configurations, manage the state, and use many community modules. These make managing Azure resources easier and faster.

Monitoring and Logging with Azure

Azure gives us strong tools to track how resources perform, how applications run, and to spot any problems. Below is a simple overview in a table format.

Feature	Description	Example
Integrating Azure Monitor	Helps monitor Azure resources and apps from one place.	Set up alert for high CPU usage: az monitor metrics alert create --name HighCPUAlert.
Application Insights for Observability	Tracks how apps perform and how users interact with them.	Add this code to track events: appInsights.trackEvent({ name: "UserLogin" });.
Log Analytics for DevOps	Lets us query and analyze log data using KQL (Kusto Query Language).	Example query: `AzureDiagnostics`

Security in Azure DevOps

Azure DevOps offers built-in security features to protect our resources, manage secret data, and keep pipelines safe. Below is a quick summary.

Feature	Description	Example
Managing Permissions and Access Control	Uses RBAC (Role-based access control) to protect resources.	Add permission: az devops security permission add --id <role-id> --user-id <user-id>.
Secrets Management with Azure Key Vault	Stores secrets, keys, and certificates safely.	Pipeline task example: Use AzureKeyVault@2 to get secrets for deployment.
Integrating Security Testing in Pipelines	Adds automatic security checks in CI/CD pipelines for both static and dynamic testing.	Add tasks like WhiteSource Bolt or SonarQube in YAML to find vulnerabilities during builds.

YAML Example for Secure Deployment with Key Vault Integration −

trigger:
  - main
pool:
  vmImage: 'ubuntu-latest'
steps:
  - task: AzureKeyVault@2
    inputs:
      azureSubscription: 'MyAzureSubscription'
      KeyVaultName: 'MyKeyVault'
      SecretsFilter: '*'
  - script: echo $(mySecret)
    displayName: 'Display Secret for Debugging'

Conclusion

In this chapter, we focused on setting up Azure DevOps, creating CI/CD pipelines, using Infrastructure as Code (IaC) with ARM templates and Terraform, and making sure our monitoring, logging, and security practices are strong.

By using Azure Monitor, Application Insights, and Log Analytics, we made resource management and observability better. We also talked about how to secure Azure DevOps by controlling access, managing secrets with Azure Key Vault, and adding security tests to pipelines. These practices help automate, secure, and monitor the software delivery process, making DevOps workflows on Azure more efficient, reliable, and safe.

Print Page