App Service with SQL Database and Application Insights

Architecture Overview

This architecture deploys a three-tier web application stack on Azure using fully managed services. App Service handles web hosting and automatic scaling. Azure SQL Database provides a relational database without the overhead of managing a SQL Server instance. Application Insights collects telemetry, traces, and performance metrics so you can monitor the application from day one.

The application code is deployed through blob storage. A zip archive of your local application directory is uploaded to a storage account, and App Service pulls the code from there using a time-limited SAS token for secure access. This deployment method works for any runtime that App Service supports (ASP.NET, Node.js, Python, Java, PHP) and avoids the need for a CI/CD pipeline during initial setup.

The components connect through configuration. App Service receives the SQL connection string and Application Insights instrumentation key as environment variables, so the application code can access the database and emit telemetry without hardcoded credentials. This separation of configuration from code follows the twelve-factor app methodology and makes it straightforward to promote the same application across environments.

App Service Plan and Web App

The App Service Plan defines the compute tier and scaling characteristics for the web app. It determines how much CPU, memory, and storage are available. The web app runs on this plan and serves your application over HTTPS using Azure’s default domain. App Service handles TLS termination, load balancing, and operating system patching automatically.

Azure SQL Database

Azure SQL Database provides a managed relational database engine compatible with SQL Server. Administrator credentials are pulled from Pulumi configuration rather than hardcoded, keeping secrets out of your code. The database supports connection pooling, which the connection string configures with minimum and maximum pool sizes for efficient resource usage under varying load.

Application Insights

Application Insights is provisioned alongside the web app and connected through an instrumentation key and connection string injected as environment variables. It collects request traces, dependency calls, exceptions, and custom metrics automatically. This gives you immediate visibility into application performance, error rates, and user behavior without adding monitoring code.

Blob Storage for Code Deployment

A storage account holds the application code as a zip archive in a private blob container. A SAS token provides time-limited access so App Service can pull the code securely. This approach works for initial deployments and small teams. For ongoing deployments, you would typically transition to GitHub Actions, Azure DevOps, or another CI/CD pipeline.

Common Customizations

• Add a custom domain: Configure a custom domain on the App Service and bind an SSL certificate for branded URLs instead of the default .azurewebsites.net domain.
• Enable autoscaling: Configure App Service autoscaling rules based on CPU utilization or request count to handle traffic spikes without over-provisioning.
• Add a staging slot: Create a deployment slot for staging so you can deploy and validate new versions before swapping them into production with zero downtime.
• Secure the database: Add virtual network integration and a private endpoint for the SQL Database so traffic between App Service and the database stays on Azure’s backbone network.