Refactor a Linux app to multiple regions using Azure App Service, Traffic Manager, and Azure Database for MySQL
This article shows how the fictional company Contoso refactors a two-tier Linux-based Apache MySQL PHP (LAMP) app, migrating it from on-premises to Azure using Azure App Service with GitHub integration and Azure Database for MySQL.
osTicket, the service desk app used in this example is provided as open source. If you'd like to use it for your own testing purposes, you can download it from GitHub.
The IT Leadership team has worked closely with business partners to understand what they want to achieve:
- Address business growth. Contoso is growing and moving into new markets. It needs additional customer service agents.
- Scale. The solution should be built so that Contoso can add more customer service agents as the business scales.
- Improve resiliency. In the past issues with the system affected internal users only. With the new business model, external users will be affected, and Contoso need the app up and running at all times.
The Contoso cloud team has pinned down goals for this migration, in order to determine the best migration method:
- The application should scale beyond current on-premises capacity and performance. Contoso is moving the application to take advantage of Azure's on-demand scaling.
- Contoso wants to move the app code base to a continuous delivery pipeline. As app changes are pushed to GitHub, Contoso wants to deploy those changes without tasks for operations staff.
- The application must be resilient with capabilities for growth and failover. Contoso wants to deploy the app in two different Azure regions, and set it up to scale automatically.
- Contoso wants to minimize database admin tasks after the app is moved to the cloud.
After pinning down their goals and requirements, Contoso designs and reviews a deployment solution, and identifies the migration process, including the Azure services that will be used for the migration.
- The app is tiered across two VMs (OSTICKETWEB and OSTICKETMYSQL).
- The VMs are located on VMware ESXi host contosohost1.contoso.com (version 6.5).
- The VMware environment is managed by vCenter Server 6.5 (vcenter.contoso.com), running on a VM.
- Contoso has an on-premises datacenter (contoso-datacenter), with an on-premises domain controller (contosodc1).
Here's the proposed architecture:
- The web tier app on OSTICKETWEB will be migrated by building an Azure App Service in two Azure regions. Azure App Service for Linux will be implemented using the PHP 7.0 Docker container.
- The app code will be moved to GitHub, and the Azure App Service web app will be configured for continuous delivery with GitHub.
- Azure App Servers will be deployed in both the primary (East US 2) and secondary (Central US) region.
- Traffic Manager will be set up in front of the two web apps in both regions.
- Traffic Manager will be configured in priority mode to force the traffic through East US 2.
- If the Azure App Server in East US 2 goes offline, users can access the failed over app in Central US.
- The app database will be migrated to the Azure Database for MySQL service using MySQL Workbench tools. The on-premises database will be backed up locally, and restored directly to Azure Database for MySQL.
- The database will reside in the primary East US 2 region, in the database subnet (PROD-DB-EUS2) in the production network (VNET-PROD-EUS2):
- Since they're migrating a production workload, Azure resources for the app will reside in the production resource group ContosoRG.
- The Traffic Manager resource will be deployed in Contoso's infrastructure resource group ContosoInfraRG.
- The on-premises VMs in the Contoso datacenter will be decommissioned after the migration is done.
Contoso will complete the migration process as follows:
- As a first step, Contoso admins set up the Azure infrastructure, including provisioning Azure App Service, setting up Traffic Manager, and provisioning an Azure Datbase for MySQL instance.
- After preparing the Azure, they migrate the database using MySQL Workbench.
- After the database is running in Azure, they up a GitHub private repository for Azure App Service with continuous delivery, and load it with the osTicket app.
- In the Azure portal, they load the app from GitHub to the Docker container running Azure App Service.
- They tweak DNS settings, and configure autoscaling for the app.
|Azure App Service||The service runs and scales applications using the Azure PaaS service for websites.||Pricing is based on the size of the instances, and the features required. Learn more.|
|Traffic Manager||A load balancer that uses DNS to direct users to Azure, or external websites and services.||Pricing is based on the number of DNS queries received, and the number of monitored endpoints.||Learn more.|
|Azure Database for MySQL||The database is based on the open-source MySQL Server engine. It provides a fully managed, enterprise-ready community MySQL database, as a service for app development and deployment.||Pricing based on compute, storage, and backup requirements. Learn more.|
Here's what Contoso needs to run this scenario.
|Azure subscription||Contoso created subscriptions earlier in this article series. If you don't have an Azure subscription, create a free account.
If you create a free account, you're the administrator of your subscription and can perform all actions.
If you use an existing subscription and you're not the administrator, you need to work with the admin to assign you Owner or Contributor permissions.
|Azure infrastructure||Contoso set up their Azure infrastructure as described in Azure infrastructure for migration.|
Here's how Contoso will complete the migration:
- Step 1: Provision Azure App Service. Contoso admins will provision web apps in the primary and secondary regions.
- Step 2: Set up Traffic Manager. They set up Traffic Manager in front of the web apps, for routing and load balancing traffic.
- Step 3: Provision MySQL. In Azure, they provision an instance of Azure Database for MySQL.
- Step 4: Migrate the database. They migrate the database using MySQL Workbench.
- Step 5: Set up GitHub. They set up a local GitHub repository for the app web sites/code.
- Step 6: Deploy the web apps. They deploy the web apps from GitHub.
Step 1: Provision Azure App Service
Contoso admins provision two web apps (one in each region) using Azure App Service.
They create a web App resource in the primary East US 2 region (osticket-eus2) from the Azure Marketplace.
They put the resource in the production resource group ContosoRG.
They create a new App Service plan in the primary region (APP-SVP-EUS2), using the standard size.
They select a Linux OS with PHP 7.0 runtime stack, which is a Docker container.
They create a second web app (osticket-cus), and Azure App Service plan for the Central US region.
Need more help?
Step 2: Set up Traffic Manager
Contoso admins set up Traffic Manager to direct inbound web requests to the web apps running on the osTicket web tier.
They create a Traffic Manager resource (osticket.trafficmanager.net) from the Azure Marketplace. They use priority routing so that East US 2 is the primary site. They place the resource in their infrastructure resource group (ContosoInfraRG). Note that Traffic Manager is global and not bound to a specific location.
Now, they configure Traffic Manager with endpoints. They add the East US 2 web app as the primary site (osticket-eus2), and the Central US app as secondary (osticket-cus).
After adding the endpoints, they can monitor them.
Need more help?
Step 3: Provision Azure Database for MySQL
Contoso admins provision a MySQL database instance in the primary East US 2 region.
In the Azure portal, they create an Azure Database for MySQL resource.
They add the name contosoosticket for the Azure database. They add the database to the production resource group ContosoRG, and specify credentials for it.
The on-premises MySQL database is version 5.7, so they select this version for compatibility. They use the default sizes, which match their database requirements.
For Backup Redundancy Options, they select to use Geo-Redundant. This option allows them to restore the database in their secondary Central US region if an outage occurs. They can only configure this option when they provision the database.
They set up connection security. In the database > Connection Security, they set up Firewall rules to allow the database to access Azure services.
They add the local workstation client IP address to the start and end IP addresses. This allows the web apps to access the MySQL database, along with the database client that's performing the migration.
Step 4: Migrate the database
Contoso admins migrate the database using backup and restore, with MySQL tools. They install MySQL Workbench, back up the database from OSTICKETMYSQL, and then restore it to Azure Database for MySQL Server.
Install MySQL Workbench
They check the prerequisites and downloads MySQL Workbench.
They install MySQL Workbench for Windows in accordance with the installation instructions. The machine on which they install must be accessible to the OSTICKETMYSQL VM, and Azure via the internet.
In MySQL Workbench, they create a MySQL connection to OSTICKETMYSQL.
They export the database as osticket, to a local self-contained file.
After the database has been backed up locally, they create a connection to the Azure Database for MySQL instance.
Now, they can import (restore) the database in the Azure Database for MySQL instance, from the self-contained file. A new schema (osticket) is created for the instance.
After data is restored, it can be queried using Workbench, and appears in the Azure portal.
Finally, they need to update the database information on the web apps. On the MySQL instance, they open Connection Strings.
In the strings list, they locate the web app settings, and select to copy them.
They open a Notepad window and paste the string into a new file, and update it to match the osticket database, MySQL instance, and credentials settings.
They can verify the server name and login from Overview in the MySQL instance in the Azure portal.
Step 5: Set up GitHub
Contoso admins create a new private GitHub repo, and sets up a connection to the osTicket database in Azure Database for MySQL. Then, they load the web app into Azure App Service.
They browse to the OsTicket software public GitHub repo, and fork it to the Contoso GitHub account.
After forking, they navigate to the include folder, and find the ost-config.php file.
The file opens in the browser and they edit it.
In the editor, they update the database details, specifically DBHOST and DBUSER.
Then they commit the changes.
For each web app (osticket-eus2 and osticket-cus), they modify the Application settings in the Azure portal.
They enter the connection string with the name osticket, and copy the string from notepad into the value area. They select MySQL in the dropdown list next to the string, and save the settings.
Step 6: Configure the web apps
As the final step in the migration process, Contoso admins configure the web apps with the osTicket web sites.
In the primary web app (osticket-eus2) they open Deployment option and set the source to GitHub.
They select the deployment options.
After setting the options, the configuration shows as pending in the Azure portal.
After the configuration is updated and the osTicket web app is loaded from GitHub to the Docket container running the Azure App Service, the site shows as Active.
They repeat the above steps for the secondary web app (osticket-cus).
After the site is configured, it's accessible via the Traffic Manager profile. The DNS name is the new location of the osTicket app. Learn more.
Contoso wants a DNS name that's easy to remember. They create an alias record (CNAME) osticket.contoso.com which points to the Traffic Manager name, in the DNS on their domain controllers.
They configure both the osticket-eus2 and osticket-cus web apps to allow the custom hostnames.
Set up autoscaling
Finally, they set up automatic scaling for the app. This ensures that as agents use the app, the app instances increase and decrease according to business needs.
In App Service APP-SRV-EUS2, they open Scale Unit.
They configure a new autoscale setting with a single rule that increases the instance count by one when the CPU percentage for the current instance is above 70% for 10 minutes.
They configure the same setting on APP-SRV-CUS to ensure that the same behavior applies if the app fails over to the secondary region. The only difference is that they set the instance limit to 1 since this is for failovers only.
Clean up after migration
With migration complete, the osTicket app is refactored to running in an Azure App Service web app with continuous delivery using a private GitHub repo. The app's running in two regions for increased resilience. The osTicket database is running in Azure database for MySQL after migration to the PaaS platform.
For clean up, Contoso needs to do the following:
- Remove the VMware VMs from the vCenter inventory.
- Remove the on-premises VMs from local backup jobs.
- Update internal documentation show new locations and IP addresses.
- Review any resources that interact with the on-premises VMs, and update any relevant settings or documentation to reflect the new configuration.
- Reconfigure monitoring to point at the osticket-trafficmanager.net URL, to track that the app is up and running.
Review the deployment
With the app now running, Contoso need to fully operationalize and secure their new infrastructure.
The Contoso security team reviewed the app to determine any security issues. They identified that the communication between the osTicket app and the MySQL database instance isn't configured for SSL. They will need to do this to ensure that database traffic can't be hacked. Learn more.
- The osTicket web apps don't contain state data and thus don't need to be backed up.
- They don't need to configure backup for the database. Azure Database for MySQL automatically creates server backups and stores. They selected to use geo-redundancy for the database, so it's resilient and production-ready. Backups can be used to restore your server to a point-in-time. Learn more.
Licensing and cost optimization
- There are no licensing issues for the PaaS deployment.
- Contoso will enable Azure Cost Management licensed by Cloudyn, a Microsoft subsidiary. It's a multicloud cost management solution that helps you use and manage Azure and other cloud resources. Learn more about Azure Cost Management.