App Services VNet Support

Kevon Hayes 21 Reputation points
2022-05-14T23:13:31.977+00:00

Since App Services contains the inbound and outbound IPs the Azure backbone uses to map the App Service to the actual VM it's hosted on in the Azure data center, shouldn't it be possible to use multihoming to afford App Services the same VNet, NSG, route table, and subnet(s) configuration as VMs have?

Especially if my goal is to reduce server maintenance and not worry about patching VMs, etc., it would be nice if Azure afforded a way to do this without having to use ASE, VMs, or AKS.

If App Service migration and creating a new App Service Plan is necessary to get this functionality, that would be a tradeoff I'd be willing to make. ASE is nice but very expensive. App service access restrictions is ok but seems disjointed for the aforementioned configuration norm.

Is this possible?

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,818 questions
0 comments
Accepted answer
  1. ajkuma 22,081 Reputation points Microsoft Employee
    2022-05-18T20:32:07.56+00:00

    @Kevon Hayes , summarizing the answer to benefit the community:

    All the roles in an App Service deployment exist in a multi-tenant network. "Because there are many different customers in the same App Service scale unit, you can't connect the App Service network directly to your network." Reference - Networking Restrictions/Considerations

    Thanks for your cooperation!

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. ajkuma 22,081 Reputation points Microsoft Employee
    2022-05-17T19:40:05.113+00:00

    KevonHayes-3427, Apologies for the delay from over the weekend. Thanks for the great question.

    1/2:

    Firstly, in regard to your point on patching App Service hosts – App Service being a PaaS (Platform as a Service) offering users are only required to focus on their code, and not to worry about managing the underlying Virtual Machines and other resources with the latest security updates, OS patches and so on.

    App Service applies monthly updates to the resources, making sure our customers’ code is always running on the most recent security patches and OS versions available.

    App Service update cycle:

    Before beginning worldwide updates, we deploy first to a private region which is not commonly accessible. Only after testing is validated there, we begin to roll out to datacenters across the globe. Our typical time for completing updates worldwide is about 10 business days, which allows us to deploy during each region’s off hours and also avoid deploying to Paired Regions at the same time (for example, East US and West US).

    Kindly check these docs for more info:
    The magic behind App Service OS updates

    How and when are OS updates applied?

    1 person found this answer helpful.