Microsoft has shared the source code and the documentation for the Reliable Web App pattern, a set of best practices that help on-premise web application developers create secure, reliable and cost-optimised cloud applications in Azure with minimal changes.

The pattern leverages the Azure Well-Architected Framework, a set of guidelines to improve the quality of a cloud workload. The Reliable Web App pattern applies that framework in such a way as to enable developers to make minimal changes to the core line-of-business application code. There are clear guidelines for the entire pattern that targets enterprise developers tasked with migrating their existing applications to Azure.

The pattern is implemented in a reference application. The application is an internal, employee-facing ticket purchase application for a fictitious company called Relecloud. The application was initially developed for on-premise deployment. Microsoft has shared the architecture documentation, a production-ready source code and six learning videos to shorten the learning time for the developers.

The Reliable Web App pattern architecture diagram

The Reliable Web App pattern achieves resiliency using the retry and circuit-breaker design patterns. The retry capabilities leverage Azure SDK built-in mechanisms and the Polly transient fault handling library for custom code retries. The circuit-breaker pattern, which handles the faults which are not transient, is also implemented with the Polly library.

To improve performance, the Reliable Web App pattern mandates the use of caching mechanisms. The recommended approach is to use the Cache-Aside design pattern with Azure Cache for Redis service. The reference application also includes a locally distributed memory cache-aside implementation for cost and complexity reduction.

In the blog post for the pattern release, Madhusudana B.S comments that cache-aside patterns are not sufficient and that the developers should also take steps to prevent Cache Stampede, when concurrent requests miss the cache and overwhelm the underlying data store. Jody Donetti suggests libraries such as LazyCache, CacheTower or his own FusionCache.

The Reliable Web App pattern includes cost-optimisation measures such as automatic scaling, single cache source and right-sized Azure services. The Infrastructure-as-Code (IaC) of the pattern uses Bicep templates with parameters to further customise the cost and the configuration of the reference implementation. The environments are deployed using GitHub actions, implementing the Repeatable Infrastructure tenet of the Azure Well-Architected framework.

The pattern also aims to address security in the cloud. The prescription is to use managed Azure identities for the web application to communicate with the rest of the Azure services, with the least-permissions-needed authorisation policy. Furthermore, managed identities allow for a traceable and auditable way of accessing Azure resources. When managed identities are not supported, using a central secrets repository such as Azure Key Vault is recommended.

For ingress, a web application firewall (WAF) protects against bot attacks and security probings. The Reliable Web App pattern leverages Azure Front Door service for this purpose.