Deploy a Geo-redundant Web App behind an Azure Traffic manager using an ARM template.

This blog will guide you on how to deploy a Web App, App service plan in different geographical locations using Azure Traffic Manager to provide Geo redundancy.  I will discuss these concepts below and provide the necessary steps to achieve this .

We will familiarize ourselves with the terminology and the technologies which will be used in the blog to build out our solution:

  1. Azure APP Services
  2. Azure App Service plan
  3. App Service Editor
  4. Traffic Manager


1.Azure App Services

Azure App Service is a fully managed computing platform within the Azure environment that is optimized for hosting web apps, REST APIs, and mobile back ends. This Platform as a Service (PaaS) offereing allows you to focus on the app content side of things while Azure takes care of the infrastructure to run and scale your applications.

Azure App Services offers different pricing tiers to suit your needs

Free planUse this offering to implement a proof-of-concept
Shared planThis option is suitable for basic Web applications or static websites
Basic planUse this option for development/test environments
Standard planUse this option for Web and mobile applications in the production environment
Premium planThis is the recommended option for enterprise scale and integration
Isolated planThe Isolated service plan is designed to run mission-critical workloads that are required to run in a virtual network. The Isolated plan allows customers to run their apps in a private, dedicated environment in Azure


2. Azure App Service plan

An App Service plan is a set of physical resources and capacity available to deploy App Service apps. Web apps, mobile apps, and API apps hosted in Azure App Service, as well as Azure Functions, all run in an App Service plan. While you can deploy an unlimited number of applications into an App Service plan, the number you use greatly depends on the types of applications deployed and their required resources in CPU utilization.

An App Service Plan, at a very high level is the container in which web applications run. It is used to determine the resources available to your application and their boundary. There are a few categories of pricing tiers:


Compute TierOffering
Shared ComputeFree and Shared, the two base tiers, runs an app on the same Azure VM as other App Service apps, including apps of other customers. These tiers allocate CPU quotas to each app that runs on the shared resources, and the resources cannot scale out
Dedicated computeThe Basic, Standard, Premium, and PremiumV2 tiers run apps on dedicated Azure VMs. Only apps in the same App Service plan share the same compute resources. The higher the tier, the more VM instances are available to you for scale-out
IsolatedThis tier runs dedicated Azure VMs on dedicated Azure Virtual Networks, which provides network isolation on top of compute isolation to your apps
ConsumptionThis tier is only available to function apps. It scales the functions dynamically depending on workload. For more information, see Azure Functions hosting plans comparison


3.App Service Editor

App Service Editor is a web-based editor for App Service. This is great tool for deploying websites and editing HTML, CSS, JavaScript, jQuery, Angular JS or any client-side scripting effectively. Also, any edits to the file are auto saved and changes are reflected on the fly to the App service URL.


4.Traffic Manager

Azure Traffic Manager is a DNS-based traffic load balancer that enables you to distribute traffic optimally to services across global Azure regions, while providing high availability and responsiveness. The high availability works by monitoring the internet facing endpoints.

Traffic Manager uses DNS to direct client requests to the most appropriate service endpoint based on a traffic-routing method and the health of the endpoints. Traffic Manager provides a range of traffic-routing methods and endpoint monitoring options to suit different application needs and automatic failover models.

Azure Traffic Manager supports six traffic-routing methods to determine how to route network traffic to the various service endpoints. The following traffic routing methods are available in Traffic Manager


Routing MethodsDescription
PrioritySelect this method when you want to use a primary service endpoint for all traffic and provide backups in case the primary or the backup endpoints are unavailable
WeightedSelect this option when you want to distribute traffic across a set of endpoints, either evenly or according to weights, which you define on the profile
PerformanceSelect this option, when you have endpoints in different geographic locations, and you want end users to use the “closest” endpoint in terms of the lowest network latency
GeographicSelect this option, so that users are directed to specific endpoints (Azure, External, or Nested) based on which geographic location their DNS query originates from. This empowers Traffic Manager customers to enable scenarios where knowing a user’s geographic region and routing them based on that is important
Multi-valueSelect it for Traffic Manager profiles that can only have IPv4/IPv6 addresses as endpoints. When a query is received for this profile, all healthy endpoints are returned.

NOTE: At the time of writing, this method is supported only for external endpoints

SubnetThis traffic-routing method maps set of end-user IP address ranges to a specific endpoint within a Traffic Manager profile. When a request is received, the endpoint returned will be the one mapped for that request’s source IP address. This method is supported for public IP address as target

There are several ways you can create a web app including

  • Azure portal
  • Azure CLI
  • ARM Template
  • From an Integrated Development Environment) (IDE)

We will use an ARM Template to deploy our solution because it is a simple way to include all components in one go.


The template below will deploy an Azure App Service plan in two different locations (Australia East and Southeast Asia) in an array. The Array in the ARM template will be deployed based on the input location defined in template.

The ARM Template has three resources:

  • Azure APP Service Plan (Microsoft.Web/serverfarms)
  • Azure Web App (Microsoft.Web/sites)
  • Azure Traffic Manager (Microsoft.Network/trafficManagerProfiles)

Modify these settings in the ARM template to suit your needs:

  1. Add additional locations in the parameters section under If you add more locations, add endpoints in Traffic manager resources
  2. Choose App service plan in the parameters section farnSkuName
  3. Choose web app name in the parameters section webAppNamePrefix

The ARM template below is based on the web app deployed in two locations.

“$schema”: “”,
“contentVersion”: “”,
“parameters”: {
“webAppNamePrefix”: {
“type”: “string”,
“minLength”: 1,
“defaultValue”: “kloudwebapp”
“farmSkuName”: {
“type”: “string”,
“defaultValue”: “S1”,
“allowedValues”: [
“metadata”: {
“description”: “Describes plan’s pricing tier and capacity. Check details at”
“webAppLocations”: {
“type”: “array”,
“defaultValue”: [ “Australia east”, “Southeast Asia” ]
“variables”: {
“resources”: [
“name”: “[concat(parameters(‘webAppNamePrefix’),’-‘,copyIndex())]”,
“type”: “Microsoft.Web/serverfarms”,
“location”: “[parameters(‘webAppLocations’)[copyIndex()]]”,
“apiVersion”: “2015-08-01”,
“copy”: {
“count”: “[length(parameters(‘webAppLocations’))]”,
“name”: “farmCopy”
“sku”: {
“name”: “[parameters(‘farmSkuName’)]”
“dependsOn”: [],
“tags”: { },
“properties”: {
“name”: “[concat(parameters(‘webAppNamePrefix’),’-‘,copyIndex())]”,
“numberOfWorkers”: 1
“name”: “[concat(parameters(‘webAppNamePrefix’),’-site-‘,copyIndex())]”,
“type”: “Microsoft.Web/sites”,
“location”: “[parameters(‘webAppLocations’)[copyIndex()]]”,
“apiVersion”: “2015-08-01”,
“copy”: {
“count”: “[length(parameters(‘webAppLocations’))]”,
“name”: “siteCopy”
“dependsOn”: [
“tags”: {},
“properties”: {
“name”: “[concat(parameters(‘webAppNamePrefix’),’-site-‘,copyIndex())]”,
“serverFarmId”: “[resourceId(‘Microsoft.Web/serverfarms’, concat(parameters(‘webAppNamePrefix’),’-‘,copyIndex()))]”
“name”: “[concat(parameters(‘webAppNamePrefix’),’-tm-‘,uniqueString(resourceGroup().id))]”,
“type”: “Microsoft.Network/trafficManagerProfiles”,
“apiVersion”: “2015-11-01”,
“location”: “global”,
“dependsOn”: [
“properties”: {
“profileStatus”: “Enabled”,
“trafficRoutingMethod”: “Performance”,
“dnsConfig”: {
“relativeName”: “[concat(parameters(‘webAppNamePrefix’),’-tm-‘,uniqueString(resourceGroup().id))]”,
“ttl”: 30
“monitorConfig”: {
“protocol”: “HTTP”,
“port”: 80,
“path”: “/”
“endpoints”: [
“name”: “[concat(parameters(‘webAppNamePrefix’),’-endpoint-‘,’0’)]”,
“type”: “Microsoft.Network/trafficManagerProfiles/azureEndpoints”,
“properties”: {
“targetResourceId”: “[resourceId(‘Microsoft.Web/sites/’,concat(parameters(‘webAppNamePrefix’),’-site-‘,’0’))]”,
“endpointStatus”: “Enabled”
“name”: “[concat(parameters(‘webAppNamePrefix’),’-endpoint-‘,’1’)]”,
“type”: “Microsoft.Network/trafficManagerProfiles/azureEndpoints”,
“properties”: {
“targetResourceId”: “[resourceId(‘Microsoft.Web/sites/’,concat(parameters(‘webAppNamePrefix’),’-site-‘,’1’))]”,
“endpointStatus”: “Enabled”
“outputs”: {

Deploy ARM Template

Deploying Azure resource by ARM template has different ways and we will use PowerShell method. To deploy a template, typically need two steps:

  • Create a resource group. Resource group serves as the container for the deployed resources.
  • Deploy a template. The template defines the resources to create. The deployment creates the resources in the resource group specified.

Prerequisites: Need to install Azure PowerShell and connect to Azure. I am using new Azure PowerShell Az module. you can use Azurerm Powershell module to deploy.

  • Install Azure PowerShell cmdlets on your local computer.
  • Connect to Azure by using Connect-AZAccount. If you have multiple Azure subscriptions, you might also need to run Set-AzContext.
  • Download and save this template. The local file name used in this article is c:\MyTemplates\azuredeploy.json.

New-AzResourceGroupDeployment -ResourceGroupName $resourceGroupName -TemplateFile c:\MyTemplates\azuredeploy.json (modify resource group name as needed and template file location)


After deployment, verify your web app, traffic manager resources are available in the selected resource group.

Edit your Web App to deploy a your website:

  • In the Azure portal, under App Services, select the App service that we just deployed using the ARM template
  • Under the selected App Service, Under Development Tools Section, select App Service Editor
  • Click Go to open the editor.
  • Rename heading.html to index.html
  • Replace the content on the right side with some HTML for your website. You will see that the content is automatically saved.
  • At the top right click the preview button to see the content of your website
  • Repeat this step for other web app deployed in the second App service and change the website <body> content to reflect the geographical location
  • Again, click the preview button in the top right to verify the new content and new name


Testing Azure Traffic Manager

Azure Traffic Manager supports probing over both HTTPS and HTTP. For this testing, our traffic manager is configured to use HTTP.

        • In the Azure portal, select Resource Groups.
        • Then select the Traffic Manager profile name that was created using the ARM template
        • On the traffic manager profile , click Overview to see the DNS name of your newly created Traffic Manager profile. In my example, it says:
        • Under Settings – > Configuration -> observe the settings for the traffic manager via the ARM template
        • Note the routing method, protocol and path.

      Testing Performance routing method

        • On your browser, enter the above traffic manager URL. We will witness the Sydney azure web site page, since we’re based in Australia and the routing method is set to performance. 
        • Now, stop the Azure web app in the Sydney location
        • On your browser, wait a few seconds and  press F5 to refresh the URL
        • Since we have routing method set to “performance” and Sydney location web app id down, we are routed to the web site hosted in Singapore

Testing weighted routing method

  • Start the Sydney web app which we stopped in the previous step
  • Now, change the traffic manager routing method to weighted
  • Change the weight priority on one endpoint (Sydney location) to 10. The weight is an integer from 1 to 1,000. The higher the weight value assigned to an endpoint, the higher its priority.
  • Since the higher weightage is allocated to Web app in Sydney, we should view Sydney page by hitting traffic manager in browser.

Testing Priority routing method

  • When you select the Priority traffic routing method, the order of the selected endpoints matters. Verify the priority order of endpoints. The primary endpoint is on top. All requests will be routed to the first endpoint and if Traffic Manager detects it to be unhealthy, the traffic automatically fails over to the next endpoint.
  • Select the Traffic Manager profile blade and verify that both the cloud services and websites that you want to include in your configuration are present.
  • In the Settings section, click Configuration -> Configuration blade -> traffic routing method settings, select the traffic routing method as Priority and click save.
  • In the Endpoints blade, review the priority order for your endpoints. Double check on the order it is displayed.
  • To change the endpoint priority order, click the endpoint, and in the Endpoint blade that is displayed, click Edit and change the Priority value as needed. Click Save to save change the endpoint settings.
  • In our example, I have set Singapore web app (#1) as priority.
  • On your browser, enter the above traffic manager URL. Singapore website should be loaded.


Testing Geographic routing method

  • The Geographic traffic routing method allows you to direct traffic to specific endpoints based on the geographic location where the requests originate.
  • Since endpoints of traffic manager endpoints has no geo mapping list is added and if we try to change traffic manager profile to geographic options, it will be error.
  • we need to re-create endpoints with geo-mapping list.
  • Add endpoint of app service of each geographic location with list of countries to be grouped. We select each country or select Asia or Africa or Europe.
  • Since I am working from Melbourne and on your browser, enter the above traffic manager URL. Sydney website should be loaded.
  • We could not test subnet and multi-value method, due to limitation.

I hope you found this blog useful to the understand concepts of Azure web app with Azure traffic manager and app service editor and deploying these resources using an ARM template


Step-by-step: Using Azure DevOps Services to deploy ARM templates with CI/ CD – Part 2

In this blog (Part 2), I take you through on Enabling Continuous Integration (CI) / Continuous Deployment (CD), for the project created on Part 1.

To re-cap, I have made this entire post into two parts for easier understanding and we will focus on Part 2 here:

Part 1- Creating your first project in Azure DevOps (
Part 2 – Enabling the first project in Azure DevOps for Continuous Integration (CI) / Continuous Deployment (CD).

Enabling the first project in Azure DevOps for Continuous Integration

    • Now, the next step is to enable continuous integration. Which will keep your build updated based on your changes on project / ARM templates.
    • Select Builds on the left pane and click pipeline, which you have created. Click on Edit.
    • Click on Triggers and select Enable continuous integration. Click on Save.
    • Provide your comment and save.
    • Now if you make a change on your template and push it. The deployment will happen automatically.
    • From within Visual Studio click on the Code tab and edit Azuredeploy.json file.
    • Add storage account to the project and provide name.
    • Click Commit when done and push the code. (Please refer part 1 for this activity).
    • The deployment will happen automatically due to Continuous Integration and deployment.
    • Verify storage account has been created on your azure tenant.

Enabling the first project in Azure DevOps for Continuous Deployment

To perform continuous deployment, need to copy the files and publish to artifact.

An artifact is a deployable component of your application. It is typically produced through a Continuous Integration or a build pipeline. This means, Code once and share packages across different stages / environment (Dev, Test, UAT & Prod).

  • Go to the Pipelines tab, and then select Builds and click on edit.
  • Click on + item on Agent Job
  • On the new pane, select Copy files and click ADD. 
  • On the left pane, select copy files to: and fill required information:
    • Provide name for task
    • Select folder as: Azure template folder.
    • Provide target folder.
  • Next, we need to publish the Artifact.
  • Click on + item on Agent Job
  • On the new pane, select publish build Artifact and click ADD.
  • On the left pane, select Publish Build Artifacts: and fill required information:
    • Provide name.
    • Select path to publish.
    • Provide publish location
  • click Save.

Create a release pipeline

A release pipeline is one of the fundamental concepts in Azure Pipelines for your DevOps CI/CD processes. It defines the end-to-end release pipeline for an application to be deployed across various stages.

      • Select the action to create a New pipeline. Then select Create a release pipeline.
      • Select the action to start with an Empty job. Name the stage Stage1 (Test).
      • In the Artifact panel, select + Add and specify a Source (Build pipeline created earlier on this). Select Add.
      • To enable the Continuous deployment trigger, click on Lightning bolt to trigger continuous deployment. You can specify any scheduled time for this deployment. 
      • Select the Tasks tab and select your Stage1 (Test) Select the plus sign (+) for the job to add a task to the job.
      • On the Add tasks dialog box, select deploy and click on Azure Resource Group deployment and click ADD.
      • On the left pane, select Azure Deployment: Create or Update Resource Group action on:Select Azure Subscription and click on Authorize.
      • Select your resource group on your Azure subscription and location.
      • The template location will be linked artefact.
      • Select your template file (azuredeploy.json) from selection menu.
      • Select your template parameter file (azuredeploy.parameters.json) from selection menu.
      • Deployment mode: complete.
      • On the Pipeline tab, select the stage (Stage1 (Test)) and select Clone.
      • Rename the cloned stage (Stage1 (PROD)).
        • Note: If needed you can change your Azure subscription details by editing this stage.
      • Rename the release pipeline with appropriate.
      • Save the release pipeline.

Deploy a release

  • To run the Azure template on each stage, you can create a release or make a scheduled trigger.
  • Select release and click on Create a release.
  • Select which stage needs to be have conditions before deployment,  in my case production deployment (Stage (PROD)) .
  • Click pre- deployment conditions on Prod stage. select After stage of Stage 1 (Test).
  • Click on create.
  • The release we have created will be deploying and you can check the resource on Azure or verify the logs.
  • If you need to perform multiple deploy, select pipeline and click on deploy, choose multiple deploy options.
  • After this production stage will have resourced mentioned on ARM template.

Notes: Approvals and gates give you additional control over the start and completion of the deployment pipeline. Each stage in a release pipeline can be configured with pre-deployment and post-deployment conditions that can include waiting for users to manually approve or reject deployments and checking with other automated systems until specific conditions are verified.

In addition, you can configure a manual intervention to pause the deployment pipeline and prompt users to carry out manual tasks, then resume or reject the deployment.


This is end of this series, Azure DevOps Services to deploy ARM templates with CI/ CD. Please feel free to post your comments.

Step-by-step: Using Azure DevOps Services to deploy ARM templates with CI/ CD – Part 1

In this blog, we will see how to get started with Azure DevOps for an Infrastructure background person.

We will familiarize ourselves with deploying your Azure resources with ARM templates by using Azure DevOps with Continuous Integration (CI) and Continuous Deployment (CD).

I have made this entire post into two parts for easier understanding:

Part 1: Creating your first project in Azure DevOps

Part 2: Enabling the first project in Azure DevOps for Continuous Integration (CI) / Continuous Deployment (CD).

This article will focus on Part 1. The things needed to make this successful include:

        1. Visual Studio software (Free edition)  – you can get this from website:
        2. Azure Subscription access. If not, you can create a free azure account.
        3. An account in Visual Studio. if you don`t have one create a new account by signing into and enabling Azure DevOps service. 
        4. Click on Azure DevOps and select sign in.
        5. Once you sign in with your Microsoft account, click continue.
  1. Creating the first project in Azure DevOps:When you log into Azure DevOps( for first time with your MSDN/ Microsoft account.
    • Now, click on New project and provide name (Eg: Firstproject) & add a Description for project.
    • Select visibility options: Private (with this setting, only you can access the content. You can provide access to people who can able to view this project.)
    • Under Firstproject , Click on Repos.
    • Since the project folder is empty, we need to create a new file. We can use Visual studio for creating it and click on clone in Visual studio options:

      • Visual studio software will open its console.
      • Provide your Microsoft account credentials, which has been used for Azure DevOps and Azure account.
      • The project needs to be cloned on local disk. Click on clone.
      • This will pop-up for Azure DevOps credentials.
      • This may result in authentication failed or fatal error. To resolve this, follow below steps:
      • In Visual studio, select team explorer and select manage connections and click connect to project.
      • Select your user id for Azure DevOps and provide credentials. Then your Project (First project) will be listed for connect.
      • Now you will get clone options:
      • On Team Explorer view, click on Create a new project or solution in this repository.
      • Select Installed -> cloud and Azure Resource group

      • Select Blank template for deployment.

    • Select solution explorer view on Visual Studio
    • Select AzureResourceGroup and click on Azuredeploy.json
    • Click on Resources on Json outline and select virtual network for deployment. provide name for vnet : eg   firstnetwork01

  • On the bottom of Visual Studio, you find the number of changes icon has been performed to it. Click on it for commit changes.
    • Provide comments for commit and select commit all.

    • The change has been committed locally and we need to push the changes to Azure DevOps project file. Click on sync for change.

  • Click on push for changes to cloud (Azure DevOps).
  • Now, go back to Azure DevOps portal and select your project (First project) and select repos.
  • You will able to find your AzureResourceGroup, which you created on Visual Studio will be available.
  • Click on Azuredeploy.json file to verify your file.
    1. Enabling deployment of ARM Template in Azure DevOps:
  • Log on Azure DevOps portal and open Firstproject (your project name), then click on Builds.
  • On the new page, click on New Pipeline. Select “Use the visual designer to create a pipeline without YAML”.
  • Ensure your project & repository is selected and click on continue.
  • Select “Start with an Empty Job”
  • Click on + item on Agent Job.
  • On the new pane, select deploy and click on Azure Resource Group deployment and click ADD.
  • On the left pane, select Azure Deployment: Create or Update Resource Group action on
  • Select Azure Subscription and click on Authorize.
  • Select your resource group on your Azure subscription and location.
  • The template location will be linked artefact.
  • Select your template file (azuredeploy.json) from the selection menu.
  • Select your template parameter file (azuredeploy.parameters.json) from the selection menu.
  • Deployment mode: complete.
  • Click save and queue and provide your comment on the file changes.
  • After it  has saved, the build operation will commences deployment  on your Azure tenant.
  • You can view the deployment logs from the Azure DevOps portal. In addition, you will receive an email (email which has been used for Azure DevOps account) with deployment status.
  • Verify your network (Azure Resource which we added on ARM template) has been created on Azure tenant.
  1. This concludes Part 1 creating and deploying  ARM templates with Azure DevOps.
  2. In Part-2, I take you through on enabling Continuous Integration (CI) / Continuous Deployment (CD).
Follow Us!

Kloud Solutions Blog - Follow Us!