- App (or site) – the structure that manages the code that is deployed for users.
- Instance – The Virtual Machine hosting the code. It can be in variations of memory allocation, CPU etc.
- Upgrade Domain – Collections of VMs in a given Scale Unit that are taken offline at the time of an update.
- Scale unit / Stamp – The collection of Virtual Machines in a given region.
- Region (or datacenter) – An area in the world where there is a collection of Virtual Machines managed by Microsoft. As of writing this blog, Azure is deployed in 42 regions worldwide.
- Paired Regions – Two Azure regions which within the same geography which Azure guarantees not to update simultaneously.
Well, that’s a loaded title for a blog post! But here’s the thing, we’ve been asked many times about what actually goes on behind the scenes when App Service updates the resources hosting App Service apps. First, we need to mention briefly what is App Service. App Service is a PaaS (Platform as a Service) offering that allows customers to focus on their code, rather than having to worry about managing the underlying Virtual Machines and other resources with the latest security updates, OS patches and so on. Still, those resources don’t get magically updated, do they? That is the beauty in a managed platform — we do that for our customers! App Service applies monthly updates to the resources, making sure our customers’ code is always running on the most recent security patches and OS versions available. As an example, this was extremely useful for our customers when the latest Spectre and Meltdown vulnerabilities were announced. Customers did not have to take any action because the service was updated automatically. To give some additional technical details and demystify the process, we’ll outline here what happens when the App Service updates takes place , but first we’ll go through some key concepts: