- Rahul Neelakantan
Serverless functions are the new fad, and you don't have to worry about assigning a server, handling the load, patching your server to the latest updates, etc. Instead, everything is taken care of by the cloud provider. So we need to concentrate on creating the functions which will be autoscaled and provisioned by the cloud provider.
Azure Function is a serverless service that Microsoft has created in a competition of lambda functions by Amazon Web Services.
Table of Contents
- Explain Azure Functions?
- What are the languages supported by Azure Functions?
- Explain about Azure Arc Function App?
- Explain more about Azure Functions Best Practices?
- Explain about connection limit in Azure Functions?
- How to avoid connection limits in Azure Functions?
- Do you require a storage account for creating Azure Functions App?
- What are the best practices for handling Errors in Azure Functions?
- List out the retry strategies for Azure Functions?
- How do you make sure that your Azure Functions are secure?
- What are the different types of Authorization scopes for Azure Functions?
- What is Master Key in Azure Functions?
- How to Organize functions by privilege in Azure Functions?
- How to handle CORS requests to Azure Functions?
- What are the types of runtime versions for Azure Functions?
- What do you mean by Cold Start in Azure Functions?’
- How to avoid Cold Start in Azure Functions?
- What is the purpose of scale controller in Azure Functions?
- What is the max limit for scale-out in Azure Functions?
- Explain the differences between Consumption/Premium/Dedicated Azure function plans?
- Which operation system hosting is supported for Azure functions?
- What are Durable Azure Functions?
- What is Azure WebJobs?
- What are the different types of Durable Azure Functions?
- What do you mean by Orchestrator Azure Functions?
- What are the challenges of event streams in distributed systems?
- What is a Trigger for Azure Function?
- What do you mean by Binding in Azure Functions?
- What is Binding Direction in Azure Functions?
- How to create custom bindings for Azure Functions?
- Can you explain more about Azure Function Consumption Plan costs?
- What do we mean by Azure Function Proxies?
- Can we place the Azure Function App (Consumption Plan) in Virtual Network?
- Can we restrict specific IP addresses from accessing the Azure Functions?
- What do you mean by Azure Functions Custom Handlers?
- What are the authentication providers for Azure Function App?
- Do Azure Functions support JWT Bearer Tokens by default?
- Can we rename an Azure Function once created?
- What do you mean by system-assigned identity for Azure Function App?
- What is user-assigned identify for Azure Function App?
- How do we test Azure Functions locally?
Explain Azure Functions?
Azure Functions is a cloud service available on-demand that provides all the continually updated infrastructure and resources needed to run your applications. In addition, functions provide serverless compute for Azure. You can use Functions to build web APIs, respond to database changes, process IoT streams, manage message queues, and more.
What are the languages supported by Azure Functions?
Azure Functions support many of the major languages like below. In addition, Azure keeps adding new languages based on popularity, etc.
Explain about Azure Arc Function App?
Azure Arc simplifies governance and management by delivering a consistent multi-cloud and on-premises management platform. We can create an Azure Arc Function App and deploy it to an Arc-Enabled Kubernetes Cluster.
Explain more about Azure Functions Best Practices?
- Avoid long-running functions
- Use queues for Cross function communication
- Write functions to be stateless
- Write defensive functions, so make your functions idempotent.
Explain about connection limit in Azure Functions?
Functions in a function app share resources. Among those shared resources are HTTP connections, database connections, and connections to services such as Azure Storage. When many functions are running concurrently in a Consumption plan, it’s possible to run out of available connections.
One of the restrictions that the sandbox imposes on your code is outbound connections, which are currently 600 active (1,200 total) connections per instance.
How to avoid connection limits in Azure Functions?
To avoid holding more connections than necessary, reuse client instances rather than creating new ones with each function invocation.
- Do not create a new client with every function invocation.
- To create a single, static client that every function invocation can use.
- Consider creating a single, static client in a shared helper class if different functions use the same service.
Do you require a storage account for creating Azure Functions App?
Azure Functions requires an Azure Storage account when you create a function app instance.
When creating a function app, you must create or link to a general-purpose Azure Storage account that supports Blob, Queue, and Table storage.
The blob-only storage accounts and Azure Premium Storage don’t support queues and tables. Therefore, Azure Functions App doesn’t work with these accounts.
For best performance, your function app should use a storage account in the same region, which reduces latency.
What are the best practices for handling Errors in Azure Functions?
- Enable Application Insights
- Use structured error handling
- Design for idempotency
- Implement retry policies (Wherever appropriate)
List out the retry strategies for Azure Functions?
- fixedDelay – A specified amount of time is allowed to elapse between each retry,
- exponentialBackoff – The first retry waits for the minimum delay. On subsequent retries, time is added exponentially to the initial duration for each retry until the maximum delay is reached. Exponential back-off adds some slight randomization to delays to stagger retries in high-throughput scenarios.
How do you make sure that your Azure Functions are secure?
- Security Center – Security Center integrates with your Function App in the portal. It provides, for free, a quick assessment of potential configuration-related security vulnerabilities.
- Log and monitor – Functions integrates with Application Insights to collect your function app’s log, performance, and error data. Application Insights automatically detects performance anomalies and includes powerful analytics tools to help you diagnose issues and understand how your functions are used.
- Require HTTPS – By default, clients can connect to function endpoints by using both HTTP and HTTPS. However, it would help redirect HTTP to HTTPS because HTTPS uses the SSL/TLS protocol to provide a secure connection, both encrypted and authenticated.
- Function access keys – Functions lets you use keys to make it harder to access your HTTP function endpoints during development. It is not a good practice to distribute shared secrets in public apps. If your Function is being called from a public client, you may want to consider implementing another security mechanism.
- Setting Authorization scopes to function level.
What are the different types of Authorization scopes for Azure Functions?
- Function: These keys apply only to the specific functions under which they are defined. When used as an API key, these only allow access to that Function.
- Host: Keys with a host scope can be used to access all functions within the function app. When used as an API key, these allow access to any function within the function app.
What is Master Key in Azure Functions?
Each function app also has an admin-level host key named _master. In addition to providing host-level access to all functions in the App, the master key also provides administrative access to the runtime REST APIs. This key cannot be revoked. When you set an admin access level, requests must use the master key, any other key results in an access failure.
How to Organize functions by privilege in Azure Functions?
Connection strings and other credentials stored in application settings give all the App functions the same set of permissions in the associated resource. Consider minimizing the number of functions with access to specific credentials by moving functions that don’t use those credentials to a separate function app. Of course, you can always use techniques such as function chaining to pass data between functions in different function apps.
How to handle CORS requests to Azure Functions?
Cross-origin resource sharing (CORS) is a way to allow web apps running in another domain to make requests to your HTTP trigger endpoints. App Service provides built-in support for handing the required CORS headers in HTTP requests. CORS rules are defined on a function app level.
What are the types of runtime versions for Azure Functions?
We have 3 versions 1.x, 2.x & 3.x. By default, Azure Function App created using the portal would be based on the latest versions 3.x.
We can downgrade to 1.x or 2.x, but downgrading to 1.x is allowed only before you add any functions to the App. Also, moving between 2.x & 3.x is allowed, but we’ll need to take care of breaking changes between the two versions.
When possible, you should always run your apps on the latest supported version of the Functions runtime.
What do you mean by Cold Start in Azure Functions?’
After your function app has been idle for several minutes, the platform may scale the number of instances on which your App runs down to zero. The subsequent request has the added latency of scaling from zero to one. This latency is referred to as a cold start. The number of dependencies required by your function app can impact the cold start time. Cold start is more of an issue for synchronous operations, such as HTTP triggers that must return a response.
How to avoid Cold Start in Azure Functions?
If cold starts impact your functions, consider running in a Premium or dedicated plan with the Always-on setting enabled.
What is the purpose of scale controller in Azure Functions?
Scale controller monitors the rate of events and determines whether to scale out or scale in. The scale controller uses heuristics for each trigger type. For example, using an Azure Queue storage trigger scales based on the queue length and the age of the oldest queue message.
What is the max limit for scale-out in Azure Functions?
The consumption plan is around 200 instances, whereas, for the premium plan, it’s 100 instances.
Explain the differences between Consumption/Premium/Dedicated Azure function plans?
|Max of 200 instances in parallel possible.||Max of 100 instances in parallel possible.||There is no hard limit, and it depends on the App Service Plan & instances of it.|
|Max execution time of 10 mins||Unlimited||Unlimited|
|Cold Start Possible||Perpetually warm instances to avoid any Cold start.|
The Functions host can run continuously, which means that a Cold start isn’t an issue.
|Billed as the amount of memory & CPU time consumed|
Billing on the number of core seconds and memory allocated across instances. There is no execution charge with the Premium plan.
The billing only depends on the App Service Plan on which the Function App is being executed.
Which operation system hosting is supported for Azure functions?
What are Durable Azure Functions?
Durable Function is an extension of Azure Functions that lets you write stateful functions in a serverless compute environment. The extension enables you to define stateful workflows by writing orchestrator functions and stateful entities by writing entity functions using the Azure Functions programming model. Behind the scenes, the extension manages state, checkpoints, and restarts for you, allowing you to focus on your business logic.
What is Azure WebJobs?
WebJobs is a feature of Azure App Service that enables you to run a program or script in the same instance. There is no additional cost to use WebJobs.
What are the different types of Durable Azure Functions?
What do you mean by Orchestrator Azure Functions?
What are the challenges of event streams in distributed systems?
- If event publisher sends a corrupt event? With queues, reliable messaging comes naturally. When paired with a Functions trigger, the Function creates a lock on the queue message. If the processing fails, the lock is released to allow another instance to retry processing. Processing then continues until either the message is evaluated successfully or added to a poison queue.
- If your Functions instance encounters unhandled exceptions? When errors occur in a stream, if you decide to keep the pointer in the same spot, event processing is blocked until the pointer is advanced, or you can send the message or event to another queue where you can handle it later.
What is a Trigger for Azure Function?
Triggers are what cause a function to run. A trigger defines how a function is invoked, and a function must have precisely one trigger. In addition, triggers have associated data, which is often provided as the payload of the Function.
What do you mean by Binding in Azure Functions?
Binding to a function is a way of declaratively connecting another resource to the Function; bindings may be connected as input bindings, output bindings, or both. Data from bindings are provided to the Function as parameters.
You can mix and match different bindings to suit your needs. Bindings are optional, and a function might have one or multiple inputs, along with output bindings.
What is Binding Direction in Azure Functions?
All triggers and bindings have a direction property in the function.json file:
- For triggers, the direction is always in
- Input and output bindings used in and out
- Some bindings support a special direction inout. If you use inout, only the Advanced editor is available via the Integrate tab in the portal.
How to create custom bindings for Azure Functions?
You can create custom input and output bindings. Bindings must be authored in .NET but can be consumed from any supported language. For more information about creating custom bindings, see Creating custom input and output bindings.
Can you explain more about Azure Function Consumption Plan costs?
The execution cost of single-function execution is measured in GB-seconds. Execution cost is calculated by combining its memory usage with its execution time. A function that runs for longer costs more, as does a function that consumes more memory.
Say that your Function consumed 0.5 GB for 3 seconds. Then the execution cost is 0.5GB * 3s = 1.5 GB-seconds. Memory usage is rounded up to the nearest 128-MB bucket. When your process is using 160 MB, you’re charged for 256 MB.
What do we mean by Azure Function Proxies?
With this feature, you can specify endpoints on your Function App that are implemented by another resource. You can use these proxies to break a large API into multiple function apps (as in a microservice architecture) while still presenting a single API surface for clients.
Can we place the Azure Function App (Consumption Plan) in Virtual Network?
No, we cannot place it in Virtual Network. If we need this feature, we might have to go with Premium or Dedicated Plan, etc.
Can we restrict specific IP addresses from accessing the Azure Functions?
You can use access restrictions to define a priority-ordered list of IP addresses allowed or denied access to your App. The list can include IPv4 and IPv6 addresses or specific virtual network subnets using service endpoints. When there are one or more entries, an implicit “deny all” exists at the end of the list. IP restrictions work with all function-hosting options.
What do you mean by Azure Functions Custom Handlers?
Every Functions App is executed by a language-specific handler. While Azure Functions features many language handlers by default, there are cases where you may want to use other languages or runtimes.
Custom handlers are lightweight web servers that receive events from the Functions host. Any language that supports HTTP primitives can implement a custom handler.
What are the authentication providers for Azure Function App?
Azure Function App, like any Azure Web App Service, can be integrated with multiple Authentication providers like:
- Azure AD
Do Azure Functions support JWT Bearer Tokens by default?
JWT Bearer tokens in Azure Functions are not supported per default. You need to implement the authorization and access token validation yourself.
Can we rename an Azure Function once created?
Yes, we can rename it but would need to restart the Function for it to appear.
What do you mean by system-assigned identity for Azure Function App?
A system-assigned identity is tied to your application and is deleted if your App is deleted. An app can only have one system-assigned identity.
What is user-assigned identify for Azure Function App?
A user-assigned identity is a standalone Azure resource that can be assigned to your App. An app can have multiple user-assigned identities.
How do we test Azure Functions locally?
Azure Functions Core Tools lets you develop, manage, and deploy Azure Functions projects from your local computer.