DEV_NET_CORE
GET_STARTED
AzureDelivery, infrastructure as code, scaling, and cost control

Deployment slots, rollout safety, autoscaling, availability zones, and cost-aware tiering

Overview

Production delivery is not only about pushing code. It is about reducing risk while maintaining reliability and cost control. Azure provides platform features such as App Service deployment slots, autoscale, availability zones, health checks, monitoring, and tier choices that help teams release safely and operate efficiently.

This topic connects several interview-critical ideas:

  • Deployment slots reduce downtime and enable safer App Service rollouts.
  • Rollout safety uses staging, validation, canaries, health checks, and rollback plans.
  • Autoscaling adjusts capacity based on load or schedule.
  • Availability zones improve resilience to datacenter or zone failures.
  • Cost-aware tiering balances performance, reliability, and spend across environments.

Strong candidates can explain trade-offs rather than reciting features. Slots do not fix bad migrations. Autoscale does not replace load testing. Availability zones do not make every dependency resilient. Cost optimization does not mean choosing the cheapest tier blindly.

Core Concepts

Deployment Slots

Azure App Service deployment slots are live apps with their own host names. They are available in supported App Service plan tiers such as Standard, Premium, and Isolated.

Common slots:

Code
production
staging
preview

A typical flow:

  1. Deploy new code to staging.
  2. Warm up staging.
  3. Run smoke tests.
  4. Swap staging into production.
  5. Monitor production.
  6. Swap back if the release is bad.

Slots reduce cold starts and deployment downtime by preparing the new version before it receives production traffic.

Slot Swap

A slot swap exchanges content and selected configuration between slots. Production should usually be the target slot so production remains online while the source slot is prepared.

Benefits:

  • Warm-up before production traffic.
  • Faster rollback by swapping back.
  • Validation before exposure.
  • Reduced deployment downtime.

Slot swaps still require application-level safety. Long-running operations can be interrupted when workers recycle, and database changes may not be reversible by swapping slots.

Slot-Specific Settings

Some settings should stay with the slot rather than move with the code.

Examples:

  • Production connection strings.
  • App settings for environment name.
  • Managed identity configuration.
  • Networking and private endpoint configuration.
  • Diagnostic settings.
  • Custom domains and TLS settings.

Mark environment-specific app settings or connection strings as slot settings. A staging app should not accidentally swap its test connection string into production or inherit production-only settings unexpectedly.

Swap with Preview

Swap with preview applies target slot configuration to the source slot and pauses before final swap. This allows validation under production-like settings before traffic moves.

Use preview when:

  • Configuration differences are meaningful.
  • The app needs warm-up with production settings.
  • The release is high risk.
  • You need one final validation before production traffic.

Understand platform limitations before making preview swap part of the release process.

Rollback with Slots

After a bad swap, the previous production version is in the other slot. Swapping back can restore the prior app version quickly.

But slot rollback does not automatically roll back:

  • Database schema changes.
  • External side effects.
  • Queue messages already processed.
  • Data migrations.
  • Third-party configuration changes.
  • Feature flags stored elsewhere.

Design releases so the old and new app can both run against the database during rollout.

Rollout Safety

Rollout safety is the set of controls that reduce the blast radius of a release.

Useful controls:

  • Small changes.
  • Automated tests.
  • Staging deployment.
  • Smoke tests.
  • Health checks.
  • Slot swaps.
  • Feature flags.
  • Canary traffic.
  • Progressive exposure.
  • Fast rollback.
  • Deployment monitoring.

The best rollout strategy depends on workload risk and platform capabilities.

Canary Deployment

A canary exposes a new version to a small percentage of users or traffic before full rollout.

Use canaries when:

  • User impact must be limited.
  • Real traffic is needed to validate behavior.
  • The platform supports traffic splitting.
  • Telemetry can compare old and new versions.

Canaries require clear success metrics. Without telemetry, a canary is just a slower deployment.

Blue-Green Deployment

Blue-green deployment keeps two production-capable environments. One serves live traffic while the other receives the new release. Traffic shifts when the new environment passes validation.

Benefits:

  • Fast switch.
  • Clear rollback path.
  • Strong isolation.

Trade-offs:

  • Higher cost.
  • More infrastructure to manage.
  • Data compatibility is still difficult.

Deployment slots are a lightweight blue-green-like pattern for App Service.

Feature Flags

Feature flags decouple deployment from release. Code can be deployed disabled and enabled gradually.

Good uses:

  • Gradual rollout.
  • Kill switch for risky behavior.
  • Per-tenant or internal preview.
  • Coordinating frontend and backend changes.

Risks:

  • Long-lived flags create complexity.
  • Flag state must be observable.
  • Permission and targeting mistakes can expose features.
  • Flags do not replace testing.

Health Checks

Health checks should verify whether the app can serve traffic, not just whether the process is running.

Useful checks:

  • App startup.
  • Critical dependency reachability.
  • Database connectivity.
  • Configuration validity.
  • Background queue health.
  • Version and build metadata.

Health checks should be fast and safe. Do not make every health check perform expensive or mutating work.

Autoscale

Azure Monitor autoscale automatically changes the number of resource instances based on metric rules or schedules.

Common scale signals:

  • CPU percentage.
  • Memory usage.
  • Request count.
  • Queue length.
  • Thread count.
  • Custom application metrics.
  • Time of day or recurring business schedule.

Autoscale is horizontal scaling. It adds or removes instances. It does not vertically change the size of one instance.

Autoscale Rules

Autoscale settings include profiles, rules, schedules, notifications, and capacity limits.

Example thinking:

Code
Minimum instances: 2
Default instances: 2
Maximum instances: 10
Scale out: CPU > 70% for 10 minutes, add 2
Scale in: CPU < 40% for 20 minutes, remove 1

Use different scale-out and scale-in thresholds to avoid flapping.

Scale-Out and Scale-In Logic

When multiple rules exist, autoscale commonly treats scale-out and scale-in differently:

  • Scale out if any scale-out rule is met.
  • Scale in only when all scale-in rules allow it.

This protects availability. It is usually safer to add capacity quickly and remove it carefully.

Scheduled Scaling

Use scheduled rules when load is predictable:

  • Business opening hours.
  • Batch processing windows.
  • Marketing events.
  • Known reporting jobs.
  • Weekday versus weekend traffic.

Scheduled scaling can add capacity before demand arrives, avoiding cold reaction time.

Autoscale Limits

Autoscale cannot fix everything.

It cannot:

  • Make stateful code safe.
  • Fix slow database queries.
  • Create capacity beyond quota.
  • Scale downstream dependencies.
  • Handle cold-start-sensitive workloads without planning.
  • Replace load testing.

Autoscale should be paired with backpressure, caching, queue-based load leveling, and dependency capacity planning.

Availability Zones

Availability zones are physically separate datacenter groupings within a supported Azure region. Each zone has independent power, cooling, and networking.

Zone patterns:

  • Zone-redundant service: Azure distributes or replicates the service across zones.
  • Zonal resource: You choose one zone for the resource.
  • Multi-zone architecture: You deploy separate resources across zones and handle traffic/failover.

Zone support depends on service, region, SKU, and configuration.

Zone-Redundant Versus Zonal

Zone-redundant resources are designed to keep serving when one zone fails. Azure often handles distribution or failover.

Zonal resources are pinned to one zone. They can reduce latency or isolate workloads, but they do not automatically survive that zone failing. To make zonal resources resilient, deploy across multiple zones and design failover.

Interview answer shortcut:

Code
Zone redundant = resilience managed by the service.
Zonal = placement controlled by you, resilience designed by you.

Availability Zones and Cost

Zone resilience can increase cost through:

  • More instances.
  • Zone-redundant SKUs.
  • Cross-zone data transfer.
  • Extra load balancing.
  • More monitoring and testing.

The trade-off is often worth it for production critical systems, but not always for dev or low-impact workloads.

Cost-Aware Tiering

Cost-aware tiering means choosing service tiers based on workload requirements instead of reflexively choosing the cheapest or most expensive option.

Consider:

  • Availability requirements.
  • Performance requirements.
  • Scaling requirements.
  • Zone support.
  • Deployment slots.
  • Backup and retention.
  • Data size and access pattern.
  • Support for private networking.
  • Compliance requirements.
  • Nonproduction cost controls.

Cost optimization is an ongoing practice, not a one-time SKU choice.

Environment Tiering

Dev, test, staging, and production do not always need the same capacity.

Example:

EnvironmentTypical priority
DevLow cost, fast iteration
TestRepresentative behavior, moderate cost
StagingProduction-like validation
ProductionReliability, scale, security, supportability

Staging should be production-like enough to catch release problems. Dev should not pay for production-grade capacity unless required.

Cost Guardrails

Cost guardrails include:

  • Budgets.
  • Alerts.
  • Tags for cost attribution.
  • SKU policies.
  • Autoscale maximums.
  • Scheduled shutdown for nonproduction.
  • Right-sizing reviews.
  • Reserved capacity or savings plans where appropriate.
  • Removing unused resources.
  • Storage lifecycle policies.

Guardrails help teams move quickly without surprise bills.

Common Mistakes

  • Deploying directly to production without a staging slot.
  • Swapping slots without understanding slot-specific settings.
  • Assuming slot rollback fixes database changes.
  • Autoscaling only on CPU when queue length is the real bottleneck.
  • Setting scale-in too aggressively.
  • Ignoring downstream dependency capacity.
  • Enabling zones without understanding service-specific requirements.
  • Using production SKUs in every environment.
  • Choosing cheapest tiers that lack needed slots, zones, or scale.
  • Not monitoring cost after deployment.

Best Practices

  • Use slots or controlled rollout for user-facing apps.
  • Warm up and smoke test before production traffic.
  • Keep database changes backward compatible.
  • Use feature flags for risky behavior changes.
  • Define health checks that represent real readiness.
  • Scale on metrics tied to bottlenecks.
  • Set min, max, and default capacity deliberately.
  • Design for zones only after confirming service support.
  • Choose tiers based on reliability, performance, and cost needs.
  • Use budgets, tags, and cost alerts.

Interview Practice

Beginner4 questions

Beginner Interview Practice

Practice the beginner questions for this topic.

Intermediate4 questions

Intermediate Interview Practice

Practice the intermediate questions for this topic.

Advanced4 questions

Advanced Interview Practice

Practice the advanced questions for this topic.

PreviousBicep fundamentals, modules, and reusable environment definitionsNext UpGitHub Actions or Azure DevOps for build, test, deploy, and infrastructure steps