【Azure App Service 】App

语言 Chinese, Simplified

SEO Title

Azure App Service - App Service Environment v3 and App Service public multitenant comparison

Hosting(托管)

Feature	App Service Environment v3	App Service public multitenant
Hosting environment	Fully isolated and dedicated compute	Shared environment. Workers running your apps are dedicated, but the supporting infrastructure is shared with other customers.
Hardware	Virtual Machine Scale Sets	Virtual Machine Scale Sets
Available SKUs	Isolated v2	Free, Basic, Standard, Premium v2, Premium v3
Dedicated host group	Available	No
Remote file storage	Fully dedicated to the App Service Environment	Remote file storage for the application is dedicated, but the storage is hosted on a shared file server
Private inbound configuration	Yes, using ILB App Service Environment variation	Yes, via private endpoint
Planned maintenance	Manual upgrade preference is available	The platform handles maintenance
Aggregate remote file share storage limit	1 TB for all apps in an App Service Environment v3	250 GB for all apps in a single App Service plan. 500 GB for all apps across all App Service plans in a single resource group.

缩放比例

App Service Environment v3和公共多租户产品都在虚拟机规模集上运行，这意味着这两种产品都受益于规模集提供的功能。然而，App Service Environment v3是一个专用环境，这意味着即使它可以扩展到比公共多租户产品更多的实例，但扩展到多个实例的速度也可能比公共多订阅者产品慢。

Feature	App Service Environment v3	App Service public multitenant
Maximum instance count	100 instances per App Service plan. Maximum of 200 instances across all plans in a single App Service Environment v3.	30 instances per App Service plan. This limit is a hard limit that can't be raised.
Scaling speed	Slower scaling times due to the dedicated nature of the environment	Faster scaling times due to the shared nature of the environment

证书和域

Feature	App Service Environment v3	App Service public multitenant
Custom domains	A custom domain suffix can be added to the App Service Environment and all apps inherit the domain suffix. Custom domains can also be added directly to the apps.	Custom domains can be added directly to the apps.
Custom domain on private DNS (no domain verification required)	Yes, on an Internal Load Balancer (ILB) App Service Environment	No, the custom domain needs to resolve via public DNS
Inbound TLS	Yes, you can manage SSL certificates directly within the environment, including the ability to upload and bind custom SSL certificates	Yes, you can bring your own certificate or use a certificate provided by Azure
Inbound TLS using certificates issues by private certificate authority (CA)	Supported	No
Outbound calls using client certificates issues by private CA	Supported only from custom code in Windows code-based apps. You can load your own root CA certificate into the trusted root store.	Not supported for source-code based deployments. Supported if deploying using either Windows containers or Linux containers (you can install arbitrary dependencies including private CA issued client certificates inside of a custom container for both platform variants).
App Service Managed Certificates	No	Supported
Certificates shared across apps	Yes	No, you must upload the certificate to every app
Public certificate limit	1,000 public certificates per App Service Plan	1,000 public certificates per App Service Plan
End to end TLS encryption for inbound calls	Supported	Supported in preview for Linux, not supported on Windows
Change TLS cipher suite order	Supported	Supported with min TLS cipher suite feature

Networking

Feature	App Service Environment v3	App Service public multitenant
Virtual network integration	Yes, App Service Environment v3 is deployed into a subnet in your virtual network by default	Supported, must be explicitly enabled
Private endpoint support	Yes, must be explicitly enabled on the App Service Environment	Yes, must be explicitly enabled
IP access restrictions for inbound traffic	Yes, must be explicitly enabled	Yes, must be explicitly enabled
Network security group (NSG) integration	Supports inbound and outbound traffic control	Can use NSG for inbound traffic control using the subnet that sourced the IP of a private endpoint (Note: requires private endpoints). Supports outbound network restrictions with NSG on the virtual network integration subnet.
UDR integration	Supports outbound traffic routing, must be explicitly enabled	Supports outbound traffic routing, must be explicitly enabled
Route outbound traffic over virtual network	Yes, all apps are in the same subnet and all outbound traffic is routed through the virtual network by default	Supported
Block inbound traffic to App Service functionality hosted on non-HTTP ports	Supported, NSG can be used to block inbound traffic to non-HTTP ports	Not supported. In some cases (FTP and remote debugging), functionality can be explicitly disabled on a per-application basis. However, inbound network traffic can't be blocked using NSGs since the underlying App Service platform hosting infrastructure owns the listed ports.
Pull Docker containers over virtual network	Supported, uses the App Service Environment's subnet	Supported
Azure Functions storage account access over virtual network	Supported, uses the App Service Environment's subnet	Supported
Backup/restore over a virtual network	Supported, uses the App Service Environment's subnet	Supported
Maximum outbound TCP/IP connections per virtual machine instance	16,000	1,920 per P1V3 instance. 3,968 per P2V3 instance. 8,064 per P3V3 instance
Maximum SNAT ports per virtual machine instance	Dynamic: 256 - 1,024 depending on total instance count	128 per instance

定价

由于基础设施的专用性，App Service Environment v3往往比公共多租户产品更昂贵。对于这两种产品，您只需为您使用的资源付费。这两种产品都有预留实例和储蓄计划，以节省长期承诺的资金。

Feature	App Service Environment v3	App Service public multitenant
Pricing	Pay per instance	Pay per instance
Reserved instances	Available	Available
Savings plans	Available	Available
Availability zone pricing	There's a minimum charge of 18 cores. There's no added charge for availability zone support if you have 18 or more cores across your App Service plan instances. If you have fewer than 18 cores across your App Service plans in the zone redundant App Service Environment, the difference between 18 cores and the sum of the cores from the running instance count is charged as Windows I1v2 instances.	Three instance minimum enforced per App Service plan.

常见问题解答

我怎么知道哪种产品适合我？
我可以同时使用App Service Environment v3和公共多租户产品吗？
我可以从公共多租户产品迁移到App Service Environment v3吗？
我可以将App Service Environment v3用于我的开发和测试环境吗？
如何开始使用App Service Environment v3？
我如何开始使用App Service公共多租户产品？

我怎么知道哪种产品适合我？

在App Service Environment v3和公共多租户产品之间做出选择取决于您的具体要求。在决定这两种产品时，有几个关键因素需要考虑。以下是一些常见的场景，可以帮助您决定哪种产品适合您。

如果你需要一个完全隔离和专用的环境来运行你的应用程序，那么App Service environment v3是你的正确选择。如果您不需要完全隔离的环境，并且可以与其他客户共享支持基础设施，那么公共多租户服务是您的正确选择。

如果您需要近乎即时的扩展时间，那么公共多租户产品是您的正确选择。如果你需要扩展到30个以上的实例，那么App Service Environment v3是你的正确选择。

如果您需要使用由私有CA颁发的客户端证书，那么App Service Environment v3是您的正确选择。如果您需要使用由私有CA颁发的客户端证书，并且您正在使用Windows容器或Linux容器进行部署，那么公共多租户产品也是可能的。

如果你想简化你的网络配置，并将所有应用程序都放在同一个子网中，那么App Service Environment v3是你的正确选择。如果你想使用虚拟网络集成、专用端点或IP访问限制，那么这两种产品都适合你，但你需要为公共多租户产品在每个应用程序的基础上启用这些功能。

我可以同时使用App Service Environment v3和公共多租户产品吗？

是的，您可以同时使用App Service Environment v3和公共多租户产品。您可以将App Service Environment v3用于需要完全隔离和专用环境的最关键的应用程序。您可以为不需要完全隔离环境的应用程序使用公共多租户产品。

我可以从公共多租户产品迁移到App Service Environment v3吗？

是的，您可以从公共多租户产品迁移到App Service Environment v3，反之亦然。您可以使用备份和还原功能迁移您的应用程序。

我可以将App Service Environment v3用于我的开发和测试环境吗？

是的，您可以将App Service Environment v3用于您的开发和测试环境。但是，请记住，App Service Environment v3比公共多租户产品更昂贵，因此您可能希望在开发和测试环境中使用公共多租户服务来节省资金。

如何开始使用App Service Environment v3？

要开始使用App Service Environment v3，请参阅Azure App Service着陆区加速器。

我如何开始使用App Service公共多租户产品？

要开始使用应用服务公共多租户产品，请参阅Azure应用服务入门。

本文地址

https://architect.pub/azure-app-service-app-service-environment-v3-and-app-service-public-multitenant-comparison

登录发表评论
2 次浏览

发布日期

星期一, 九月 16, 2024 - 08:30

最后修改

星期一, 九月 16, 2024 - 08:34

热门内容

今日:

总体:

最近浏览：