# TaskFlow — Cloud Deployment (sk1) > A task management web application deployed on Microsoft Azure. > Live at: **https://taskflow-14802.azurewebsites.net** --- ## 1. What the Application Does TaskFlow is a simple web-based task manager for individuals or small teams. Users can: - **Create** tasks with a title and optional description - **Advance** tasks through three stages: `To Do → In Progress → Done` - **Delete** tasks they no longer need All data is stored in a managed PostgreSQL database and persists across restarts and redeployments. --- ## 2. Public Cloud and Infrastructure Description ### Cloud Provider **Microsoft Azure** — Azure for Students subscription. ### Azure Services Used | Service | Purpose | |---|---| | **Azure Container Registry (ACR)** — Basic | Stores the Docker image for the Flask app | | **Azure App Service Plan** — Linux B1 | Managed hosting platform for the container | | **Azure Web App** (container) | Runs the Flask app with built-in HTTPS and auto-restart | | **Azure Database for PostgreSQL Flexible Server** — Burstable B1ms | Managed PostgreSQL 15 database with persistent storage | ### Components | Component | Type | Role | |---|---|---| | `taskflow-web` | Docker container on App Service | Python 3.11 / Flask app served by Gunicorn | | `postgres` | Azure managed database | PostgreSQL 15 — stores all tasks | | `taskflow-registry` | Azure Container Registry | Private Docker image registry | ### How Traffic Flows ``` Browser (HTTPS) → Azure App Service (built-in TLS, azurewebsites.net cert) → Flask container (Gunicorn :5000) → Azure PostgreSQL Flexible Server (:5432, SSL required) → Managed persistent storage (Azure-managed disk) ``` ### HTTPS / TLS Azure App Service provides a **free, automatic, browser-trusted TLS certificate** for all `*.azurewebsites.net` domains. HTTPS-only mode is enforced — HTTP requests are automatically redirected to HTTPS. ### Persistent Storage Data is stored in **Azure Database for PostgreSQL Flexible Server**. This is a fully managed service — Azure handles backups, high availability, and storage automatically. Data persists independently of the application container. ### Automatic Restart Azure App Service automatically restarts the container if it crashes or exits. The platform monitors the `/health` endpoint and restarts unhealthy instances without manual intervention. ### Configuration All secrets (database host, user, password) are stored as **App Service Application Settings** — Azure's equivalent of environment variables. They are injected into the container at runtime and never stored in code or GIT. --- ## 3. Cost Analysis — 1,000 Users/Day, 50 GB Data (Azure, 1 Year) | Resource | Specification | Unit Price | Billing | Annual Cost | |---|---|---|---|---| | App Service Plan | Linux B1 (1 vCPU, 1.75 GB RAM) | ~$13.14/month | Monthly | **~$157.68** | | PostgreSQL Flexible Server | Burstable B1ms (1 vCPU, 2 GB) | ~$12.41/month | Monthly | **~$148.92** | | PostgreSQL Storage | 50 GB | ~$5.76/month | Monthly | **~$69.12** | | Azure Container Registry | Basic tier | ~$5.00/month | Monthly | **~$60.00** | | Outbound bandwidth | First 100 GB free, ~60 GB/month at 1k users | $0 | Per GB | **~$0** | | HTTPS certificate | Free (azurewebsites.net) | $0 | — | **$0** | | **Total** | | | | **≈ $435.72 / year** | > For the exam demo period the actual cost is ~$35/month (B1 plan + B1ms PostgreSQL). Delete resources after the exam with `remove-app.sh` to stop billing. --- ## 4. Uploaded Files and Their Content ``` sk1/ ├── app/ │ ├── app.py Flask app — routes, DB connection, Kanban UI, /health endpoint │ ├── Dockerfile Builds taskflow-web image (Python 3.11, Gunicorn, non-root) │ └── requirements.txt Python deps: flask, gunicorn, psycopg2-binary ├── db/ │ └── init.sql SQL schema — tasks table, trigger, sample data ├── setup.sh Full deployment — writes files, creates all Azure resources ├── prepare-app.sh Rebuilds and redeploys container after code changes ├── remove-app.sh Deletes entire Azure resource group ├── backup.sh pg_dump backup and restore via psql ├── .env.example Template for required environment variables (no secrets) ├── .gitignore Excludes .env and backups from GIT └── README.md This file ``` --- ## 5. Configuration Description ### Secrets and Environment Variables Secrets are stored as **Azure App Service Application Settings** — never in GIT. | Variable | Where stored | Used by | |---|---|---| | `POSTGRES_HOST` | App Service settings | Flask app | | `POSTGRES_USER` | App Service settings | Flask app | | `POSTGRES_PASSWORD` | App Service settings | Flask app | | `POSTGRES_DB` | App Service settings | Flask app | | `POSTGRES_PORT` | App Service settings | Flask app | | `FLASK_ENV` | App Service settings | Gunicorn | | `WEBSITES_PORT` | App Service settings | Azure (tells it app runs on 5000) | | `DB_PASSWORD` | Shell env var at deploy time | `setup.sh` only, not stored | A local `.env` file is written during deployment for use by `backup.sh`. It is excluded from GIT by `.gitignore`. --- ## 6. How to View and Use the Application ### Prerequisites - Azure CLI installed and `az login` completed - Docker installed and running - `psql` installed (for backup/restore and schema init) - `DB_PASSWORD` environment variable set ### Deploy (first time — creates all Azure resources) ```bash export DB_PASSWORD="YourStrongPassword123!" chmod +x setup.sh && ./setup.sh ``` Takes approximately **5–8 minutes**. ### Open in Browser ``` https://taskflow-14802.azurewebsites.net ``` ### Redeploy after code changes ```bash ./prepare-app.sh ``` ### Remove all Azure resources ```bash ./remove-app.sh ``` --- ## 7. How to Perform a Data Backup Install psql if needed: `sudo apt install postgresql-client` ```bash # Create a timestamped backup source .env && ./backup.sh # List backups ls -lh backups/ # Restore source .env && ./backup.sh --restore backups/taskflow-20250601-120000.sql ``` --- ## 8. How to View Access Logs from the Internet Azure App Service logs all HTTP requests. View them via Azure CLI: ```bash # Stream live access logs (all internet requests to the app) az webapp log tail --resource-group taskflow-rg --name taskflow-14802 # Enable detailed logging first if needed az webapp log config --resource-group taskflow-rg --name taskflow-14802 --application-logging filesystem --web-server-logging filesystem --level information # Download logs as zip az webapp log download --resource-group taskflow-rg --name taskflow-14802 ``` Each log entry contains: timestamp, client IP, HTTP method, path, status code, response time. --- ## 9. Conditions for Running prepare-app.sh and remove-app.sh ### prepare-app.sh - Azure CLI installed and `az login` completed - Docker installed and running - `.env` file must exist in the same directory (created by `setup.sh`) - ACR name and App name are hardcoded from the initial deployment — re-run `setup.sh` to create fresh resources ### remove-app.sh - Azure CLI installed and `az login` completed - Resource group `taskflow-rg` must exist - Prompts for confirmation before deleting - All data will be lost unless `backup.sh` was run first --- ## 10. External Resources and Use of Generative AI ### External Resources | Resource | Type | How Used | |---|---|---| | [Azure App Service Documentation](https://learn.microsoft.com/en-us/azure/app-service/) | Official docs | Web app creation, container config, app settings, logging | | [Azure PostgreSQL Flexible Server](https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/) | Official docs | Server creation, firewall, connection strings | | [Azure Container Registry](https://learn.microsoft.com/en-us/azure/container-registry/) | Official docs | Image push, admin credentials | | [Flask Documentation](https://flask.palletsprojects.com/) | Official docs | Routing, templates | | [PostgreSQL pg_dump](https://www.postgresql.org/docs/current/app-pgdump.html) | Official docs | Backup commands | | [Azure Pricing Calculator](https://azure.microsoft.com/pricing/calculator/) | Tool | Cost analysis | | Course lectures (azure, certbot, compose) | Lecture slides | Architecture, PaaS concepts, IaaS vs PaaS | ### Generative AI Usage **Tool:** Claude by Anthropic (claude.ai) **Type:** Productivity assistance — Azure CLI commands, shell scripts, Dockerfile, Flask app, README. **Method:** Student described requirements, reviewed all output, verified understanding before submission. All architectural decisions directed by the student. AI accelerated writing; understanding was the student's own.